What Information does the Vanta Agent Query?

  • Updated

The Vanta application checks devices in your fleet to ensure they are configured securely and compliant.  The Vanta Agent checks several configurations, such as whether the hard drive is encrypted or a password manager is installed. It does not send sensitive data like passwords, environment variables, or SSH keys, nor does it send personal data like messages or browsing history.


Here's the list of queries the Vanta agent is making: 

  • DiskEncryptionLinux
  • DiskEncryptionMacos
  • DiskEncryptionUnionLinux
  • DiskEncryptionWindows
  • DiskEncryptionWithFileVaultMacos
  • Disk encryption status
  • InstalledApps
  • MacosBrowserExtensions
  • MacDisplayTime
  • OS Version
  • MacScreenlock
  • MacScreenlockManagedPolicy
  • MacScreenSaverTimeout
  • MacUsers
  • OsqueryInfo
  • OsVersion
  • Preferences
  • ConfigDataInstallPreference
  • SSHUsers
  • SystemInfo
  • UserAdmins
  • WindowsBrowserExtensions
  • WindowsProgams
  • WindowsScreenlock
  • WindowsSecurityProducts
  • WindowsUsers


To monitor the exact set of queries Vanta is running on your machines, you can run the following command:

Mac OS and Linux:

sudo /usr/local/vanta/vanta-cli schedule


C:\ProgramData\Vanta\vanta-cli schedule