Breaking Down Security Acronyms (BDSA)
Vanta uses Okta to ensure we utilize SSO, so users are accessing multiple applications with one set of login credentials.
What is Single SIgn-on?
To ensure Vanta is able to show customers we pass our ISO audits, we have these two certificates on our Trust Center. (Name one of them)
What is ISO 42001 (or ISO 27001) certificates?
This popular AI chatbot can be accessed by all Vanta'ns to more your work more efficient. It's also sometimes fondly referred to internally as "Chatty G."
What is ChatGPT?
This social engineering pyschological tactic is behind an email that contains “act now or your account will be closed.”
What is a sense of urgency?
This framework establishes an AI management system. Vanta is actually being audited on this one this week!
What is ISO 42001?
This security method, MFA, is a staple at Vanta - it requires two or more verification factors to log-in.
What is multi-factor authentication?
Vanta published an update in August to inform customers we were one of the first cloud-based solutions authorized of this.
What is FedRAMP 20x Low?
This tool allows you to build and deploy custom AI agents to automate tasks at Vanta - you can catch an AI enablement chat on Monday, November 3rd.
What is Dust?
This AI-powered technology can create realistic audio and video to mimic a person's voice or appearance.
What is "deepfake"?
This is the number of frameworks that Vanta offers across security, privacy, AI, government, financial and more.
What is 35?
This jeopardy session is brought to you by Vanta's ESP team (though keep an eye out, our name may be changing soon!).
What is Enterprise Engineering, Security, and Privacy?
Vanta provides this email as a resource to customers if they have any follow-up questions or concerns.
What is security@vanta.com?
You can access this resource as a central command center for getting up to speed on Vanta's AI strategy tools, use cases, governance, and more.
What is Vanta's AI Hub (go/ai-hub)?
A highly targeted type of phishing that is also nautically themed, this type of attack would be if someone decided to target Vanta's C-suite.
What is "whaling"?
This framework centralized 18+ US state privacy laws to allow customers to best reflect best privacy practices.
What is USDP?
Vanta has MANY customers who utilize our SOC 2 framework, so they can effectively demonstrate the secruity of their systems.
What is System and Organization Controls?
You can download a summary of this report with Doyensec's findings, to assure customers that we do this testing at least once every year.
What is penetration report?
This term refers to the input or question that you give an AI model to guide its output.
What is a prompt?
This attack wears your down by spamming you with dozens of requests to approve a login. (Our EE team would never do this!)
What is a "push spam" attack?
This framework (that Vanta itself is compliant with!) is the most automated, of all of Vanta's frameworks.
What is FedRAMP 20x?
This secure, encrypted connection, VPN, protects data between your device and the internet. Vanta requires it to access production.
What is virtual private network?
This is the number of resources (documents and links) that customers and prospects can get access to learn more about Vanta's security and compliance - without even needing to talk to a human!
What is 37?
This Vanta feature is marketed as "the sharpest GRC engineering you've never had to hire."
What is the Vanta AI agent?
If someone owned the domain "Vaanta.com" (instead of the obviously correct vanta.com) they could use this malicious technique.
What is a spoofed/typosquatted domain?
This frameworks ensures your IT systems comply with Austrlia's ACSC-mandated cotrols.
What is Essential 8?