Vanta Release Notes

 

April 2025

 

Week of April 14, 2025

SCIM support for Teams

• Users can sync Vanta Teams to their IdP Groups via SCIM, enabling seamless and programmatic Team management as the customer’s organization grows and changes.

AI Control Mapping for Policies 

• If you are using Vanta's default template stack or bringing in your custom policies, you can use Vanta AI to help you map security controls back to the policy

Collaborator Role

• The collaborator role is now available for object-level assignments and more granular access control within Vanta 

 

Week of April 7, 2025

Compliance Roadmap

• The test metric allows customers to easily assess their program's progress by providing the key metrics they need, all in one seamless location

Week of March 31, 2025

Report Center Metrics: Test Breakdown by Status

• The test metric allows customers to easily assess their program's progress by providing the key metrics they need, all in one seamless location

March 2025

 

Week of March 24, 2025

Custom Metadata Fields: Vendor Risk Management

• Users can now flexibly track any and all data they need to know about the vendor. They can choose from the following field types: text, date, number, and picklist.

Week of March 17, 2025

New Standard Vendor Fields: Vendor Risk Management

• VRM has two new standard fields: contract amount and vendor headquarters. 

 

Preserving security reviews when merging vendors: Vendor Risk Management 

• When a user merges two vendors, they can preserve the security reviews, evidence, and findings from both vendors, ensuring they don't lose any of the due diligence they've done.

 

Week of March 10, 2025

Vanta Branded Engagement Letters

• Customers activating their Trust Centers for the first time will find a resource document already created for them, affirming their engagement with Vanta and ongoing compliance efforts.

 

Week of March 03, 2025

Advanced tagging for Questionnaire Automation and Trust Center (GA)

• Create custom tags for organizing your knowledge base and sharing resources from your Trust Center

Internal audit tag

• Customers can select an audit type when creating an audit engagement in Vanta.

Team ownership for tests & documents

• Customers can now create and assign Teams as owners of tests and documents.

Vendor Risk Management Slack notifications

• Users receive Slack notifications when questionnaires are submitted and are notified when all evidence is available, and the security review is ready for analysis.

Trust Center: Hide full access requests

• Trust Center admins now have the option to disable "Full access" on their public Trust Center

 

February 2025

 

Week of February 24, 2025

Merge.dev Multi-Tenancy Support

• Vanta's new Merge.dev Multi-Tenancy Support enables seamless management of multiple instances of the same integration

Framework Scoping for MDMs

• Customers can now scope JumpCloud resources by framework

Questionnaire Automation: Delete individual rows after import

• After adding a questionnaire, customers can select response rows and delete them.

Vendor Risk Management 

• Vendor AI answers will be organized in bullet points
• Users can choose to move a vendor from Discovery into Procurement, following the funnel and typical workflow of our users

 

Week of February 17, 2025

Framework scoping for Azure and GCP Organization Sub-accounts

• Users can now scope individual accounts within organizations for GCP and Azure.

Framework scoping for GitHub Organizations & Projects

• Users now have control over which frameworks they include their GitHub organizations and project assets in. 

Framework scoping for AWS Organization Sub-accounts

• With AWS organization sub-account scoping, users now have more granular control over their assets.

 

Week of February 10, 2025

Approval workflow for questionnaires

• An approval workflow can now be facilitated within Questionnaire Automation. This workflow allows an approver to be assigned and notified when the questionnaire is ready for review with a new set of statuses to track and communicate each step of the process clearly.

Week of February 3, 2025

Bulk Reminders for the People Page 

• Admins can now send a bulk one-time reminder to specific people by selecting them on the People Page table. The admin can also select whether to send these reminders over Slack, email, or both (the reminder will default to their current personnel notification settings).

January 2025

 

Week of January 28, 2025

Sensitivity Flag on Documents Table

• There is a new column in the documents table to indicate if a document is "sensitive"

Streamlined control mapping for policies

• We’ve added an “Add Controls” button directly on the Policy details page

Transition flagged evidence back into "ready for audit" 

• Users can transition flagged evidence back into ready-for-audit; this lets them know that a piece of evidence is ready for another review, eliminating the need for back and forth between auditors and customers.

 

Week of January 20, 2025

Customers can filter their evidence list by 'auditor-created evidence.'

• Users can filter evidence to view evidence created by the auditor 

View-only permissions enabled in custom role-based access control 

• For each permission in a custom RBAC role, the admin can choose from “no access,” “view-only,” or “view and edit.”

Show risk ID when mapping  risk scenarios to a control

• When a user maps a risk to a control, they will be able to see the risk ID along with other pertinent information about the risk.

 

 

Week of January 6, 2025

New Documents page experience 

• Users are now prompted to add all relevant files to satisfy the document evidence request and mark it as complete before the document status changes to OK.

Risk REST API
Four new endpoints are now available via the REST API:
• https://developer.vanta.com/reference/listriskscenario (List risk scenarios)
• https://developer.vanta.com/reference/createriskscenario (Create risk scenario)
• https://developer.vanta.com/reference/getriskscenario (Get risk scenario by ID)
• https://developer.vanta.com/reference/updateriskscenario (Update risk scenario)

 

December 2024

 

Week of December 30, 2024

Export Test Details from the Report Center 

• Test data can now be exported to a .csv file from the Report Center 

 

Week of December 16, 2024

Custom Fields for Controls 

• Custom fields can be created in a new settings page in the compliance hub and displayed in the controls table. You can create fields that are free text, pick list, numbers, or dates. You can also choose whether custom fields are visible to your auditor.

TISAX and CMMC

• Vanta now supports two new frameworks, TISAX and CMMC.

 

Week of December 9, 2024

Questionnaire Automation

• Vanta AI now contains a classifier for the questionnaire automation tool that detects whether a question is of a Yes, No, N/A type.
• Customers can now edit questions and answers in the pending import list before approving and applying them to the answer library.

 

Week of December 2, 2024

Public Trust Center Documents: Vendor Risk Management 

• VRM users can import public Trust Center documents directly from within the Vendor Risk Management tool

 

November 2024

 

Week of November 25, 2024

Trust Center: Bulk Access Accept/Decline

• Trust Center admins now have the ability for Trust admins to edit the access expiration date in bulk

HITRUST MyCSF API Integration

• Vanta integrates directly with HITRUST MyCSF, enabling customers to sync controls and evidence seamlessly between the two platforms.

Trust Center FAQ permalinks

• Each FAQ on your FAQs page has a perma-link for seamless sharing.

 

Week of November 18, 2024

Download policy draft as .docx

• In both Policy Builder and Policy Editor, drafts can now be downloaded as a PDF or .docx. 

 

Week of November 11, 2024

Custom Fields for Controls

• Customers will now be able to add custom fields (date, number, text, pick list) to their controls within Vanta. 

Watermarking for Signed Trust Center NDAs

• Trust Centers now watermarks NDAs with the name, email, and timestamp of the viewer who has accepted the NDA, allowing security teams to share adequate proof with their legal teams that a customer has signed an NDA. Trust Center admins can view the watermarked NDA in the Activity table for easy access.

Week of November 04, 2024

Report Center Update

• In addition to being able to view the trends on remediated items within SLA, you can now drill down and understand the underlying historical data driving those trends.

October 2024

Week of October 28,  2024

Jira Task Automation For Failing Tests (Beta)

• Beta users can automatically create tasks in Jira when a test starts to fail.

Week of October 21,  2024

Personalized Terraform remediation solutions 

• With the power of AI, Vanta now offers personalized, Terraform-based remediation solutions for all 180 of our Terraform-remediable tests. Users can now choose between Vanta-written instructions or customized Terraform solutions, allowing them to remediate Cloud tests more effectively and on their terms.

Policy Builder Updates

• Users can now edit section titles in Policy Builder
• When in the Policy Builder tool, users can skip sections that do not require input 

Questionnaire Collaboration: Commenting

• Commenting is now available on Security questionnaires, providing a single source of truth for conversations on individual questions 

Week of October 7,  2024

Groups Page Update

• We’ve updated the Groups Page to offer a cleaner, more streamlined experience for assigning tasks to your personnel

Trust Center

• Automate Access Requests and NDAs Through Hubspot CRM
  

 

NIS 2

• Vanta now fully supports the NIS 2 framework

 

September 2024

 

Week of September 30,  2024

 

Trust Center: Domain Allowlist 

• Domain allowlists allow customers to specify up to 50 domains. If a user requests access from one of those domains, they will automatically get access to the Trust Center 
  
  

Week of September 23,  2024

 

Vendor Risk Management: Locking AI answers and edited answers

• Once an answer is locked, the AI will not re-run on those questions.

Updated Test Details Redesign 

• Vanta has introduced a beta test details page with a tabbed design to focus on remediation details

 

Week of September 16,  2024

Full-page column selection  for Questionnaire Automation

• Vanta now has a full-page view for column selection, making navigation and use more seamless

 

Week of September 2,  2024

Lacework Integration

• Vanta now integrates with Lacework for vulnerability management 

Report Center Filter Improvements

• Report center users can now configure their custom reports further by filtering charts by framework, enabling the creation of framework-specific reports. 

DORA Framework

• Our new framework breaks down the regulation into actionable tests, documents, and policy addendums, offering clear guidance and prioritization for compliance managers. 

August 2024

 

Week of August 19,  2024

Questionnaire Automation Question Assignment  

• Individual questions can be assigned to users in Vanta. Users can be notified via email or Slack and quickly click on the questionnaire to view and answer assigned questions.

SentinelOne Vulnerability Management & Vanta

• Vanta now integrates with SentinelOne

Sync PDFs from Google Drive & Sharepoint for Policies & Documents

• If you are utilizing the Google Drive or Sharepoint integration, you can sync PDF files through the Google Drive & Sharepoint integrations for policies and documents

 

Week of August 12,  2024

AWS Multi-Org Support

• All AWS users can now add multiple orgs to a single Vanta Workspace

Cyber Insurance - Vanta & Vouch

• Users can purchase cyber insurance directly within Vanta in as little as 15 minutes, powered by Vouch.

 

Week of August 5,  2024

Policy Builder

• Policy Builder is a new policy creation and editing workflow to help create policies using Vanta templates.

Report Center

• Customers can now create custom reports in the Report Center. 
  
  

July 2024

 

Week of July 29,  2024

Update to USDP Framework

• Vanta's existing US Data Privacy framework has added a net new control. This new control accommodates a recent addition to the Oregon Consumer Privacy Act.  Five existing documents and one existing test have been mapped to this control.

Updated Developer Hub

• The API documentation will help customers understand our API’s capabilities, get started, and explore its use cases.

Questionnaire Automation for multi-product organizations

• Resources and answers in the knowledge base can be configured with one, multiple, or all products. 

 

Week of July 15,  2024

Audit evidence

• Evidence statuses can be applied to a piece of evidence within an audit engagement.

 

Week of July 8,  2024

VRM - findings, follow-ups, and residual risk

• VRM users will be able to recommend treatment plans, recommend resolutions, create Jira tasks for follow-up, and set residual risk for the vendor.

Trust Center Media Tab

• There is a new section on the Trust Center called Media for companies to upload videos hosted on YouTube or Vimeo.

 

June 2024

Week of June 24,  2024

 

Vanta & Orca integration 

• Anyone using Orca can connect to Vanta to pull in vulnerability data, track status, and SLAs, and assign tests if something misses a resolution window.

REST API support for putting personnel on leave and marking as "not a person"

• Vanta's REST API now supports two new endpoints:
  • Marking (and un-marking) a person as on leave.
  • Setting (and un-setting) personnel on the People Page as "not a person".
• For more information, see our https://developer.vanta.com/docs/vanta-api-documentation

Access Tickets

• Access Ticketing for Jira is now available. Users can enable it on the Manage section of the Jira integration, providing a label for access tickets.

 

Vendor Risk Management: Inherent Risk Rubric customization

• VRM users will be able to customize the attributes used to determine inherent risk levels for each vendor and be able to apply those attributes to vendor categories to enable auto-scoring

 

Week of June 17,  2024

 

Comments in the Audit view

• Customers and auditors can now communicate with each other through comments on evidence in the audit view 

Week of June 3,  2024

 

Updated User Interface

•  A new and improved UI had been implemented in Vanta, designed to make it easier to find and act on the data and information in Vanta.

 

May 2024

 

Week of May 20,  2024

Questionnaire Automation

• Customers can leverage questionnaire automation directly within Vanta 

 

Week of May 13,  2024SSO

Background Checks POwered by Certn

• Customers can now run their background checks directly from Vanta using our background check functionality powered by Certn 

 

Week of May 6,  2024SSO

(SAML) for standalone customers

• Customers can now set up an SSO SAML connection to their IDP without first integrating their IDP via API. The SAML protocol allows customers to grant a subset of their users access to the Vanta application.

Ability to link multiple Trust Centers

• Users can access all of a company's Trust Centers with a Trust Center picker in the Trust Center header.

Shareable Hidden Resources in Trust Center

• There is a new visibility option for resources called Shareable that hides the document from their public Trust Center but can still be shared externally.

Knowledge Base for Trust Center

• There is now a new Knowledge Base in Trust Center for customers to manage their Security Documents and Answers

 

April 2024

 

Week of April 29,  2024

 

The Vanta REST API Beta

• We’re launching a new Vanta API with more functionality than GraphQL in the  REST protocol.  

 

Week of April 22,  2024

 

Custom Banner Images for Trust Center 

• Users can now upload custom images which will appear on the top banner of the Trust Center

New ability to reject discovered vendors

• For those using Vendor Risk Management, discovered vendors can be rejected and provide a reason for the decision

 

Week of April 15,  2024

 

Vendor Risk Management: Ability to add reason when ignoring a discovered vendor

• Users can give reasons when ignoring a vendor so that it's visible and trackable

  

Week of April 1,  2024

 

Support for multiple Bitbucket workspaces

• Customers now can connect their different workspaces to Vanta

 

March 2024

 

Week of March 25,  2024

 

Unlimited Custom Attributes in Risk Scenario Import

• Customers can now include as custom attributes when importing risks

Specific templates for bulk importing custom controls

• Controls import templates are now specific to the user, meaning they show only the frameworks the customer has purchased and include the customer’s custom frameworks. 

Week of March 18,  2024

 

Remediation information for Vulnerabilities

• We now pull in the following information for vulns that helps give guidance on how to remediate:
  • Affected versions of the package/software
  • Fixed versions of the package/software
  • Remediation details (if the scanner provides it)

New dashboard widgets on the Vulns "Findings by Asset" page

• Two new widgets have been added to the Findings by Asset page,
  • Asset Scan Coverage
  • Asset SLA status

New Security Training Modules released

• We’ve created and launched three new Security and Privacy Training modules in Vanta, including
  • Secure Code Training
  • Social Engineering
  • Insider Threat

 

 

Week of March 11,  2024

 

Support for employees in multiple groups

• Employees can now be included in multiple groups of employee task programs and import their IdP groups 1:1

New Vendor Overview Page and Risk Register Integration

• Customers can now link a vendor's findings to existing risk scenarios, bridging the gap between Vendor risk and risk management.  

Updates to SOC 2 Controls

• A new document request was added to the “Network Firewall reviewed” control to provide evidence on the results of the Firewall ruleset review.

Custom Procurement Labels in Vendor Risk Management

• Users can now create custom labels for Vendor risk management procurement requests with task tracker integrations

 

 

Week of March 4,  2024

 

People Export Background Job

• Users can click the export button immediately and navigate away from the People page

New auditor evidence drawer

• Replacing the full-screen model with a drawer allows us to build performance improvements and new UX features and prepares us for further improvements to the audit experience.

Netlify cloud deeper security tests

• Vanta now provides deeper automation for Netlify integration 

 

February 2024

 

Week of February 26,  2024

 

Additional Admin Onboarding 

• A new, higher-context, and more streamlined onboarding experience has been made available for additional invited admins.

CloudFormation connection for AWS Orgs linking flow

• Vanta has added support for the CloudFormation connection method for the AWS Organization linking flow. 

 

Week of February 19,  2024

 

One-column layout for Trust Center overview page

• A one column layout has been enabled for Vanta Trust center to create a cleaner and more seamless UI experience

Multi-language policies upgrade

•  Multi-language policies enable customers to manage and maintain multiple documents for the same policy so their employees can choose the one to review in their preferred language

 

 

January 2024

 

Week of January 29,  2024

 

Supporting Role Changes in Access Reviews

• There’s a new button for access reviews, aptly called “Change roles”, that Access Review customers can use to denote accounts that need a role/permissions change instead of outright approving or denying access.

Flag access accounts by last login in Access Reviews

• In order to flag potentially inactive accounts, we have:
  • Added the last login as a column in the System Reviewer dashboard
  • Added flagging for accounts where the user has not logged in for over 90 days

Last login flagging works initially with the Vanta, Zoom, and MongoDB Atlas integrations, with more to come!

 

Week of January 22,  2024

 

Sync IDP user scope with accounts and access tests

• Allows admins the option to opt into applying user scope to accounts they own and reduces the manual effort needed.

Risk Notifications

• We've added several improvements to our risk notifications, including:
  • Manual reminder buttons for risk scenarios and tasks
  • Risk task status for due soon or overdue tasks
  • Risk needs attention (e.g. control failing, task overdue, needs completion, needs approval)
  • Improvements to the Daily/Weekly summary email

 

Week of January 15,  2024

 

Bulk Link Account Owners on the Access Page

• We now support bulk-linking account owners via OneSchema. Customers can download a .xlsx file of all their unlinked accounts, enter the owner email for each account, and upload the same file via OneSchema to link all accounts to owners at once. 

 

AI-powered Access Data Import for Access Reviews - Public Beta

• Users can now take screenshots or export a PDF of users from an unintegrated system, and Vanta's AI access data importer will extract the user data, drastically reducing manual data entry.

 

Vendor Risk Management: Private Links 

•  Vendor risk management customers can request both documents and questionnaires with a single reach out to the customer. Vanta will send the email with the requested documentation and a link to upload questionnaires and documents. 

Week of January 8,  2024

 

Vendor Risk Management Private Link Emails

• VRM customers can request both documents and questionnaires through a link single link

 

Week of January 1,  2024

 

GDPR with EU-US Data Privacy Framework

• Vanta has released an add-on to GDPR for the EU-US Data Privacy Framework. The add-on includes 7 new controls and 6 new documents to help US-based customers subject to GDPR achieve compliance more efficiently  

 

December 2023

 

Week of December 18,  2023

Vanta AI Custom Templates for VRM

• Vanta AI templates allow customers to upload multiple templates and efficiently be able to switch between them 

 

NDA Data Export 

• NDA data can now be exported from the Trust Center settings page 

Automatically re-open vulnerabilities when a fix is available 

• Vulnerabilities can be unmonitored, and then automatically reopened when a known remediation becomes available 

 

Week of December 11,  2023

 

Bulk download available for Trust Centers

• We've launched a new bulk download button to generate a zip file of all accessible files on a Trust Center.

Bulk Actions in Risk Register

• Allows bulk selection of risk scenarios, which can then be assigned an owner, approved, or archived with one click

 

November 2023

 

Week of November 25,  2023

 

Trust Center Updates

• Customers can now post updates on their Trust Center and notify subscribers via email.

Access Review support for Private Integrations

• Customers can now create custom integrations for Vanta to automatically pull in access data, streamlining Access Reviews.

 

Week of November 13,  2023

 

"No Security Tasks" status on the People Page

• When an employee has no tasks assigned to them, we display their status as 'No tasks.' In this state, we also provide a prompt in their user drawer, encouraging the admin to assign tasks."

 

Week of November 6,  2023

 

Australian Essential 8 and UK Cyber Essentials Frameworks Release

• Vanta has developed and deployed both UK Cyber Essentials and The Australian Essential 8 as Framework offerings.

Updated Vanta Policy Templates

• Several Policy Templates have been updated for more comprehensive security policies   

 

October 2023

 

Week of Oct 30,  2023

 

Vulnerabilities Page 

• The redesign of the vulnerabilities page comes with improvements that make the experience more intuitive and streamlined to manage vulnerabilities

 

Week of Oct 23,  2023

 

Trust Report DocuSign Integration

• Customers now have the option to connect their DocuSign account to Vanta and use it to send NDAs.

Trust Report Salesforce Integration

• Trust Reports can now integrate with  Salesforce and allow custom auto-approvals and NDA bypass rulesets. 

Vendor Risk Management - Private links for vendor document upload

• Vanta customers can now generate a unique link for each vendor to collect security documents 

Trust Report - Custom frameworks and badges

• Customers have the ability to add new frameworks that aren't part of the pre-existing list, as well as customize the name and badge icon for new and existing frameworks

 

Week of Oct 16,  2023

 

Automatic evidence collection for access reviews

• Vanta will automatically upload the Access Review report as evidence to meet the controls around Access Reviews

 

Week of Oct 9,  2023

 

Control Mapping to Risk Scenarios 

• Risk scenarios can now be mapped to controls within Vanta

 

Week of Oct 2,  2023

 

Multiple organization and group support for Snyk

• Users can now choose which organization(s) or group(s) they would like Vanta to monitor and pull relevant resources from 

Vanta AI for Vendors Custom Questions

• Users now have the ability to ask their own questions to Vanta AI in additional to the default questions provided 

 

September 2023

 

Week of Sept 25,  2023

 

Role-Based Access Controls: Custom roles

• Vanta Admins can now create and tailor custom roles, which they can then assign to users within their accounts

Import Documents from external sources - Drive, Confluence, Sharepoint

• Users can now import Documents from external sources - Drive, Confluence, Sharepoint

 

Week of Sept 18,  2023

 

Policy Editor Commenting Feature

• The policy editor now allows users to comment on the document, making communications for suggestions and feedback more streamlined in a centralized location

Additional controls and guidance added to ISO 27017

• 36 new controls have been added to ISO 27017 to provide valuable guidance to customers
  
  
  

Week of Sept 11,  2023

 

Controls Affect Risk Status

• Controls now affect the completion status of risks. Risks are now considered complete if they have at least one control or task, all tasks are completed, and all controls pass

• We're adding an option to upload files for vendors where a connection is possible

• Vanta now supports JumpCloud as an IdP 

• The most recent version of the Vanta Agent upgrades it to use the most recent version of osquery (5.9.1)
• This version also includes general bug fixes and improvements

 

Week of Sept 4,  2023

 

Improved Agent installation experience for employees

• Employees now register their Vanta Agent to their company's domain by copy-and-pasting a simple registration key during the Agent installation process

Risk Management Redesign

• The Risk Register has been redesigned to allow edits and additions to be made to risk scenarios entirely from the sidebar

 

August 2023

Week of August 28,  2023

 

New roles in Vanta: View-only Admin + Sales Admin

• Our new roles page will now show all available roles and what specifically each role has access to
  • View-only Admins will be able to view the entire product but won't have the ability to make any changes.
  • Sales admins will only be allowed to manage external access to the Trust Report. Our new roles page will now show all available roles and what specifically each role has access to.

Vendor merge & delete options

• VRM customers can merge vendors (combining data) and delete vendors

Configure idle session timeout

• We are providing a security settings page where the user can choose to change their idle session timeout configuration. Currently, they'll be asked to choose between 7 days, 3 days, 24 hours, and 30 minutes

ISO 27001:2022 Control/Test Updates

• Risk management tests have been added so customers can leverage work they have already done to enrich the existing policy and documentation asks

 

Week of August 21,  2023

 

Workspace Console User Management

• Workspace Console Admins can now access the Workspace Console, which provides them with an aggregate view of data across all connected Workspaces. 

Access Review Free Trials: Beta

• Customers who are interested in Access Reviews can sign up for a Free Trial within Vanta 

VRM Reporting

• We built out a reporting page that tracks a few metrics over time. The initial metrics are
  • Number of vendors over time broken down by origin/risk level
  • Number of completed security reviews per month
  • Average time for completing security review/procurement

Snowflake integration now supports connecting multiple warehouses

• Vanta users can now connect to more than one Snowflake warehouse on the Integrations page.  

 

Week of August 14,  2023

Auto-populated Statement of Applicability for ISO 27001 (2022)

• Auto-populate the SoA for both the 2013 and 2022 versions of ISO 27001! The banner and button to download the pre-filled template are the same, but the downloaded document will include a sheet for any ISO 27001 versions the user has enabled

 

Week of August 7,  2023

 

Answer editing in the questionnaire browser extension

• Answer editing in the questionnaire browser extension enables customers to edit past answers without visiting the answer library

Scoped Document Access for Trust Reports

• Customers now have an opt-in Trust Report access model that allows them to provision individual documents. Requesters can specify which documents they are interested in, and customers can select which documents they ultimately want to provide access to

 

Week of August 1,  2023

 

Connectors integrations are now available for EU customers

• Customers can now see all Connectors integrations on the Integrations Page. 

Risk scenarios now have an editable "Identified" field

• Users are now able to edit an "Identified" field

 

July 2023

 

Week of July 31,  2023

 

Connectors integrations are now available for EU customers

• Customers can now see all Connectors integrations on the Integrations Page. 

Risk scenarios now have an editable "Identified" field

• Users are now able to edit an "Identified" field

 

Week of July 24,  2023

 

Sumo Logic monitoring integration

•  Sumo Logic integrations now fetch monitors, and a new product test has been added to verify that at least one active monitor is configured in Sumo Logic

 

Week of July 17,  2023

 

Risk Custom Attributes

•  Customers who utilize Risk management can create Text, Number, and Date attributes on risk scenarios, allowing even the most complex cases to be managed through Vanta 

Tags in the Trust Center's Answer Library + Extension

• Tags can be added to answer library items through the Answer Library page and browser extensions, allowing users to filter and group items

Week of July 10,  2023

 

Column Selection for Questionnaire Imports

• When uploading a questionnaire to be imported, users will be able to review detected columns and make adjustments as needed before starting the import process 

 

Week of July 03,  2023

 

Edit Vanta Document Metadata & Recurrence

• Document names, descriptions, and recurrence can be edited from the document's detail page

 

June 2023

Week of June 26,  2023

 

Vanta Library customization: Mapping of Vanta Controls to Frameworks

• Vanta Controls now have the same flexibility as custom ones.

Okta OAuth with roles 

• We're changing the Okta integration to use OAuth authentication instead of API tokens 

Policy name and description customization

• The name and description of policies can be edited while still taking advantage of the control <> policy mappings that Vanta provides out of the box.

Leave Status

• Administrators can set or unset their Vanta users’ leave status manually. Administrators can also optionally specify a date on which the leave starts or ends when setting leave status.

 

Week of June 19,  2023

 

Custom Framework Audits

• Auditors can now view Audits for custom frameworks 

Horizontal Table Scrolling in the risk register

• Vanta now supports horizontal table scrolling in the Risk Register; we also allow an optional frozen column on the left, so users can still see the item's Name or ID while they scroll left and right in the table.

Custom security review cadence on vendors

• VRM customers can customize the cadence at which they want to conduct security reviews (including an option to turn off required reviews for vendors of certain risk levels)

 

 

Week of June 12,  2023

 

Show/hide columns in the Risk Register

• Vanta now allows you to toggle which columns are visible in the Risk Register, as well as display new columns we haven't allowed before (Categories, Created, and Updated).

 

Week of June 5,  2023

 

Beta release of Microsoft Teams notifications

• Vanta now has native support for sending notifications to customers who use Microsoft Teams as their chat application. Customers will be able to select a Teams channel for each of our preset categories, similar to the Slack Integration 

Customizing Security Issue Tracking in Vanta

• Vanta allows customers to customize the labels that Vanta uses to automatically track security issues for all task trackers

Marking Custom Documents as Sensitive

• Custom docs can now be marked as sensitive

 

May 2023

 

Week of May 22,  2023

 

Dynamic IdP Groups for OneLogin

• Dynamic IdP Groups for OneLogin reduce the time to create groups and eliminate the time to keep them up to date by allowing groups to sync from OneLogin over to Vanta

Editable account status for access reviews

• Vanta now allows users to edit the status for access reviews 

 

Week of May 15,  2023

 

Checklist Previews 

• Customers can preview their changes in the checklist edit flow before publishing. This allows admins to easily understand their employees' onboarding experience.

View as an auditor without an audit engagement

• Vanta users will see the option to specify a custom date range when they select "View as auditor".  An audit engagement is no longer required.

 

Week of May 8,  2023

 

Vendor Risk Management

• Conduct comprehensive security reviews that enable your organization to proactively mitigate risk associated with the vendors you utilize

Customizable Test SLAs

• Made Vanta's SLA range provides recommended time frames, which users can override.

Grafana Monitoring Integration

• Vanta now has an expanded integration with Grafana