What Information does the Vanta Agent Query?

  • Updated

The Vanta application checks devices in your fleet to ensure that they are configured securely and make sure they are compliant.  


The app checks several configurations, such as whether the hard drive is encrypted or a password manager is installed. The app does not send sensitive data like passwords, environment variables, or ssh keys. It also doesn’t send personal data like messages or browsing history.


Here's the list of queries the Vanta agent is making:

  • DiskEncryptionLinux
  • DiskEncryptionMacos
  • DiskEncryptionUnionLinux
  • DiskEncryptionWindows
  • DiskEncryptionWithFileVaultMacos
  • Disk encryption status
  • InstalledApps
  • MacosBrowserExtensions
  • MacDisplayTime
  • OS Version
  • MacScreenlock
  • MacScreenlockManagedPolicy
  • MacScreenSaverTimeout
  • MacUsers
  • OsqueryInfo
  • OsVersion
  • Preferences
  • ConfigDataInstallPreference
  • SSHUsers
  • SystemInfo
  • UserAdmins
  • WindowsBrowserExtensions
  • WindowsProgams
  • WindowsScreenlock
  • WindowsSecurityProducts
  • WindowsUsers


To monitor the exact set of queries Vanta is running on your machines, you can run the following command:

Mac OS and Linux:

sudo /usr/local/vanta/vanta-cli schedule


C:\ProgramData\Vanta\vanta-cli schedule