Today, agentic trust platform Vanta is announcing multiple product enhancements built to redefine how enterprises manage trust at scale. Powered by intelligent automation, Vanta’s unique Agentic Trust Platform helps teams understand their environment, anticipate what’s next, and coordinate workflows across compliance, risk, and proof.
According to Vanta’s 2025 State of Trust, 72% of business and IT leaders say overall risk is at an all-time high, yet nearly two-thirds spend more time posturing than protecting their organization. This highlights the need to adopt AI in ways that enhance security and decrease busywork.
“CISOs today are under enormous pressure to balance risk, resilience, and resources,” said Phil Harris, Research Director, IDC. “Vanta’s new Agentic Trust Platform brings automation and intelligence together to continuously manage – not just monitor – security and compliance. By reducing manual effort and surfacing the right metrics, it helps leaders protect the business through uncertainty while proving measurable trust at scale.”
Vanta’s Agentic Trust Platform is an enterprise-ready platform with multiple components
Vanta AI Agent 2.0 is the intelligent core of Vanta’s Agentic Trust Platform, acting as a built-in GRC engineer that understands an organization’s compliance landscape end-to-end. It automates audit prep, streamlines vendor reviews, and turns static policies and frameworks into dynamic,connected workflows.
Organizations Center is designed for global enterprises, and connects multiple Vanta organizations into one intelligent system of record. CISOs gain complete visibility across business units, products, and geographies – with AI-powered scoping and audit workflows that simplify the audit process as teams and systems evolve.
Risk Graph: The Vanta Risk Graph unifies risk management across people, vendors, systems, and controls – turning fragmented data into a single, real-time map of organizational risk. It shows how risks connect and spread, helping teams pinpoint high-impact issues and take guided action before they escalate.
Customer Commitments: Customer Commitments centralizes every customer promise, like breach notifications, SLAs, and subprocessor updates, into one place. By mapping those contractual obligations to the right controls and automating follow-through, it ensures every commitment is tracked, met, and transparently communicated.
“Modern enterprises win or lose on trust,” said Jeremy Epling, Chief Product Officer at Vanta. “With our Agentic Trust Platform, we’re creating a new operating model for trust – a single, intelligent system that connects risk, compliance, and proof so teams can move faster, make smarter decisions, and stay ahead. Our goal is simple: to make it effortless for every business to continuously earn and prove trust.”
“Launched in July, the Vanta AI Agent saves customers an average of four hours per week by automating evidence collection and streamlining policy management,” said Phil Harris, Research Director, IDC. “Vanta AI Agent 2.0 orchestrates trust workflows. The Vanta AI Agent 2.0 is evolving into a dynamic 24/7 GRC engineer with complete program awareness and understanding. Powered by context and memory, the Vanta AI Agent 2.0 cancels and exposes program gaps, provides proactive, personalized guidance, and even takes coordinated actions on critical work.”
The Vanta AI Agent 2.0 can now:
- Accelerate audit preparation: Automatically collects and validates evidence, eliminating one of the most time-consuming and error-prone parts of audit prep. Asking the agent to help with various elements of audit prep such as identifying updates for a new framework, drafting policies for an office expansion, or recommending privacy adjustments for EU operations generates actionable, tailored responses in seconds.
- Automate security questionnaires: Takes the first pass at questionnaires – filling in verified answers, surfacing gaps before they slow reviews, and giving sales and security teams ready-to-share responses to close deals faster.
- Review and monitor vendors: Streamlines vendor oversight from discovery and due diligence through continuous monitoring, surfacing high-priority alerts so teams can focus where it matters most.
“At Snyk, we take security and compliance seriously, which is why we chose Vanta to help drive continuous compliance. We’re loving the Vanta AI Agent – it’s helping us answer policy questions and validate alignment,” said Allie Fumicello, Lead Compliance Manager, Snyk. “We’re excited for its capabilities to expand, as the ability to connect the dots will be invaluable as we scale our GRC program.”
The Vanta AI Agent 2.0 will be available in the coming months.
As companies grow, so does the complexity of their compliance and risk programs with new products, acquisitions and regions introducing additional compliance frameworks and siloed information. Designed for CISOs and GRC leaders, Organizations Center connects multiple Vanta organizations into a single view while maintaining separation where needed. Along with Organizations Center, new enterprise capabilities will allow businesses to:
- Define scopes across an organization: Defines scope by business unit, product line, geography, or acquisition. Vanta updates automatically as systems, personnel, or vendors change – keeping compliance current without manual effort.
- Manage auditor requests: Simplifies audit collaboration by managing auditor requests, internal reviews, and evidence evaluation directly in Vanta or through the API.
- Unify overlapping frameworks: Groups related controls into common requirements with mapped evidence, policies, and risks.
Risk Graph unifies risk management
In a connected business environment, even a single vendor vulnerability or internal misconfiguration can ripple across supply chains, compliance frameworks and customer obligations. According to Forrester, organizations are expanding their ecosystems of third-party relationships, creating interconnected risk exposure that traditional approaches struggle to manage.
Vanta’s Risk Graph creates a single source of truth for risks across the organization, turning disconnected alerts into a connected map that shows relationships across risks and how they spread throughout an environment. By combining first-party signals from a company’s internal risk environment with third-party insights on vendors and flagging risks as they surface, Vanta’s Risk Graph enables teams to prioritize the highest-impact risks and trigger automated workflows from the Vanta AI Agent. The result is that teams can see not just what the risks are, but how they connect and where to act first.
“Vanta has been an indispensable partner for staying audit-ready and highly-secure in a fast-moving industry,” said Nasar Massis, Governance Risk and Compliance Lead, Perplexity. “Velocity is how we work, and Vanta lets us accelerate.”
The Vanta Risk Graph will be available in early 2026.
Customer Commitments is the first and only intelligent compliance solution that centralizes, tracks and acts on every promise an organization has made. It sends alerts if commitments are at risk, automates workflows to act on triggered commitments, maps commitments to relevant controls, and keeps customers informed through the Trust Center with verified, transparent updates.
“Customer Commitments is exactly what teams need to manage obligations with confidence. It streamlines the process of tracking and upholding customer requirements by centralizing everything in one place across teams,” said Craig Schwartz, General Counsel & Head of InfoSec, Nominal. “Beyond strengthening compliance and security, it turns compliance into a growth driver, not just a cost centre.”
Customer Commitments is in preview and will be available next year.
Vanta will debut and demo its Agentic Trust Platform tomorrow, November 19 at 9:30am PT at VantaCon