New in Vanta | December 2025
This past month, the Vanta team launched new features to help you:
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
CVE-2025-55182: The critical React RCE and the hidden risk in your supply chain
On December 3rd, the React team disclosed a critical security flaw in React Server Components known as CVE-2025-55182. With a CVSS score of 10.0, this issue is extremely severe. React and Next.js are the backbone of the modern web. Consequently, this vulnerability likely sits deep within your third-party vendor ecosystem in addition to your own codebase.
Beyond security theater: How automated trust closes the AI readiness gap
AI is transforming businesses at breakneck speed—but security isn’t keeping up. According to Vanta’s State of Trust Report 2025, which surveyed over 2,500 business and IT leaders around the world, 3 in 5 say AI-related security threats are outpacing their expertise. With a majority of organizations experiencing threats weekly, AI is not just driving the volume, but the precision of these attacks.
From manual to intelligent: How the Vanta AI Agent transforms compliance work
Since the launch of the Vanta AI Agent, teams using the Vanta AI Agent are saving an average of four hours a week—time they can reinvest in building, shipping, and scaling securely. According to a recent Vanta customer survey, 91% of Vanta AI Agent users say it’s improved their audit readiness, and 86% report faster audit preparation overall. Teams had less manual work, fewer last-minute scrambles, and more time to focus on meaningful security improvements.
The Australian startups guide to ISO 27001
Not sure whether your Aussie startup needs to obtain an ISO 27001 certification? ISO 27001 isn’t legally required, but if you plan on trading internationally or have potential customers who are international, many organisations won’t even open conversation with you if you don’t have an ISO 27001 certification. To put a long story short: if you collect, store, transmit, or process data in any way, you may want to consider it.
What is SOC 2 and why Australian startups need it
Your next customer is going to ask about how you store and keep data safe. Are you ready to answer? Australian startups are increasingly aware of the importance of appropriate data security measures, and building trust as an up-and-coming SaaS couldn’t be more important. Despite popular belief, SOC 2 isn’t just for big enterprises. Larger customers, investors, and partners will be looking at seed and series A and B startups to verify proof of trust.
How Snowflake Saves 2,000+ Hours a Year with Vanta | Scaling Trust Through Automation
Video Disclaimer: The ROI visual in this video contains mock data from fictional companies and is intended for illustrative purposes only. It does not represent real customer data or actual performance metrics. How does Snowflake, the data-cloud company trusted by over 12,000+ customers, scale trust globally? Before Vanta, Snowflake’s trust team spent nearly 3,000 hours annually responding to repetitive security documentation requests. Now, Snowflake saves 2,000+ hours annually, accelerates sales velocity, and strengthens customer trust worldwide..
Vantacon 2025: Keynote Livestream
VantaCon is back—and this year, we’re pushing boundaries and redefining what’s possible. We’re going beyond the expected, and we want YOU to be part of it! Tune into our keynote live from VantaCon where Christina and Jeremy will present our future product vision and latest releases.