By using incident.io, Vanta has reduced time spent on manual processes by hours, while improving the consistency and visibility of their incidents.
Vanta aims to restore trust in internet businesses. Vanta’s automated platform enables companies to prove their security and compliance posture to customers, prospects, and partners. It enables fast-growing companies to get and stay compliant through automated security monitoring for standards such as SOC 2, ISO 27001, GDPR and more.
Vanta currently has a team of over 300 employees and is based in San Francisco.
As a leader in compliance, security and data privacy are taken extremely seriously at Vanta. Minimizing risk, protecting customer and vendor data, and building a strong infrastructure are core components of Vanta’s ethos. Having a strong incident response strategy is a critical part of meeting those standards. However, Vanta found that the five-step manual process, which was maintained in a written document, was not sufficiently robust. They faced three key problems with their existing approach:
By reducing the manual processes involved in declaring incidents, incident.io helped Vanta dramatically improve internal communication and incident response. Without tooling to prompt the right behaviours, key stakeholders were not looped in to the incident processes. With incident.io, Vanta is able to alert the right people within minutes.
incident.io automates many of the manual processes involved in running incidents. Vanta now saves hours as a result of the automations, alerts, and prompts built into incident.io. For example, hours of manual work were required to remind teams to complete post-mortems, and search for timeline information. With incident.io, timelines are generated automatically, giving the Vanta team time back to focus on more important tasks.
Vanta’s support teams often need to be included in incidents so they can understand the causes and resolutions of issues. With incident.io, Vanta enjoys cross-team communication in addition to a faster way of notifying customers.
incident.io’s post-mortem generation features have made it easier for engineers to organize incident data into a centralized document that can be easily reviewed by the larger organization.This has helped them identify incident trends and dig into root causes and action items that will help prevent future issues.