Many data breaches start with a compromised account from one of a company’s employees. Jérôme Berloty and Benjamin Netter decided to build a product based on that fact and launched Riot in 2020. ‍ Based in Paris, France, Riot combines learning modules and phishing simulations to raise cyber awareness and solve compliance needs. The courses are chat-based, five minutes long, and immersive and interactive, making learning more entertaining. ‍

Today we’re thrilled to announce that Vanta’s Role-Based Access Control (RBAC) functionality has gotten even stronger with new capabilities, including: ‍ ‍ These expanded RBAC capabilities are now generally available and demonstrate Vanta’s continued commitment to supporting the needs of larger, more advanced organizations through additional customization and flexibility across our platform. ‍

This post is part of an ongoing series where you’ll hear directly from Vanta’s own Security, Enterprise Engineering, and Privacy, Risk, & Compliance Teams to learn about the team’s approach to keeping Vanta—and most importantly, our customers—secure. In today’s post, you’ll hear from Rob Picard, who leads Vanta’s Security team, and Matt Cooper, who leads Vanta’s Privacy, Risk, & Compliance team. ‍

In this series, you’ll hear directly from Vanta’s own Security, Enterprise Engineering, and Privacy, Risk, & Compliance Teams to learn about the teams’ approaches to keeping the Vanta organization secure. We’ll also share some guidance for teams of all sizes — whether you’re just getting started or looking to uplevel your operations.

The way we do business continues to evolve, and with that, the requirements to remain compliant continue to evolve as well. PCI-DSS is no exception — as of March 2024, PCI-DSS 4.0 will introduce some significant changes. These differences are largely minor but could be very impactful for organizations depending on how they previously approached PCI-DSS 3.2.1.

The month of August was a busy month at Vanta — we shipped Access Reviews schedules, 35 new integrations and new integration capabilities, Improvements to Vendor Risk Management, and more. ‍ ‍

AI is one of the hottest topics in tech right now. More than half of consumers have already tried generative AI tools like ChatGPT or DALL-E. According to a Gartner poll, 70% of executives say their business is investigating and exploring how they can use generative AI, while 19% are in pilot or production mode. Business use cases for AI range from enhancing the customer experience (38%), revenue growth (26%), and cost optimization (17%).

‍Security is at the heart of what we do at Vanta—helping our customers improve their security and compliance posture starts with our own. Our team’s mission is to ensure that Vanta is a trusted and trustworthy steward of customer data. ‍ At Vanta, we believe that nurturing and scaling our security culture is one of the most powerful ways to achieve our mission. We define security culture as the norms, behaviors, and attitudes around security.

In this series, you’ll hear directly from Vanta’s own Security, Enterprise Engineering, and Privacy, Risk, & Compliance Teams to learn about the team’s approach to keeping Vanta secure. We’ll also share some guidance for teams of all sizes — whether you’re just getting started or looking to uplevel your operations.

In July, we released Private Integrations which allow you to connect any app to Vanta, plus 30 new integrations, additional customization for pre-built Vanta content, and more: ‍ ‍ ‍