Vanta

What is Vanta?

Vanta is security-in-a-box for technology companies, covering everything from laptops to infrastructure, and using a suite of simple, effective, and easy-to-deploy tools. We’re in closed beta, have a backlog of customers to engage, and since we began onboarding users, we’ve had no customer churn. Help us secure the internet, increase trust in software companies, and keep consumer data safe.

CUSTOMER COMES FIRST

We are so user centric that we’re currently on a first name basis with our users/customers.

We’ve previously been on a first-name basis with our customers, and while that won’t always be true, we’ll always be absurdly close to them. Everyone on our team talks to users about what they’re building or doing. Our engineers rotate each week to do oncall support (during normal business hours) so that they can help debug support issues. As an engineer, this means that you’ll put down your normal project for the week and (very likely) dive into different parts of the codebase that you probably have never before. This practice is two-fold: it ensures that multiple people are familiar with every part of our codebase and keeps everyone close to our customers and their needs.

We are uncomfortable working with engineers who feel comfortable building things without customer feedback. We’re an incredibly customer-centric company and actively seek out other customer-centric engineers to join our team.

START-TO-FINISH OWNERSHIP

We like to work with folks who are excited about making and carrying out their decisions, whether in the code they write or the partnerships they strike.

Someday, Vanta will need strict departments and handoff points between owners/teams. We don’t have – and don’t want – those things today.

To date, our product helps companies to check their security settings, but we will eventually build out the ability for Vanta to also prevent vulnerabilities. For example, in addition to checking the settings on your laptop and alerting you – do you know if everyone at your company has encrypted their laptop’s hard drive? – we also want to make it easy for you to fix or change settings. Security related to email, laptop, VPNs, and SSH keys may seem like standalone products, but they’re really part of the security-in-a-box solution that we are building for technology companies so that they can focus on their products. As a result, there is a tremendous amount of room for engineers to fully own projects.

PRODUCT-DRIVEN

Everyone at Vanta really likes technology, but we’re much more focused on the impact brought by well-leveraged technology.

We think of code a superpower that we can wield to make folks’ lives better. Today, B2B companies are asked to fill out questionnaires and do security reviews that take a long time, and if incomplete, cause them to lose customer and slow the growth of their business.

Companies then task their engineers to “go get SOC 2 compliance,” which is a months-long audit that ends in a long PDF with a lot of security rules like “everyone has 2-factor authentication” and “all laptops are encrypted.” Once all of these “gaps” are fixed, companies call an auditor (a non-technical CPA, no joke) to manually check all the rules and whether they’re followed.

As you can imagine, this is a huge pain point for companies and their engineers, and this is where Vanta steps in. We explain how this process works and ask whether companies would prefer their security is checked by robots or humans. [Spoiler alert: the choice is robots.] Companies can then prove their security to auditors, get reports, and accelerate sales and grow their business, and return to the product/customer-centric work that led them to start their business in the first place.

Our business growth has outpaced our team growth, because we put in the time upfront to validate our market, business, and product before writing code. We are currently in closed beta, have a backlog of customers to engage, and since we began onboarding users, we've had no customer churn.

INTERNAL MOBILITY

You have room to explore at Vanta.

Our business is strong and growing, and our team is small. We’ve de-risked and proved out a lot, but there’s many more open questions we’re excited to tackle together.

If you’re an engineer curious about sales, we’ve got prospects with whom you can work; if you’re an engineer who loves designers, we’ve got loads of product surface for you. If you’d like to design entire products, we’ve got room for that too – and as Vanta grows, you’ll be known as the architect of that product.

TEAM IS DIVERSE

We’re a small team, but we cover a lot of ground.

Vanta was founded by Christina and Erik, who both started companies previously that were acquired. The team has different thoughts, hobbies, and experiences; as a quick example, we’ve had pet dogs, pet cats, and also pet panthers. One of us sold old toys on eBay while another eBay'd rebuilt motorcycles with a starting price of $1.00. (Guess who made more money?)

Our engineers include folks who have 10 years of open source work and someone with a PhD in Japanese literature. (It’s never too late to start coding!)

While our backgrounds are varied, we have all arrived at the same place: securing the internet, increasing trust in software companies, and keeping consumer data safe.

WEARS MANY HATS

Inherent to being on a small team, we all have what would be a few roles at a larger company.

Engineers at Vanta are full stack, coding and designing front- and back-end pieces of Vanta. Everyone receives support emails (though not everyone answers them.) Engineers at Vanta make design and product decisions, define the roadmap, and prioritize their own work on a day-to-day basis, hire new team members, and everything else in between. These are some of the hats you can expect to wear should you join us.

Being multifaceted is incredibly important to us because we work on the highest-priority issues, and the highest-priority thing isn’t restricted to a single part of the tech stack. Having exposure across the stack and departments suits folks who enjoy going broad rather than deep, as well as anyone interested in founding a company someday.

LIGHT MEETINGS

We’ve worked at companies that require consensus all the way down, but we’d prefer to empower individual engineers with the context to make user-centric decisions.

We have one meeting a week that takes place on Monday at 9:30am. It lasts 30-45 minutes and is the only synchronous meeting we have. It’s an overview of everything that’s happening across the company: revenue, sales, state of recruiting, progress on engineering milestones, etc.

We also have a #mondaysync Slack channel for an asynchronous standup. We each post (1) what we plan to do in the upcoming week, (2) what we did last week (with emojis for what got punted and what ended up irrelevant.) That’s it.

To avoid silos or miscommunications, we make all channels on Slack open and give everyone access to all systems, from billing to support to infrastructure.

We also care a ton about folks’ emotional well-being and have weekly 1:1s for bigger-picture thoughts, feelings, and catch-ups.

RISK-TAKING > STABILITY

Measure twice, cut once.

We believe that nearly everything can be de-risked, and the things many people consider risky can be – should be – made less risky with upfront research. We believe this so strongly we did it with Vanta: we spent ~a year validating the product, market, business, and product need upfront, all without code. Once we started to code, we knew precisely what to build, and we were able to ramp users and revenue quickly. As soon as we found product/market fit, we start sprinting. We've raised millions of dollars from Y Combinator, Pear, and Neo, and we make nearly as much as we spend.

We’re very Richard Hamming about things: “A random walk of random decisions will not get you anywhere near as far as those taken with your own vision of what your future should be.” If this resonates with you, we’d love to meet you.

Our office

The Mechanics Institute long ago; today, our favorite adding machines are of the Apple variety.

We love our office in the Mechanics Institute, outside the Montgomery BART stop, in San Francisco. The Institute was founded in 1854 to equip mechanics – out-of-work gold miners, really – with the skills needed to earn livings.

The fourth floor of Mechanics holds the nation’s oldest, continually-operating chess room, and we're always up for chess games.