Understanding "Pass by Default" Tests in Vanta

Shannon DeLange
Shannon DeLange Idea generator Vanta Team Member Conversation starter
  • Updated

What is a "Pass by Default" Test?

  • A test passes by default when the security configurations being assessed are integral to an integrated service. Essentially, these configurations are built-in and enabled by default, with no option for user configuration. When Vanta detects such configurations during an audit, the test automatically passes.

pass-by-default.png

 

Why Do "Pass by Default" Tests Exist?

  • Speeding Up Your Audit Process: "Pass by default" tests are designed to streamline your audit process. They save valuable time by quickly identifying integrated services with built-in security features that are already compliant with the required standards. This feature reinforces Vanta's commitment to expediting your audit procedures.

  • Ensuring Accuracy: Vanta takes the accuracy of its tests seriously. "Pass by default" tests are regularly validated by our team to ensure they remain accurate. If an integrated service changes its built-in features, we promptly update the test to reflect these changes. This commitment to accuracy ensures that your audits are always based on the most up-to-date information.

How Are "Pass by Default" Tests Conducted?

  • By default, Vanta runs checks on an integrated service's configurations for compliance if an API for that service exists. When an API doesn't exist the assessment is based on the integrated service's security documentation. This approach maintains a reliable assessment of your integrated services.