Vanta’s New Agents and Enterprise Controls Eliminate Audit Chaos

SAN FRANCISCO--(BUSINESS WIRE)--Vanta, the leading Agentic Trust Platform, today announced new agents and automation features that let CISOs work how they actually want to – with control, focus and a unified view. The suite of products includes context-aware agents, enterprise controls to scale and tailor trust programs and privacy automation that embeds Record of Processing Activities (ROPA), inventory management and Data Protection Impact Assessments (DPIAs) into everyday workflows.

According to Vanta’s State of Trust report, 8 in 10 business and IT leaders are already deploying agents to fight AI-driven cyber attacks. As organizations increasingly delegate frontline security to agents, they are expanding their automation expectations to compliance. With compliance programs producing a constant flood of signals and noise, CISOs need context-aware agents to flag issues, suggest fixes and help execute remediation.

“We aren't just helping companies with their audit; we're helping them build a foundation of trust that scales as they grow,” said Jeremy Epling, Chief Product Officer, Vanta. “By pairing agentic AI with deep enterprise customization, we are embedding 24/7 GRC engineers into every security team, allowing them to shift from constant firefighting to proactive risk management.”

Context-aware agents advance remediation

Vanta Agents are a collection of 24/7 GRC engineers, operating across an enterprise’s compliance program, vendor ecosystem and customer trust workflows. Vanta Agents coordinate tasks, collect and review evidence, surface material risk and accelerate resolution—keeping humans in the loop for final decision-making:

• Compliance Agent: automates the entire evidence lifecycle by using full program awareness to detect policy inconsistencies and provide remediation guidance
• TPRM Agent: streamlines evidence collection with AI-generated risk analyses and summaries, enabling 81% faster security reviews with minimal manual effort
• Customer Trust Agent: utilizes a self-improving knowledge base to automate inbound security questionnaires by learning from past responses and routing questions to the correct owners

Enterprise capabilities provide control that scales

Vanta's enterprise capabilities simplify multi-business unit and multi-framework trust programs. Launching today, adaptive business unit scoping allows compliance segmentation by product, region, or team within a single workspace, eliminating duplicate controls and improving visibility across the organization. The new Vanta control framework standardizes and reuses controls across frameworks to reduce redundancy, and custom information request lists map auditor requests to the right evidence, saving weeks of manual coordination.

“What sets Vanta apart is their understanding of how CISOs are accountable to the business and the board,” said Aaron Kiemele, CISO, Perforce. “They focus on outcomes — risk clarity, operational efficiency and trust at scale. Compliance is not an end in itself, it is a tool to improve security and build trust. That approach has made security a more strategic, credible function across Perforce.”

Privacy automation brings privacy and compliance into one system

Vanta’s new privacy automation integrates data governance directly into the broader compliance environment, eliminating the need for fragmented, parallel systems. By centralizing ROPA management, data inventories and DPIAs, sensitive data flows and high-risk activities are continuously linked to their relevant controls. This alignment reduces operational overhead and provides a real-time, audit-ready view of how personal data is governed across the entire organization.

"Privacy can quickly become a massive manual overhead," said Becky Paton, Information Security Analyst, Typeform. "Vanta integrates our core privacy workflows directly into our broader security ecosystem. Centralizing these processes does more than just check a box; it strengthens our entire risk posture. Having that single source of truth gives us actual clarity on how we're performing."

Vanta Delivers: Goodbye, Audit Chaos. Hello, Calm-pliance.

Vanta will debut these new features today, March 19 at 9am PT/12pm ET, during their quarterly Vanta Delivers virtual launch event. The event features conversations with Alex Stamos, CPO, Corridor, Andrew Becherer, CISO, Sublime Security, and Jadee Hanson, CISO, Vanta with demos from Jeremy Epling, CPO, Vanta. To register, visit https://www.vanta.com/webinars/goodbye-audit-chaos-hello-calm-pliance

In addition, Vanta will showcase these latest offerings at RSA Conference March 23 - 26, 2026 in San Francisco at booth S-1827. Book a meeting to talk about your calm-pliance program.

About Vanta

Vanta is the leading Agentic Trust Platform that helps over 15,000 businesses earn and prove trust. Companies including Atlassian, Duolingo, Golden State Warriors, Icelandair, Ramp and Synthesia rely on Vanta to earn and prove trust continuously.