Vanta’s integrations are built on the principle of least privilege, using secure, read-only permissions to collect only the configuration and metadata necessary to verify compliance. This means Vanta can check if your systems meet security standards, like confirming that a storage bucket is encrypted or that MFA is enforced without ever accessing or storing the sensitive data inside. Each connection is authenticated via encrypted credentials or OAuth, ensuring your information remains protected while enabling continuous, automated evidence collection that powers real-time compliance.
Identifying Vanta's Access Permissions
Every integration built by Vanta will state the access Vanta will require to make the connection.
To view this information select the Integrations page from the left-hand navigational panel.
From the Available tab select View Details on the specific integration.
From here, you van view exactly the permissions Vanta has.
Additionally, you have access into
What this specific integration will automate (tests, controls)
Resources required to make the connection
