Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Using Vanta and AWS for secrets management and encryption

This blog is part of a series about how to use Vanta and AWS to simplify your organization’s cloud security. To learn more about how to use Vanta and AWS, watch our Coffee and Compliance on-demand webinar. ‍ Amazon Web Services, or AWS, is one of the most popular cloud providers for organizations today — providing one of the most flexible and secure cloud environments available.

Automate more of your compliance program with custom tests

Today, we’re launching multiple customization improvements to Vanta’s automated test capabilities, previously announced at VantaCon in December. With Custom Tests, you now have the ability to adjust Vanta’s pre-built tests as well as create new tests from scratch with new logic. ‍ Custom Tests empower you to gather evidence across your systems and use Vanta’s automation to continuously monitor and alert you when items fall out of compliance.

What is a trust center? And how to use it to demonstrate trust

As your organization grows the demands on the security team increase. Many of these new demands come from prospects and customers doing their due diligence about the security measures your business has in place. Your team is then left struggling to balance a growing number of security questionnaires and customer requests while managing your everyday responsibilities.

Celebrating new milestones plus enterprise-ready features and more AI capabilities

Today we’re excited to share several milestones as we continue on our mission to secure the internet and protect consumer data. ‍ ‍ ‍ ‍ And we’re just getting started. ‍ As we continue to reimagine GRC tools for the future of trust, we’ve built enterprise-ready features and rolled out additional Vanta AI capabilities along with support for the NIST AI Risk Management Framework. ‍ ‍

Introducing AI Data Import for Access Reviews

Conducting regular user access reviews is an effective way to make sure your organization is securing access to critical systems and third-party vendors. Frameworks like SOC 2 and ISO 27001 even require proof of regular access reviews to demonstrate compliance. ‍ Without automation, access reviews are tedious and time-consuming, requiring IT and security teams to manually record user access information in a spreadsheet and take countless screenshots of access permissions screens. ‍

Introducing NIST AI RMF: Monitor and mitigate AI risk

The pace and complexity of AI technologies is increasing every day. In this rapidly changing environment, it’s critical for companies to adopt a rigorous approach to safely and responsibly incorporating AI into their products and processes. ‍ That’s why we’re excited to announce that the NIST AI Risk Management Framework (RMF) is now available in beta.

How to automate your technical vulnerability management with Aikido and Vanta

Technical vulnerabilities are areas of weakness in your source code or infrastructure that attackers could potentially exploit. It’s important for your business to address its technical vulnerabilities to protect itself from these types of threats, in addition to gaining or maintaining compliance with SOC 2 and ISO 27001. ‍ For many of these standards, you’re required to have vulnerability scanners running to ensure you’re continuously monitoring for new threats.

Understanding configuration management with Vanta and AWS

This blog is part of a series about how to use Vanta and AWS to simplify your organization’s cloud security. To learn more about how to use Vanta and AWS, watch our Coffee and Compliance on-demand webinar. ‍ Amazon Web Services, or AWS, is one of the most popular cloud providers for organizations today — providing one of the most flexible and secure cloud environments available.