Cybersecurity compliance startup Vanta Inc. said today it’s launching a new suite of reporting and testing tools to help companies strengthen their security posture amid the shift to artificial intelligence.

The new tools include an advanced reporting tool that helps companies to measure the success of their security programs, as well as enhanced capabilities in Vanta AI for automating policy generation and mapping risks, controls, tests and frameworks.

Vanta is a well-funded startup offering a suite of tools and services that helps companies to comply with cybersecurity standards such as the SOC 2, General Data Protection Regulation and ISO 27001 regulations. Companies must adhere to these standards in order to prove that their applications are processing customer data in a secure fashion. Yet doing so is becoming more complex at a time when every enterprise is racing to implement new and data-hungry AI applications to fuel their business operations.

With its advanced reporting tools, Vanta says it’s aiming to provide organizations with a more unified view of their cybersecurity programs and their attack surfaces, so they can prioritize where they need to focus their efforts and shore up any vulnerabilities in their defenses. The new capabilities were announced today at VantaCon 2023, the company’s annual user conference.

Among the new features are risk management dashboards that surface key metrics via risk heat maps and other visualizations, giving security teams more visibility into where risks are concentrated. Using these dashboards, administrators can track the progress made by their teams as they work to plug the gaps it identifies, and nudge those responsible to ensure they complete their tasks as soon as possible.

In addition, Vanta has created new workspaces dashboards for leaders who are tasked with managing multiple business units, making it easier for them to assign tasks to individual team members. Finally, it now offers an executive report capability that provides a comprehensive compliance program overview for executives and other management stakeholders.

Meanwhile, the updates to Vanta AI are designed to reduce the burden of manual and repetitive tasks on security teams. Vanta AI was announced in October with features such as AI-powered vendor security reviews, generative questionnaire responses and intelligent control mapping. The suite is now being expanded with intelligent policy generation and easier test remediation capabilities, the company said. It’s also enhancing the Vanta Trust Center experience, giving users the ability to transform static information and documents into more dynamic, conversational content.

Vanta AI is also gaining support for the National Institute of Standards and Technology’s AI Risk Management Framework, which is a structured guideline that aims to mitigate the risks associated with the design, development, implementation and evaluation of AI systems. It will enable teams to deploy the latest AI models and services with greater confidence, the company said.

Finally, Vanta said it’s introducing new ways for customers to customize security tests within the Vanta platform, in order to give them more confidence in their enterprise readiness. Security leaders now have the ability to modify Vanta’s standard tests by customizing key parameters, such as adjusting the default retention time to meet the unique regulatory requirements they must adhere to. In addition, users can now create their own tests based on their unique, internal audit commitments and industry- or region-specific regulations.

Chief Executive Christina Cacioppo (pictured) said the new capabilities ensure the company can serve the needs of the largest and most complex enterprises. The company is transforming from a provider of automated compliance tools to an end-to-end trust management platform, she said.

AI-driven risk and compliance tools are quickly becoming indispensable to organizations, enabling them to conduct real-time monitoring and proactively mitigate risks, said International Data Corp. analyst Amy Cravens.

As such, Vanta’s latest innovations are just what the doctor ordered for enterprises at a time when their business operations are becoming increasingly complex. “Embracing AI for compliance and security use cases provides organizations with a strategic advantage, and IDC predicts that by 2026, 40% of organizations will use AI-enabled risk and compliance solutions to continuously monitor data to predict noncompliance internally and from third parties,” Cravens said.

Photo: Vanta