Man #Vanta is so bad...
Their Entra MFA enforcement check is horrible.
It only checks if a conditional access policy exists, and if it has 'MFA' in the builtinControls. If it does, it's a pass.
But it doesn't check...
- if any users are excluded from the policy
- if any groups are excluded
- if the policy covers all users even after exclusions (e.g. if the exclusions are service accounts for any reason)
- if the geoblocking is functional
- if any of the excluded users are privileged
Vanta is a tool designed to mislead auditors, presenting as a third-party authority with their 'trust center' and all the flashy shiny dashboards.
Yet the core is rotten.
I haven't been this insulted since I found out that #vanta has a barely functional risk API (was trying to sync our risk register from our internal repo... long story).
Just... I lack words.
#infosec #cybersec #grc #privacy #compliance #fintech #informationsecurity #audit #soc2
Phil
@phil@fed.bajsicki.com
I'm Phil, I do things, I know things. It's good to make friends. #emacs #foss #selfhosted #actuallyautistic #cptsd #cybersec #infosec #systemadministration Bots /not/ welcome. Bridges out of Fedi /not/ welcome. Corporations/ businesses /not/ welcome.
fed.bajsicki.com
Phil
@phil@fed.bajsicki.com
I'm Phil, I do things, I know things. It's good to make friends. #emacs #foss #selfhosted #actuallyautistic #cptsd #cybersec #infosec #systemadministration Bots /not/ welcome. Bridges out of Fedi /not/ welcome. Corporations/ businesses /not/ welcome.
fed.bajsicki.com
@phil@fed.bajsicki.com
·
Mar 04, 2026
0
0
0
Edwin G. 
@EdwinG@mstdn.moimeme.ca
Bachelor in Engineering from #Montréal, #Canada 🇨🇦. Working in the Information Technology field. Outside technologies, I love to travel, enjoy watching the #Olympics and enjoy life in general. - - - Bâchelier en ingénierie de #Montréal, au #Canada 🇨🇦. Travaille dans le domaine des technologies de l'information. En dehors des technologies, j’adore voyager, regarder les #JeuxOlympiques et apprécier la vie en général. #NoAI
mstdn.moimeme.ca
Edwin G.
@EdwinG@mstdn.moimeme.ca
Bachelor in Engineering from #Montréal, #Canada 🇨🇦. Working in the Information Technology field. Outside technologies, I love to travel, enjoy watching the #Olympics and enjoy life in general. - - - Bâchelier en ingénierie de #Montréal, au #Canada 🇨🇦. Travaille dans le domaine des technologies de l'information. En dehors des technologies, j’adore voyager, regarder les #JeuxOlympiques et apprécier la vie en général. #NoAI
mstdn.moimeme.ca
@EdwinG@mstdn.moimeme.ca
·
Jan 29, 2026
The Canadian Centre for Cyber Security warns that more criminals are using AI for ransomware attacks
https://www.cbc.ca/news/politics/ai-ransomeware-attacks-9.7065169
- - -
Le Centre canadien pour la cybersécurité met en garde que davantage de criminels•elles utilisent l’IA pour les attaques par rançongiciel
https://lactualite.com/actualites/les-criminels-utilisent-lia-pour-commettre-des-attaques-par-rancongiciel/
#Canada #Ransomware #Rançongiciel #InfoSec #InformationSecurity #Cybersécurité #AI #IA #ArtificialIntelligence #IntelligenceArtificielle
https://www.cbc.ca/news/politics/ai-ransomeware-attacks-9.7065169
- - -
Le Centre canadien pour la cybersécurité met en garde que davantage de criminels•elles utilisent l’IA pour les attaques par rançongiciel
https://lactualite.com/actualites/les-criminels-utilisent-lia-pour-commettre-des-attaques-par-rancongiciel/
#Canada #Ransomware #Rançongiciel #InfoSec #InformationSecurity #Cybersécurité #AI #IA #ArtificialIntelligence #IntelligenceArtificielle
0
0
1
You've seen all posts