Table: vanta_evidence - Query Vanta Evidence using SQL

Vanta is a security and compliance platform that automates the collection of evidence for various security standards and regulations. It provides a centralized way to monitor and manage security controls across your infrastructure, applications, and services. Vanta Evidence is a key component of this platform, capturing and storing the necessary data to demonstrate compliance with these standards.

Table Usage Guide

The vanta_evidence table offers insights into the evidence collected by Vanta for security and compliance monitoring. As a Security Analyst, you can use this table to explore specific details about each piece of evidence, including its metadata, associated controls, and status. By querying this table, you can effectively track and verify your organization's compliance status and identify potential security issues.

Important Notes

To query the table you must set api_token argument in the config file (~/.steampipe/config/vanta.spc).

Examples

Basic info

Explore the various categories of evidence requests in the Vanta system, identifying instances where access to certain information might be restricted. This can help in understanding the nature of information requests and ensuring compliance with access control policies.

select
  title,
  evidence_request_id,
  category,
  description,
  restricted
from
  vanta_evidence;

select
  title,
  evidence_request_id,
  category,
  description,
  restricted
from
  vanta_evidence;

List evidences with restricted document access

Explore which evidences have restricted document access to ensure compliance and maintain the integrity of sensitive information. This can be beneficial in situations where access needs to be limited due to confidentiality or security reasons.

select
  title,
  evidence_request_id,
  category,
  description
from
  vanta_evidence
where
  restricted;

select
  title,
  evidence_request_id,
  category,
  description
from
  vanta_evidence
where
  restricted = 1;

List non-relevant evidences

Uncover the details of dismissed evidences in your Vanta security compliance data. This query is particularly useful in identifying and reviewing non-relevant evidences that have been marked as dismissed.

select
  title,
  evidence_request_id,
  category,
  dismissed_status
from
  vanta_evidence
where
  dismissed_status -> 'isDismissed' = 'true';

select
  title,
  evidence_request_id,
  category,
  dismissed_status
from
  vanta_evidence
where
  json_extract(dismissed_status, '$.isDismissed') = 'true';

List evidences up for renewal within 30 days

Explore which pieces of evidence are due for renewal within the next month. This is useful for staying on top of compliance requirements and ensuring that all evidence is updated in a timely manner.

select
  title,
  category,
  renewal_metadata ->> 'nextDate' as update_by
from
  vanta_evidence
where
  renewal_metadata ->> 'nextDate' != ''
  and current_timestamp < (renewal_metadata ->> 'nextDate') :: timestamp
  and extract (
    day
    from
      (
        (renewal_metadata ->> 'nextDate') :: timestamp - current_timestamp
      )
  ) < 30
  and dismissed_status is null;

select
  title,
  category,
  json_extract(renewal_metadata, '$.nextDate') as update_by
from
  vanta_evidence
where
  json_extract(renewal_metadata, '$.nextDate') != ''
  and strftime('%s', 'now') < strftime('%s', json_extract(renewal_metadata, '$.nextDate'))
  and julianday(json_extract(renewal_metadata, '$.nextDate')) - julianday('now') < 30
  and dismissed_status is null;

Get the count of evidence by category

Explore which categories have the most evidence. This can be useful in identifying areas that may require additional scrutiny or attention.

select
  category,
  count(title)
from
  vanta_evidence
group by
  category;

select
  category,
  count(title)
from
  vanta_evidence
group by
  category;

Schema for vanta_evidence

Name	Type	Operators	Description
_ctx	jsonb		Steampipe context in JSON form, e.g. connection_name.
app_upload_enabled	boolean		If true, applications are allowed to upload documents on behalf of customers for this evidence request.
category	text		Specifies the category of the evidence request.
description	text		A human-readable description of the evidence requested.
dismissed_status	jsonb		Information about the dismissed status of the evidence request.
evidence_request_id	text	=	A unique identifier for this evidence request.
organization_name	text		The name of the organization.
renewal_metadata	jsonb		Information on the renewal cadence of the evidence request.
restricted	boolean		If true, access to the contents of the evidence documents is restricted.
title	text		The title of the document.
uid	text		An identifier that is unique across all of Vanta.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- vanta

You can pass the configuration to the command with the --config argument:

steampipe_export_vanta --config '<your_config>' vanta_evidence