steampipe plugin install vanta

Table: vanta_evidence - Query Vanta Evidence using SQL

Vanta is a security and compliance platform that automates the collection of evidence for various security standards and regulations. It provides a centralized way to monitor and manage security controls across your infrastructure, applications, and services. Vanta Evidence is a key component of this platform, capturing and storing the necessary data to demonstrate compliance with these standards.

Table Usage Guide

The vanta_evidence table offers insights into the evidence collected by Vanta for security and compliance monitoring. As a Security Analyst, you can use this table to explore specific details about each piece of evidence, including its metadata, associated controls, and status. By querying this table, you can effectively track and verify your organization's compliance status and identify potential security issues.

Important Notes

  • To query the table you must set api_token argument in the config file (~/.steampipe/config/vanta.spc).

Examples

Basic info

Explore the various categories of evidence requests in the Vanta system, identifying instances where access to certain information might be restricted. This can help in understanding the nature of information requests and ensuring compliance with access control policies.

select
title,
evidence_request_id,
category,
description,
restricted
from
vanta_evidence;
select
title,
evidence_request_id,
category,
description,
restricted
from
vanta_evidence;

List evidences with restricted document access

Explore which evidences have restricted document access to ensure compliance and maintain the integrity of sensitive information. This can be beneficial in situations where access needs to be limited due to confidentiality or security reasons.

select
title,
evidence_request_id,
category,
description
from
vanta_evidence
where
restricted;
select
title,
evidence_request_id,
category,
description
from
vanta_evidence
where
restricted = 1;

List non-relevant evidences

Uncover the details of dismissed evidences in your Vanta security compliance data. This query is particularly useful in identifying and reviewing non-relevant evidences that have been marked as dismissed.

select
title,
evidence_request_id,
category,
dismissed_status
from
vanta_evidence
where
dismissed_status -> 'isDismissed' = 'true';
select
title,
evidence_request_id,
category,
dismissed_status
from
vanta_evidence
where
json_extract(dismissed_status, '$.isDismissed') = 'true';

List evidences up for renewal within 30 days

Explore which pieces of evidence are due for renewal within the next month. This is useful for staying on top of compliance requirements and ensuring that all evidence is updated in a timely manner.

select
title,
category,
renewal_metadata ->> 'nextDate' as update_by
from
vanta_evidence
where
renewal_metadata ->> 'nextDate' != ''
and current_timestamp < (renewal_metadata ->> 'nextDate') :: timestamp
and extract (
day
from
(
(renewal_metadata ->> 'nextDate') :: timestamp - current_timestamp
)
) < 30
and dismissed_status is null;
select
title,
category,
json_extract(renewal_metadata, '$.nextDate') as update_by
from
vanta_evidence
where
json_extract(renewal_metadata, '$.nextDate') != ''
and strftime('%s', 'now') < strftime('%s', json_extract(renewal_metadata, '$.nextDate'))
and julianday(json_extract(renewal_metadata, '$.nextDate')) - julianday('now') < 30
and dismissed_status is null;

Get the count of evidence by category

Explore which categories have the most evidence. This can be useful in identifying areas that may require additional scrutiny or attention.

select
category,
count(title)
from
vanta_evidence
group by
category;
select
category,
count(title)
from
vanta_evidence
group by
category;

Schema for vanta_evidence

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
app_upload_enabledbooleanIf true, applications are allowed to upload documents on behalf of customers for this evidence request.
categorytextSpecifies the category of the evidence request.
descriptiontextA human-readable description of the evidence requested.
dismissed_statusjsonbInformation about the dismissed status of the evidence request.
evidence_request_idtext=A unique identifier for this evidence request.
organization_nametextThe name of the organization.
renewal_metadatajsonbInformation on the renewal cadence of the evidence request.
restrictedbooleanIf true, access to the contents of the evidence documents is restricted.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
titletextThe title of the document.
uidtextAn identifier that is unique across all of Vanta.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- vanta

You can pass the configuration to the command with the --config argument:

steampipe_export_vanta --config '<your_config>' vanta_evidence