Show:
Susie Security
Vanta Differentiators
Security Maturity
SLED 101
Fed 101
100

In the smaller SLED accounts, how would you describe Susie's role, strategic or technical?

Technical

100

Vanta highlights this number of integrations as proof of enterprise-grade automation depth.

400+

100

What is the most advanced security maturity stage

Adaptive

100

What does SLED stand for 

State, Local, and Education

100

Is Vanta FedRAMP Authorized 

FedRAMP 20x Low Authorization

200

What are typical titles Susie security will have 

Security, GRC, Trust, or Risk Lead

200

Vanta has this many automated tests done hourly to support deeper automation.

1400+

200

What describes a security program that is risk-informed 

Scaling security program, formalizing controls, starting risk tracking

200
Name one SLED example covered in the training

Los Lunas, City of SF, University of California 

200
Name one challenge for the traditional ATO process

point-in-time security review, Heavy documentation, Long approval cycles (months to over a years), After approval, systems could change a lot without continuous reassessment

300
For smaller teams with one security hire, how many frameworks is Susie typically managing

1-2 frameworks

300

Name at least one product feature that proves Vanta supports Enterprise scale 

IRLs, Issue management, Customer commitments , Adaptive scoping (BUs, Segments, Frameworks), Interconnected platform

300

What stage of security maturity does Susie start to show up?

Risk-informed

300

What is the biggest obstacle in smaller SLED accounts like Los Lunas

Budget

300

T/F: Vibrant Health achieved FedRAMP Rev5 Moderate in 4 months

True

400

Susie often inherits this messy combination when taking over the security and compliance program.

Spreadsheets, shared drives, and point solutions

400
Vanta's unified risk management includes continuous monitoring of internal and ___________ risks. 

third party vendor (supply chain)

400

In the secucrity maturity model, this stage comes before Repeatable and after Partial.


What is Risk-Informed?

400

The University of California example gas what kind of buying environment

Multiple stakeholder, decentralized 

400

What versions of FedRAMP does Vanta support

FedRAMP rev.5 framework including the Low, Li-SaaS, Moderate, and High levels. FedRAMP 20x including Low and Moderate

500

What key security areas does Susie need Vanta to control 

Compliance, risk, vendors, access

500

What are the four key differentiators that Vanta anchors on

1. Automation depth and AI
2. Unified view of risk
3. Designed for enterprise scale
4. Leadership for the long term

500

What discovery question can you ask when positioning Vanta in regards to security maturity

Are they looking to build, scale, or optimize? 

500

What usually prolongs sales cycles with SLED Accounts

Procurement: formal approval steps, purchasing rules, legal review, contract vehicle requirements

500

What is one of the primary objectives that Fed buyers want to achieve when using Vanta

Vendor risk management via ATO, Verifiy vendors are in compliance (ie FedRAMP, NIST, or custom)