Vanta's key features include automation saving time, continuous compliance monitoring, prebuilt control frameworks, task management, vendor assurance, and real-time API integration. It provides remediation guidance, enhances compliance scores, offers document control, and supports corporate risk analysis. Users benefit from automated testing of controls and access management. Vanta eases compliance in healthcare and integrates well into internal environments, aiding data integrity and streamlining assessments like HITRUST R2.
- "Vanta has positively impacted my organization by streamlining the whole HITRUST R2 assessment process."
- "Vanta's integrations and automated tests have streamlined our SOC 2 compliance and provided a single entry point for addressing risks and failed tests."
- "Vanta provides a necessary repository that any compliance expert will look at and recognize right away."
Vanta's user access module is still in progress, and improvement is needed in the platform's scalability and user interface refresh rate. Automated tests occasionally malfunction. Permissions require more detail, and the RBAC feature could be enhanced. Policy control lacks efficient revision management. Detailed descriptions in the AI-generated system need better contextual insight. Failed tests for CVEs are cumulative, challenging resolution. HITRUST CSF integration for R2 assessments requires enhancement.
- "I would tell others looking into using Vanta to use it for HITRUST E1 and I1 assessments, as the R2 assessments are still a work in progress."
- "Failed tests for device CVEs seem to be cumulative, meaning I have to clear all CVEs before the test will pass, which makes it difficult to resolve the test before the next round of CVEs are published."
- "There are connection problems about 50% of the time because of the automated evidence collection."
