Shine a Light on Shadow IT: Vanta Launches Category-First Vendor Risk Management Solution

Shine a Light on Shadow IT: Vanta Launches Category-First Vendor Risk Management Solution

SAN FRANCISCO—May 3, 2023—Vanta, the leading trust management platform, announced today the launch of its Vendor Risk Management (VRM) solution, enabling organizations to accelerate, automate and simplify third-party vendor security reviews and due diligence. Featuring vendor auto-discovery and continuous vendor assessment and remediation workflows, Vanta's VRM offering significantly reduces the time and costs for security experts and novices alike to review, manage and report on third-party vendor risk.

The Era of App Overload

Application proliferation is on the rise as organizations grapple with uncovering and securing hundreds of apps being used by employees every day. With 53% of enterprise applications unmanaged and shadow IT accounting for over half the SaaS applications in a company's portfolio, security and IT teams are fighting a never-ending battle of app overload. At the same time, third party vendors have emerged as a leading attack vector for hackers, with the period for discovering and containing a data breach averaging 280 days — nearly an entire year. 

Compounding the pain for security teams is the status quo of ensuring third-party vendors are secure and properly protecting sensitive data are cumbersome, costly and time consuming.

"Between never-ending app sprawl and an increasing number of access points, organizations are only as secure as their weakest link," said Christina Cacioppo, CEO, Vanta. "With Vanta's VRM solution, security teams can significantly reduce vendor risk by quickly inventorying vendors, performing security reviews, and remediating issues — all in the same platform they use for security and compliance today."

A Single Platform for Vendor Risk Management 

Unlike other products that serve as siloed point solutions for security reviews or third-party risk assessment, Vanta is the only trust management platform that enables the whole process of vendor management, from discovery to reviews to remediation, in one place.This simplicity earned Vanta the #1 Easiest to Use Vendor Management Software by G2 users for Spring 2023. 

With Vanta's VRM solution, reviews are reduced from days and weeks to mere hours, with cost savings of over 90%. When combined with Vanta's newly enhanced Access Reviews, security teams can ensure that only the right users have access to crucial systems, with the appropriate permissions. The result is a single platform that:

  • Automatically discovers all vendors being used by employees
  • Prioritizes vendor reviews based on risk levels assigned by a customizable risk rubric
  • Simplifies requesting security reviews via integrations with procurement systems
  • Streamlines vendor security assessments with automated workflows to review vendor questionnaires, track compliance reports, and periodic reminders to request updated reports
  • Optimizes vendor spend by identifying vendor redundancies and reduces license costs by revoking employees that don't need access

"It used to take us 100 hours per vendor to perform a security review, a process my team has to repeat across more than 50 vendors annually," said George Uzzle, Chief Information Security Officer, Vibrent Health. "Vanta's Vendor Risk Management solution allows us to reduce this to only a few hours a week for each vendor, freeing up time to focus on more strategic security objectives."

Transforming the Future of Trust with Automation 

Today's launch is the latest demonstration of Vanta's trust management platform's end-to-end capabilities. From enabling customers to evaluate security in the buying process with VRM, to helping them close their own deals faster with the recently introduced Questionnaire Automation, Vanta closes the loop on the security lifecycle. 

Questionnaire Automation utilizes the fastest and most accurate automation technology to help organizations quickly respond to security questionnaires and effectively communicate their security and compliance posture to customers and prospects. 

By automating the traditionally manual process of answering security questionnaires, Vanta enables companies to save time and resources while increasing response accuracy and completeness.

With Questionnaire Automation, teams can:

  • Build and manage a library of accurate, up-to-date questionnaire answers by uploading previously completed questionnaires
  • Complete questionnaires in web-based spreadsheets and forms, or answer one-off questions with the Browser Extension
  • Take a first pass at entire security questionnaires in a single click with questionnaire auto-complete functionality 

"Vanta pioneered the automated compliance category. With the launch of Questionnaire Automation, we're continuing our industry-leading approach to helping companies automate the mundane, manual tasks so their security teams can focus on their most important, strategic initiatives," said Cacioppo. "As the all-in-one platform for everything from Automated Questionnaires to VRM to Access Reviews, Vanta serves as the single source of truth for businesses of all sizes to build the essential security practices needed to demonstrate compliance, stay secure, and deepen trust with customers, partners, and vendors."

To learn more about Vanta's latest offerings, visit: 

About Vanta

Vanta is the leading trust management platform that helps simplify and centralize security for organizations of all sizes. Over 5,000 companies including Autodesk, Chili Piper, Flo Health and Quora rely on Vanta to build, maintain and demonstrate their trust—all in a way that's real-time and transparent. Founded in 2018, Vanta has customers in 58 countries with offices in Dublin, New York, San Francisco and Sydney. For more information, visit