Vanta

Not to be dramatic, but your GRC friends called and want to know where you are. They’re all in here 👉 community.vanta.com

Procurement… but no one has to chase approvals in Slack anymore?? We like this timeline. Excited to be part of Ramp Procurement 💛 🤜 🤛

❓ Quick question: could you list out every commitment you’ve made to customers right now? Most teams can’t. Teams at Modo Labs, WorkJam, and Perforce Software are fixing that by using Vanta to actually track and manage commitments, not just bury them in contracts. Want to see it in action? Click the link below and hop to: → 4:27 for a live demo + commitments roadmap w/our PMM Mikaela → 20:02 for real-world impact from CISOs Mark P. and Aaron Kiemele 🎬 https://lnkd.in/gDUy6JPF

Good news travels fast. 🗽 Thanks for the NYC feature, Nasdaq! 💜

Big milestone, bigger shift 👇 Vanta has surpassed $300M ARR, tripling revenue in just two years, and it’s happening against the backdrop of a new reality inside modern companies: shadow AI is everywhere. As Fortune's Lily Mae Lazarus reports, most employees are already using tools like ChatGPT, Claude, and Cursor—often without security oversight. It's not just a fringe issue. Our latest Shadow AI report (link in comments) puts numbers behind what teams are feeling: → 70% of companies now have unsanctioned AI tools in use → LLMs are 52% more likely to be flagged as high risk → Even after removal, AI tools are reinstalled ~1,000 times per year on average This is the push-pull defining the next era of security: rapid AI adoption vs. the need for continuous visibility and control. Read the full Fortune story: https://bit.ly/48PQIjB

$300M ARR. Just 9 months after hitting $200M, and growing faster every quarter.🚀 We founded Vanta to help businesses earn and prove trust. Businesses face more pressure than ever because trust leads to growth in the age of AI. 70% of companies now have Shadow AI operating in their environments, and AI tools are 52% more likely to carry a high risk designation than traditional SaaS. The compliance programs designed for annual audits weren't built for this, and neither was the old way of doing GRC. So we rebuilt it. The Vanta Agent runs as a 24/7 GRC engineer, eliminating the manual work that used to slow security teams down and orchestrating compliance, vendor risk, audits, and more, continuously. The Trust Graph maps your entire security posture in real time, so nothing slips through the cracks between reviews. 16,000 companies now run their security programs on Vanta, including 60% of the Forbes AI 50 and enterprises like Cursor, Samsara, Atlassian, and Snowflake—because the era of proving trust once a year and hoping nothing changes in between is over. To every customer who helped shape what Vanta is today: thank you. 💜

Today, we are happy to announce Vanta Government Cloud is FedRAMP 20x Moderate Authorized. The FedRAMP 20x program is grounded in public-private partnership to bring greater automation and efficiency to the FedRAMP authorization process. By using automation, machine-readable validation, and Key Security Indicators (KSIs), FedRAMP 20x is able to streamline compliance, enable continuous monitoring, compress evaluation timelines, and lower the costs of FedRAMP authorization, all while preserving security standards. Thank you to the FedRAMP® team for their leadership and partnership during Phase Two of the 20x pilot. Vanta is proud to be an early 20x adopter – not just as a pilot participant, but as a platform helping other CSPs pursue their own 20x authorizations. Read about the lessons we learned along the way - from KSIs to cross-team collaboration - in our latest blog (link in comments)

The results are in, and we've won second place in Cybersecurity Marketing Society's Beautiful Booth Awards!🥈✨ Calm-pliance has been one of our most integrated campaigns yet, and seeing it come to life across billboards, buses, and the show floor (bubble wrap wall, shredder therapy, harp and all) made it even better. Big thank you to Cybersecurity Marketing Society for the recognition, and to everyone who stopped in for some ASMR at #RSAC. See the full list of this year's winners: https://bit.ly/3QrEgA8

There's a moment when HITRUST shifts from "something we should probably look into" to an actual business requirement. The roadmap conversation that follows tends to get specific fast. Leaders from 360 Advanced, HITRUST, and Vanta are sitting down to walk you through what work carries over from your existing program, where the real gaps are, and what a realistic path forward looks. Join us May 7th: https://bit.ly/4mMlEqp

On a rainy weekday in SF, we took over Little Sweet, brought in builders + beverages, and just... talked. ☕ 🌧️ It was a room full of founders and operators, asking questions about compliance, relating to one another on fundraising stress, and being open about their journey. Calm-pliance Cafe was exactly what we'd hoped it would be. Thanks for being there. 💜