{"slug": "how-vanta-learned-to-trust-ai", "title": "How Vanta Learned To Trust AI", "summary": "Vanta, an agentic trust platform, crossed $300M in ARR by integrating AI into its security and compliance product, a domain where trust is traditionally hard to earn. The company learned to trust AI by carefully wiring it into workflows, demonstrating that AI can enhance reliability in high-stakes environments.", "body_md": "[Open Source CEO by Bill Kerr](../)- Posts\n- How Vanta Learned To Trust AI\n\n# How Vanta Learned To Trust AI\n\n## Wiring AI into the one product where AI isn't supposed to be trusted. ⚡️\n\n👋 Howdy to the 3,253 new legends who joined since our last edition! You are now part of a 460,968-strong tribe outperforming the competition together.\n\n**LATEST POSTS** 📚\n\nIf you’re new, not yet a subscriber, or just plain missed it, here are some of our recent editions.\n\n🦠 [The Black Death & How It Birthed Today's Prosperity](https://www.opensourceceo.com/p/black-plague). How one little flea, on one little rat, changed the course of history.\n\n💅🏼 [Let's Talk About Benefits, Baby](https://www.opensourceceo.com/p/bip-athyna-benefits). Three benefits everyone should have to supercharge their culture.\n\n👾 [Treating Candidates Well, Post-Training & AI Recruitment](https://www.opensourceceo.com/p/sofia-faiman-interview). An interview with Sofia Faiman, Recruitment Manager at Athyna.\n\n**PARTNERS **💫\n\n[Framer is a pro website builder](https://framer.link/zrjJwnQ?utm_source=www.opensourceceo.com&utm_medium=referral&utm_campaign=how-vanta-learned-to-trust-ai) trusted by companies like Miro and Perplexity that helps creators, teams, and businesses ship production-ready sites faster than ever.\n\nWith AI agents built directly into the canvas, teams can design pages, manage CMS content, write copy, add SEO, and audit for issues—all without leaving the tool where the real site lives. [Agents bring speed and scale](https://framer.link/zrjJwnQ?utm_source=www.opensourceceo.com&utm_medium=referral&utm_campaign=how-vanta-learned-to-trust-ai); you bring taste, judgment, and control.\n\nAlumni Ventures is giving readers early [access to high-potential startup opportunities](https://www.av.vc/funds/aifirst/the-ai-report?utm_medium=email&utm_source=tofu&utm_content=partner-follow-up&utm_campaign=OpenSourceCEOJuneASend), including some of today’s most exciting AI, Deep Tech, Quantum Computing, and Cybersecurity companies co-invested alongside VC firms like Andreessen Horowitz (a16z), Bessemer, & Y Combinator. You get:\n\n[Curated deal flow](https://www.av.vc/funds/aifirst/the-ai-report?utm_medium=email&utm_source=tofu&utm_content=partner-follow-up&utm_campaign=OpenSourceCEOJuneASend)of high-potential AI startupsInvest alongside elite lead venture firms\n\nNo cost to see deals\n\nNo obligation to invest\n\n*Interested in **sponsoring these emails?** See our *[partnership options here](https://www.passionfroot.me/open-source-ceo?utm_source=www.opensourceceo.com&utm_medium=referral&utm_campaign=how-vanta-learned-to-trust-ai)*.*\n\n**HOUSEKEEPING** 📨\n\nbeehiiv, the platform this newsletter is written on, is hosting its [Summer Release 26 event](https://www.beehiiv.com/summer-release-2026?utm_source=www.opensourceceo.com&utm_medium=referral&utm_campaign=how-vanta-learned-to-trust-ai) in a few weeks from now. If you’re creator-curious, or even a start-up or scale-up that takes content seriously—[Ramp, Brex, Kalshi, and more use beehiiv](https://www.beehiiv.com/case-studies?utm_source=www.opensourceceo.com&utm_medium=referral&utm_campaign=how-vanta-learned-to-trust-ai)—then you should check it out. beehiiv are so far ahead of their competitors and ships faster than any company I’ve ever seen.\n\nThey are also growing crazy *fast*. It’s been fun to watch their major releases go from their scrappy product updates blog to a full [Airbnb-style release event](https://www.beehiiv.com/summer-release-2026?utm_source=www.opensourceceo.com&utm_medium=referral&utm_campaign=how-vanta-learned-to-trust-ai). Anyway, I’ll be there. Jump in too if this type of stuff excites you.\n\n**DEEP DIVE** 🕵🏻\n\n# How Vanta Learned To Trust AI\n\nAgentic trust platform [Vanta](https://vanta.com/?utm_campaign=vanta_ai_deep_dive&utm_source=open-source-ceo&utm_medium=newsletter) just surpassed [$300M in ARR](https://www.vanta.com/resources/vanta-crosses-300m-in-arr-as-growth-accelerates/?utm_campaign=vanta_ai_deep_dive&utm_source=open-source-ceo&utm_medium=newsletter). An incredible feat, considering it was mere months after surpassing $200M. You might assume the Vanta story started when it was founded in 2018. *You’d be wrong*. Vanta’s story can be traced back to the canals of Venice in the year 1494, when Franciscan friar Luca Pacioli published ‘Summa de arithmetica.’ 615 pages, 27 of them describe a Venetian merchant trick called double-entry bookkeeping.\n\nLuca’s publication was a defining moment for *trust* as we think of it today, and if Luca was the grandaddy of trust, then double-entry bookkeeping is the great-great-great-great-grandparent of SOC 2.\n\nFast forward half a millennium, and [Vanta is trying to put](https://vanta.com/?utm_campaign=vanta_ai_deep_dive&utm_source=open-source-ceo&utm_medium=newsletter) its own historical stamp on the space. The interesting balancing act for Vanta is that AI—the technology superpowering this new era of trust (and no, the em dashes I am using here do not denote AI)—is the least trustworthy technology since the polygraph. As my grandfather would say, ‘You wouldn’t trust it as far as you could throw it.’\n\nSo, what is Vanta building, and more importantly, *how* are they building it? I sat down to interview SVP of Engineering, [Iccha Sethi](https://www.linkedin.com/in/icchasethi/?utm_source=www.opensourceceo.com&utm_medium=referral&utm_campaign=how-vanta-learned-to-trust-ai), and Director of Engineering, [Ignacio Andreu](https://www.linkedin.com/in/plunchete/?utm_source=www.opensourceceo.com&utm_medium=referral&utm_campaign=how-vanta-learned-to-trust-ai), to find out.\n\n# Trust = An ancient business technology\n\nWe took you back 500 years, but trust has been a key to how humans have operated since we stood upright and walked our asses out of the savannah, so let’s take a quick stroll down memory lane, starting nearly 5,000 years ago in Ancient Egypt.\n\nTeleport back to ~2,500 BC, Egypt, and you’ll find scribes counting grain in the Pharaoh's storehouses. This was the first known audit. They cross-checked each other, so neither one could skim. The trust system at this point in history is two humans watching each other.\n\nFast forward to Ancient Rome, ~1st century BC, when the Latin verb *audire* enters the language of accounting. Auditors listen to the books being read aloud. Sweet, sweet music to their auditor-y ears. Shift forward again, and we are in Venice, 1494, with our aforementioned Luca Pacioli publishing the Summa. The first time the audit toolkit was written down for the world.\n\n‘Trust me, you’re gonna love it.’\n\nLondon, 1688, and Edward Lloyd opens a coffee house on Tower Street. Shipowners and merchants meet there to write insurance, birthing maritime trust without a king or a bank. The trust system is a room of guys nodding at each other.\n\nIn 2002, Enron implodes, and Sarbanes-Oxley is born. Compliance becomes a multi-billion-dollar industry overnight. The trust system is now a federal law with teeth. Then, in 2009, Satoshi Nakamoto launches Bitcoin. The trust system is now cryptography and consensus. |\n\nIn 2018, a[ ](https://vanta.com/?utm_campaign=vanta_ai_deep_dive&utm_source=open-source-ceo&utm_medium=newsletter)[Y Combinator company called Vanta—](https://vanta.com/?utm_campaign=vanta_ai_deep_dive&utm_source=open-source-ceo&utm_medium=newsletter)you may have heard of them—[launches to automate SOC 2](https://vanta.com/?utm_campaign=vanta_ai_deep_dive&utm_source=open-source-ceo&utm_medium=newsletter). The trust system gets a SaaS dashboard. And in 2026, that same Vanta runs LLM-as-judge on LLM outputs to grade them against golden datasets curated by ex-auditors. The trust system has evolved into AI policing AI.\n\nWhy is it that we’ve continued to build all these incredible, ingenious ways to trust, but verify? Well, every previous trust technology was built to verify *humans*. Bernard Madoff, Jordan Belfort, Charles Ponzi (yes, he of the famed pyramid); they would all steal your shoes right off your feet if you weren’t looking. [Vanta might be the first ](https://vanta.com/?utm_campaign=vanta_ai_deep_dive&utm_source=open-source-ceo&utm_medium=newsletter)organization in 4,000 years that has to verify the *machine*, too.\n\n# When compliance meets AI\n\nIt’s interesting to think about the meeting of compliance and AI. Some folks think it’s like oil and water; others like PB&J. But really, AI *should* be exceptional when running a compliance program. Why? Compliance, policies, controls, risks, evidence, attestations, and audit notes are all just a jumbled confluence of words. And what does AI—in our current iteration, also known as Large Language Models—do better than any technology in history? They process *said* words.\n\nIt’s also interconnected. Change a policy, change a control; change a control, you change a test. You get what I am saying? Well, for the non-GRC (oh yeah, by the way, that stands for Governance, Risk, Compliance) nerds amongst us, myself included, what I am saying is: compliance works like a chain reaction. Allow me to explain in greater depth. Security works like this: Framework → Policy → Control → Test → Evidence.\n\nStage | What it does | Why it’s important |\n|---|---|---|\nFramework | The external standard your auditor brought. SOC 2, ISO 27001, HIPAA, GDPR, ISO 42001. Tells you which categories to govern. | The rulebook. Tells you |\nPolicy | Your written answer to the framework. “We encrypt customer data at rest.” “Production access auto-expires after 90 days.” | Your declared intent. The ‘what we say we do.’ In writing, the auditor holds you to it. |\nControl | The mechanism that makes the policy real. AWS S3 with AES-256 on. Okta-gated production access. IAM rules that auto-revoke. | The ‘how we do it’ layer. A policy without a control is a wish. |\nTest | The recurring check that proves the control works. “Pull the S3 config monthly, confirm encryption is on for every bucket.” | A control you never check is a control you don’t have. Catches drift before the auditor does. |\nEvidence | What the test produces. Screenshots. Log exports. Config snapshots. Attestations. | What the auditor reads. No evidence means no test happened. |\n\nIt’s a massive exercise in IFTTT (If This Then That) and one that is incredibly cumbersome. Take an in-office team that decides to go partly remote; how you treat connecting to the Internet requires a new policy, new controls, tests, and finally, evidence. That's *one* decision. ‘Let's go partly remote’ turns into eight downstream items, minimum. Miss any one of them, and you've got an audit finding. Worst of all, there is some poor sod in the security team who has to hold every dependency in their head. It’s a recipe for disaster.\n\n*Writing a policy takes a long time. Analysing all your information and coming up with a good set of risks takes a long time. When things change, figuring out what risks need to be updated takes a long time. That's still a lot of wading through information for a human. And LLMs are really good at analyzing text and generating suggestions.*\n\nSo, hopefully, by now we are all of the opinion that AI can be good for defensive security. The scary thing is, it’s also just as good at offensive cyber *attacks*.\n\nWe, as an industry, need to be able to fight AI fire with AI fire; Mythos v Mythos. But the harder question, and [the one Vanta's engineers ](https://vanta.com/?utm_campaign=vanta_ai_deep_dive&utm_source=open-source-ceo&utm_medium=newsletter)have been chewing on for two years, is the philosophical one. How do you build AI into a product where being wrong isn't a quirk; it's an audit failure?\n\n# ‘The Trust Paradox’\n\nLLMs hallucinate, drift between runs, and operate non-deterministically by design. Add to that, for the average, everyday human, anything tinted with AI seems to be viewed through excrement-colored glasses. A recent study by the University of Melbourne and KPMG found that only 46% of people in the U.S. trusted AI in general. An [Edelman study from 2025](https://www.edelman.com/sites/g/files/aatuss191/files/2025-11/2025%20Edelman%20Trust%20Barometer%20Flash%20Poll%20Trust%20and%20Artificial%20Intelligence%20at%20a%20Crossroads%201.pdf?utm_source=www.opensourceceo.com&utm_medium=referral&utm_campaign=how-vanta-learned-to-trust-ai) was even worse, citing 32% trust.\n\nHow, then, does a company like Vanta build on the idea of *trust and* inject it into the product, comms, and story? “That's something we think about a lot,” Ignacio would tell me, “Because if we do things for you but you end up non-compliant because of it, that's a problem. If we're not actually adding to your security posture, that's a problem.”\n\nAdd to that, Iccha and the team have to deal with the impossible fact that the *models* are always changing: \"The non-deterministic nature of LLMs means exactly that, even with the same model and the same prompt, you can get different outputs.\n\nI ran the same demo six times yesterday with the same model and prompt, and on the sixth run, it gave me a completely different answer. That can happen because frontier companies are also constantly tweaking their models underneath. There's drift; something is always changing under the hood.\" In sum, what works today is no guarantee to work tomorrow. | Source: |\n\n**Iccha would also go on to fire shots at a beloved technology hero from days past: \"If you're giving wrong suggestions, users lose trust in the product. They start ignoring it, like they ignored Clippy.\" I consider this blasphemous, but I digress.*\n\n# How Vanta are attacking it\n\nFour design principles came up in every conversation I had with Vanta's engineering leaders: the user calls the shots, the agent does the work, the human signs it off; agents verify agents, a tidy human-out-of-the-loop loop; rollback is a reflex, not an emergency; and the customer data door stays shut. Three more ideas from Ignacio and Iccha stood out.\n\n### Ignacio’s 2019 vs 2026 frame\n\n“Lately, when we work on features, my go-to question is: are we doing the 2019 version of this feature or the 2026 version?” quipped Ignacio when explaining his building mindset. This thought stems from the 2019 instinct, the one most engineers still have, to write a 4,000-token prompt with seventeen rules and edge-case handling for every imaginable scenario. The instinct came from the era of GPT-3 and early Claude, when models genuinely couldn't be trusted to choose their own paths. Engineers learned to write very prescriptive prompts because prescriptive prompts were the only way to keep the model on the rails.\n\nSource: [Vanta](https://www.vanta.com/customers/duolingo/?utm_campaign=vanta_ai_deep_dive&utm_source=open-source-ceo&utm_medium=newsletter).\n\n\"It's easy to have an AI intuition that pushes you toward doing something that makes the model less powerful, where you write very detailed, very piecemeal instructions and essentially remove a lot of the capabilities that these LLMs have.\" Vanta counteracts this by introducing [outcomes-based design](https://vanta.com/?utm_campaign=vanta_ai_deep_dive&utm_source=open-source-ceo&utm_medium=newsletter). The model gets the goal, the tools, and the context; the path becomes the model's job.\n\n### Iccha’s “Quality Hill Climb”\n\nIf Ignacio gave us the mindset—and a decent soundbite—Iccha spills the beans on the architecture: how they actually build this thing. She calls the time directly following a product release the “Quality Hill Climb” (capitalized for gravitas). “That's the long slog,\" as she also put it.\n\nIccha thinks about a typical product release; the work that goes in before the climb: the prototype, the rough flow, the initial customer problem framing, as the easy bit. The climb is what separates a feature that demos well from a feature you'd let near an audit. To ship features strong enough to serve the likes of |\n\nRemembering that Vanta has a policy against training on customer data, these *golden* datasets are datasets built by Vanta’s suite of in-house [GRC experts](https://www.vanta.com/products/grc?utm_campaign=vanta_ai_deep_dive&utm_source=open-source-ceo&utm_medium=newsletter). These are former auditors, ex-CISOs, heads of security, etc. The type of folks who would have been happy confiscating your fake ID at the front door of the club when you were 15-years of age. These compliance hawks author what a ‘good’ output looks like, by hand. They're the model's North Star.\n\n## Are you interested in learning more about Vanta? |\n\nAnother interesting tidbit is Vanta’s “Eval Maturity Model,” coined by a Vanta employee I know only as Andy. This mysterious Andy of Vanta built what Iccha called a “four-step pyramid.”\n\nThis includes: 1) traces; every agentic feature leaves a trail of breadcrumbs you can call back to, 2) evaluators; these are tests on top of the model, to judge if the model did what was expected, 3) LLM-as-a-judge; a stage inserted once a feature is at scale to help human evaluators (using Vanta's internally developed evaluation datasets), and 4) experiments; a stage of evals running head-to-head comparing new vs old models, variations in promting and loads more. | 90s kids will get it. |\n\n### The neverending feature\n\nSomething that was also highlighted by both Iccha and Ignacio was the fact that the biggest shift from traditional software releases is that shipping is never finished. A feature you launched a year ago might be running on a deprecated model right now, or its weights may have been tweaked, or customer expectations may have shifted. Add all this together, and you start to realize that just like diamonds, *quality work is forever*.\n\n**Note: By the way, if you get the chance, check out this interview with Christina, Vanta’s founder & CEO, when you get a sneaky moment.*\n\nEvery shipped feature under this new paradigm is a long-tail liability. The companies that win are the ones whose engineering culture, [like Vanta](https://vanta.com/?utm_campaign=vanta_ai_deep_dive&utm_source=open-source-ceo&utm_medium=newsletter), has internalized this from day one. The companies that lose are the ones who ship a wave of AI features in a sprint, watch them slowly degrade over the next eighteen months, and don't understand why.\n\n# What does it all mean?\n\nWhat does AI actually look like when using a trust platform like Vanta to manage your compliance? Here are a few examples (taken verbatim from the Vanta AI page).\n\n**Instant, expert answers:** The[Vanta AI Agent](https://www.vanta.com/resources/introducing-vanta-ai?utm_campaign=vanta_ai_deep_dive&utm_source=open-source-ceo&utm_medium=newsletter)knows your program inside and out and is always ready with an accurate, well-cited response to any question, whether you're just starting out or managing a complex program.**Your second set of eyes:** No audit surprises here. Instantly verify your evidence and documentation, and get clear, actionable feedback if anything's missing.**Questionnaire responses in seconds:** Make customer security questionnaires a breeze. Vanta automatically suggests answers for you based on your knowledge base and previous responses, with a 95% acceptance rate. Just review and submit!\n\n**Proactive vendor risk monitoring:** Get ahead of third-party risk. Review your vendors, continuously monitor their attack surfaces, and receive real-time alerts about issues so you can respond quickly.**Policies and practices in sync, automatically:** Compare your policies to what’s really happening, flag inconsistencies in your program, and recommend fixes before they become problems.**Faster remediation:** Help your dev team resolve issues without slowing down by generating personalized remediation snippets for tools like Terraform, AWS CLI, and CloudFormation.\n\n# Sidebar: A day in the life of an SVP\n\nIccha, our superstar SVP at a [$300M ARR company](https://www.vanta.com/resources/vanta-crosses-300m-in-arr-as-growth-accelerates/?utm_campaign=vanta_ai_deep_dive&utm_source=open-source-ceo&utm_medium=newsletter), deliberately splits her week into two buckets: \"The way I think about my time: a certain percentage is forward-thinking, for the company and for the engineering org. And a certain percentage is running the engineering org operationally. I actually separate those out.\"\n\nMe and the SVP.\n\nFrom memory (or technically from my notes and transcripts + the help of Claude), Iccha’s recurring cadences look something like this:\n\n*1/ EPD leadership team meeting (weekly).*\n\n*2/ Eng staff meeting with direct reports (weekly).*\n\n*3/ All line managers (monthly).*\n\n*4/ Staff engineers (every six weeks).*\n\n*5/ Monthly business review for engineering. Three categories: delivery (features shipped, on time?), quality (incidents, SLA hits, support volume), DORA-style (lead time).*\n\n*6/ Quarterly reviews on top.*\n\n*7/ Weekly incident reviews.*\n\n*8/ Weekly RFC reviews. She still attends the big ones.*\n\n*9/ Quarterly EPD planning.*\n\n*10/ Monthly strategic initiative reviews.*\n\n*11/ Weekly recruiting sync.*\n\nDropping in a little closer on one of those little clocks on Iccha’s desk, most engineering leaders at her level describe their job in terms of headcount, hiring, planning cadence, blah, blah, blah, boring, boring, boring. Iccha describes it in terms of *attention*. That's a small but telling difference. She's optimizing for where her own thinking goes.\n\nAn example of this is her dedicated AI fascination time: \"I'm constantly experimenting. I've set up the [Vanta MCP with Claude](https://www.vanta.com/resources/meet-the-vanta-mcp-server/?utm_campaign=vanta_ai_deep_dive&utm_source=open-source-ceo&utm_medium=newsletter), and I'm just playing with it, asking: what's the experience, how would customers use this, what should we be building?\"\n\nShe also just personally stood up the AI developer experience team at Vanta. The reason is that most of Vanta's codebase is brownfield. Greenfield AI work is easy. Brownfield AI work, in a codebase with seven years of legacy patterns, is hard. The AI developer experience team exists to crack that.\n\nGreenfield | New code, easy, clean, fun for devs |\n|---|---|\nBrownfield | Dirty, annoying, legacy, technical debt. |\n\nBeing in the weeds, so to speak, being curious, tinkering, and playing around allows the cerebral dexterity Iccha to think more creatively about what to build next. “A big chunk of my time lately, especially with everything happening in AI, goes to forward-thinking. In the compliance space, how can we be more agentic? What frontiers should we be pushing? I'm constantly experimenting.”\n\nOperationally, Iccha spends time where you’d expect: stakeholder time. Product, design, Christina (the CEO), marketing, sales: “I just did a presentation with the sales org: here's what the Vanta agent can do now, here's how you should be talking about it with customers,\" she would tell me.\n\nThe thing that stood out like a sore thumb was how she views leadership, especially towards the individual contributors in her remit: \"Right now I have 28 Slack messages sitting there, and probably 15 of them are from individual contributor engineers who I have a direct line with on some topic or other. That accessibility matters to me, no matter how large the engineering org gets.\"\n\nLeaders who sit as high in Iccha at such a large organization don’t always think in this way. I personally find this leadership style a breath of fresh air. If you are a manager reading this, I have one piece of advice to help you excel in your career: |\n\n# Playbook / how you can apply this\n\n**Evals before features, always:** If you can't measure quality, you may have shipped a vibe. Build the measuring stick out first.**Hire your experts inside:** Vanta puts ex-auditors and CISOs on payroll to annotate data and build golden datasets. Outside advisors can't sit in your eval loop, and that's where the moat actually lives.**Shipping is a starting line:** Models drift, expectations drift, features rot. The days of being done with a feature no longer exist, so build the team that keeps tending it.**Keep humans in the loop:** Build review-and-accept for anything that touches a customer's journey. The agent does the work, the human still needs to sign off.**2019 feature or 2026 feature:** Are your prompts strangling the model or letting it run? Most underwhelming AI is engineers writing very piecemeal instructions on a frontier-class brain.\n\n# Future\n\nFive hundred and thirty-two years ago, our famed Franco friar in Venice wrote down how to make a ledger balance. Today, a company built mostly by ex-Google and ex-GitHub engineers is teaching a language model to check a screenshot of a firewall rule against an ISO control written in 2023.\n\nIt's the same job: Verify what a person is telling you is true. The tools are just different now. If Pacioli were alive, he'd probably make a great GRC nerd, working with Christina, Iccha, Ignacio, and the team.\n\n# Fun facts\n\n**Iccha Sethi's pre-Vanta CV is a dev-tooling Hall of Fame:** Rackspace → Atlassian → InVision → GitHub, where she ran Actions, Codespaces, npm, Packages, and Pages. If you've pushed code in five years, Iccha touched the stack.**The Iccha effect:** SVP of Engineering in January 2026, twenty-three months after joining Vanta as VP. In that time, the company tripled. Cause, effect, sample size of one, you decide.**In honor of Vanta’s SOC 2 jokes:** I started this piece without a title, without a cover, and without a single line of copy, with this image and this corny caption. Unfortunately, I couldn’t work it into the piece (which is why you are seeing it here).\n\nSorry, that’s two socks; I’m talking about SOC 2.\n\n**Ignacio's go-to source for new model drops is Twitter:** He told me OpenAI's o3 announcement reached his feed before it reached his email. The lesson: curate the timeline like an engineering manager, get paid like one.**Vanta's customers read like the AI boom All-Stars:** Cursor. Harvey. Plus Snowflake, Atlassian, Duolingo, and Ramp. The companies powering AI are also getting supported by Vanta on the trust side.\n\n# Extra reading / learning\n\n[Cybersecured: Vanta's Zero To One](https://www.opensourceceo.com/p/vanta-zero-to-one)- Sep, 2024[Unfiltered: The Inside Scoop on Cybersecurity with Vanta](https://www.opensourceceo.com/p/vanta-unfiltered)- Jun, 2025[How Vanta Went From 1 To 100](https://www.opensourceceo.com/p/vanta-1-to-100)- Aug, 2025[Unfiltered: Vanta's Product & Growth Leaders](https://www.opensourceceo.com/p/unfiltered-vanta-dos)- Jun, 2025\n\n*And that’s it! You can keep up with **Iccha** and **Ignacio** on LinkedIn or check out **Vanta on their website**.*\n\n**BRAIN FOOD** 🧠\n\n**TOOLS WE RECOMMEND 🛠️**\n\nEvery week, we highlight tools we like and those we actually use inside our business and give them an honest review. [Today, we are highlighting Fidelity](https://hubs.ly/Q048Dfms0?utm_source=www.opensourceceo.com&utm_medium=referral&utm_campaign=how-vanta-learned-to-trust-ai)*—the all-in-one equity management platform.\n\nSee the full set of tools we use inside of [Athyna & Open Source CEO here](https://athyna.notion.site/Our-Complete-Business-Toolkit-2cdd8af0f44d4093a91f728bec4de4f7?utm_source=www.opensourceceo.com&utm_medium=referral&utm_campaign=how-vanta-learned-to-trust-ai).\n\n**HOW I CAN HELP **🥳\n\n# P.S. Want to work together?\n\n**Hiring global talent:**[If you’re hiring](/cdn-cgi/l/email-protection#33575c507352475b4a5d521d505c5e0c50500e415c517352475b4a5d521d505c5e15525e4308404651595650470e7a16010344525d47160103475c1601035b5a4156160103445a475b16010372475b4a5d521d15525e4308515c574a0e7b564a160103775c501601701601035d5a50561601035c5d561d1601037a160104571601035f5c4556160103475c1601035b5652411601035e5c415616010352515c46471601035b5c4416010372475b4a5d52160103505c465f571601035b565f43160103445a475b1601035e4a1601035b5a415a5d541d)tech, business or ops talent and want to do it 80% less, check out my startup,[Athyna](/cdn-cgi/l/email-protection#472328240726332f3e29266924282a7824247a3528250726332f3e29266924282a61262a377c3432252d2224337a0e6275773026293362757733286275772f2e3522627577302e332f62757706332f3e29266961262a377c2528233e7a0f223e627577032824627504627577292e2422627577282922696275770e627570236275772b28312262757733286275772f2226356275772a28352262757726252832336275772f283062757706332f3e29266275772428322b236275772f222b37627577302e332f6275772a3e6275772f2e352e292069). 🌏**See my tech stack:** Find our suite of[tools & resources](https://www.notion.so/athyna/Our-Complete-Business-Toolkit-2cdd8af0f44d4093a91f728bec4de4f7?pvs=4&utm_source=www.opensourceceo.com&utm_medium=referral&utm_campaign=how-vanta-learned-to-trust-ai)for both this newsletter and Athyna[here](https://www.notion.so/athyna/Our-Complete-Business-Toolkit-2cdd8af0f44d4093a91f728bec4de4f7?pvs=4&utm_source=www.opensourceceo.com&utm_medium=referral&utm_campaign=how-vanta-learned-to-trust-ai). 🧰**Reach an audience of tech leaders:**[Advertise](https://www.passionfroot.me/open-source-ceo?utm_source=www.opensourceceo.com&utm_medium=referral&utm_campaign=how-vanta-learned-to-trust-ai)with us if you want to get in front of[founders, investors and leaders](https://www.passionfroot.me/open-source-ceo?utm_source=www.opensourceceo.com&utm_medium=referral&utm_campaign=how-vanta-learned-to-trust-ai)in tech. 👀", "url": "https://wpnews.pro/news/how-vanta-learned-to-trust-ai", "canonical_source": "https://www.opensourceceo.com/p/vanta-ai", "published_at": "2026-06-21 10:00:00+00:00", "updated_at": "2026-06-21 10:39:40.270736+00:00", "lang": "en", "topics": ["ai-agents", "ai-products", "ai-safety", "ai-ethics", "ai-infrastructure"], "entities": ["Vanta", "Andreessen Horowitz", "Bessemer", "Y Combinator", "Framer", "beehiiv"], "alternates": {"html": "https://wpnews.pro/news/how-vanta-learned-to-trust-ai", "markdown": "https://wpnews.pro/news/how-vanta-learned-to-trust-ai.md", "text": "https://wpnews.pro/news/how-vanta-learned-to-trust-ai.txt", "jsonld": "https://wpnews.pro/news/how-vanta-learned-to-trust-ai.jsonld"}}