News & Trends

Vanta, a Cybersecurity Compliance Startup, Raised $50 Million



Vanta, a San Francisco, California-based automated security and compliance platform, today announced that it closed a $50 million funding round led by Sequoia Capital. The startup says it’ll use the capital to meet customer demand as well as launch new products and open a second office in New York.

In a 2017 Deloitte survey, only 42% of respondents considered their institutions to be extremely or very effective at managing cybersecurity risk. The pandemic has certainly done nothing to alleviate these concerns. Despite increased IT security investments companies made in 2020 to deal with distributed IT and work-from-home challenges, nearly 80% of senior IT workers and IT security leaders believe their organizations lack sufficient defenses against cyberattacks, according to IDG.

Vanta, which was founded in 2017, allows companies to prepare for SOC 2 audits, with an automated monitoring platform that connects to services including Google Cloud Platform, Amazon Web Services, GitHub, Okta, and Slack. Developed by the American Institute of Certified Public Accountants, SOC 2 is designed to assess the security of service providers storing customer data in the cloud.

While conventional compliance prep methods can be laborious and error–prone. Vanta claims to help startups become secure by integrating with their infrastructure, generating a list of items to fix, and facilitating audits with certified public accountants. “We’re at a crucial turning point as an industry: software is a huge part of our lives, but we trust software companies less than ever before,” Vanta CEO Christina Cacioppo said in a press release. “At Vanta, we’re pioneering a continuous, automated approach to security and compliance that protects customer data and helps grow these businesses.”

Vanta also offers prep tools for the Health Insurance Portability and Accountability Act (HIPAA) and ISO 27001, the international standard for information security management. HIPPA, which was signed into U.S. law in 1996, implements rules to protect sensitive patient health information from being disclosed without the patient’s consent.


Vanta has a number of competitors in a cybersecurity market estimated to be worth over $162.5 million. SecurityScorecard, a cybersecurity rating and risk-monitoring platform, recently announced that it raised $180 million. There’s also, Safeguard Cyber, and DefenseStorm, which consolidates security data from multiple sources and susses out anomalies with AI.

But Vanta says it’s seen substantial growth since coming to market three years ago, surpassing $10 million in annual recurring revenue and continuing to double its customer base every six months. Today, Vanta has more than 1,000 customers including Clubhouse, Lattice, Calm, Loom, Notion, and UserTesting.

Existing investor Y Combinator also participated in Vanta’s round, a series A.

You may also like