> ## Documentation Index
> Fetch the complete documentation index at: https://pentest-tools.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Vanta integration

> Sync security findings to Vanta for compliance monitoring

The Vanta integration syncs your security findings to Vanta for compliance monitoring and evidence collection.

<Info>
  Available on **NetSec**, **WebNetSec**, and **Pentest Suite** plans.
</Info>

## What is Vanta?

Vanta is a security and compliance automation platform that helps organizations achieve and maintain compliance certifications like SOC 2, ISO 27001, HIPAA, and more.

## Benefits

<CardGroup cols={2}>
  <Card title="Automated evidence" icon="file-check">
    Findings automatically provide compliance evidence.
  </Card>

  <Card title="Continuous monitoring" icon="radar">
    Keep your compliance posture up to date.
  </Card>

  <Card title="Centralized view" icon="eye">
    See security status alongside other compliance data.
  </Card>

  <Card title="Audit ready" icon="clipboard-check">
    Findings ready for auditor review.
  </Card>
</CardGroup>

## Setting up Vanta

<Steps>
  <Step title="Link your Vanta account">
    Go to Settings > Integrations > Vanta and click "Link Vanta account".
  </Step>

  <Step title="Authorize the connection">
    Authorize Pentest-Tools.com in Vanta.
  </Step>

  <Step title="Select workspaces">
    Choose which workspaces to sync findings from.
  </Step>

  <Step title="Configure scheduled scans">
    Optionally enable Vanta sync for specific scheduled scans.
  </Step>
</Steps>

## Sync options

### Workspace sync

Select workspaces to sync their findings to Vanta. Only open findings rated medium severity or above, generated by scanner tools, are included. Informational findings and false positives are not sent. The sync runs daily at 05:00 UTC, so new findings can take up to 24 hours to appear in Vanta after a scan completes.

### Scheduled scan sync

Enable Vanta sync on specific scheduled scans to push findings to Vanta when each run finishes, rather than waiting for the daily sync.

## What gets synced

| Data         | Description                                            |
| ------------ | ------------------------------------------------------ |
| **Targets**  | Assets being scanned                                   |
| **Findings** | Open vulnerability findings, medium severity and above |

## Compliance frameworks

The integration supports evidence for:

* SOC 2
* ISO 27001
* HIPAA
* PCI DSS
* GDPR

<Tip>
  Configure workspace sync so Vanta always reflects your current findings.
</Tip>

## Managing the integration

From the Vanta integration settings, you can:

* View linked workspaces
* Enable/disable workspace sync
* Configure scheduled scan notifications
* Unlink your Vanta account

## Unlinking Vanta

To fully remove the integration:

1. Unlink from Pentest-Tools.com in Settings > Integrations > Vanta
2. Log into Vanta to complete the removal

<Warning>
  Unlinking removes the sync configuration. You'll need to reconfigure workspaces if you reconnect.
</Warning>

## Troubleshooting

<AccordionGroup>
  <Accordion title="Findings not appearing in Vanta">
    * Verify the workspace is selected for sync
    * Check that findings are validated
    * Allow time for sync to complete
  </Accordion>

  <Accordion title="Authorization failed">
    * Try unlinking and relinking the account
    * Check your Vanta permissions
    * Contact support if issues persist
  </Accordion>
</AccordionGroup>

## Related topics

* [Nucleus integration](/capabilities/integrations/nucleus)
* [Findings](/core/findings/findings)
* [Workspaces](/core/workspaces)
