Cybersecurity compliance startup Vanta raises $50M

Vanta, a San Francisco, California-based automated security and compliance platform, today announced it has closed a $50 million funding round led by Sequoia Capital. The startup says it will use the capital to meet customer demand, as well as launching new products and opening a second office in New York.

In a 2017 Deloitte survey, only 42% of respondents considered their institutions to be “extremely” or “very” effective at managing cybersecurity risk. The pandemic has certainly done nothing to alleviate these concerns. Despite increased IT security investments companies made in 2020 to deal with distributed IT and work-from-home challenges, nearly 80% of senior IT workers and IT security leaders believe their organizations lack sufficient defenses against cyberattacks, according to IDG.

Vanta, which was founded in 2017, allows companies to prepare for SOC 2 audits, with an automated monitoring platform that connects to services, including Google Cloud Platform, Amazon Web Services, GitHub, Okta, and Slack. Developed by the American Institute of Certified Public Accountants, SOC 2 is designed to assess the security of service providers storing customer data in the cloud.

While conventional compliance prep methods can be laborious and error–prone, Vanta claims to help startups become secure by integrating with their infrastructure, generating a list of items to fix, and facilitating audits with certified public accountants.

“We’re at a crucial turning point as an industry: Software is a huge part of our lives, but we trust software companies less than ever before,” Vanta CEO Christina Cacioppo said in a press release. “At Vanta, we’re pioneering a continuous, automated approach to security and compliance that protects customer data and helps grow these businesses.”

Vanta also offers prep tools for the Health Insurance Portability and Accountability Act (HIPAA) and ISO 27001, the international standard for information security management. HIPPA, which was signed into U.S. law in 1996, implements rules to protect sensitive patient health information from being disclosed without the patient’s consent.


Vanta has a number of competitors in a cybersecurity market estimated to be worth over $162.5 million. SecurityScorecard, a cybersecurity rating and risk-monitoring platform, recently announced it has raised $180 million. There’s also Securiti.ai, Safeguard Cyber, and DefenseStorm, which consolidates security data from multiple sources and uncovers anomalies with AI.

But Vanta says it has seen substantial growth since coming to market three years ago, surpassing $10 million in annual recurring revenue and continuing to double its customer base every six months. Today, Vanta has more than 1,000 customers, including Clubhouse, Lattice, Calm, Loom, Notion, and UserTesting.

Source: Venture Beat