Vanta

2010-06

Christina Cacioppo joins Union Square Ventures as analyst

2012

Leaves USV to teach herself to code, tells parents it's a 'sabbatical'

2013

Co-founds Nebula Labs with Stanford classmate Matt Spitz, building various failed products (book tracker, video messaging, job board)

2014

Joins Dropbox as PM working on Dropbox Paper

2016

Leaves Dropbox, starts exploring startup ideas. Tests voice assistant concepts (meeting transcription, Slack microphone, lab biologist assistant) - all fail

2016-12

Post-election data breaches (Equifax, Uber) spark insight about security gap: smart people making preventable security mistakes

2017-01

Begins 6-month customer discovery phase, stops building and focuses exclusively on interviews with CTOs and founders

2017-03

Tests security checklist for CTOs - founders love it but never implement. Learns about incentive misalignment: founders can't justify prioritizing security over growth

2017-05

Tests manual security questionnaire responses - better traction but unsustainable. NLP technology not ready yet

2017-06

Breakthrough discovery: visits Figma (30 people) and finds they built entire roadmap around customer's SOC 2 questionnaire to close enterprise deal

2017-07

Pivots to SOC 2 compliance. CTOs immediately offer engineering team access when pitched - strong urgency signal

2017-08

Embeds at Segment's office for weeks, manually reading SOC 2 reports and building red/yellow/green compliance spreadsheets

2017-09

Tests standardization by giving Front an assessment based on Segment's template - they can't tell the difference, proving scalability

2017-10

Former Dropbox colleague emails asking for SOC 2 help via word-of-mouth, confirming organic demand

2017-11

Builds first software version: customers submit AWS credentials, team manually extracts data. Christina writes reports overnight, telling customers they'd arrive 'next day'

2018-01

Accepted into Y Combinator Winter 2018 batch (alongside Replit and OpenSea). First customer: Lattice, acquired through YC network

2018-03

Raises $3M seed round despite investor skepticism that 'startups won't get SOC 2s'

2018-04

Near-fatal mistake: pauses all sales to focus on hiring first engineers. Learns sales momentum should never stop

2018-06

First 20 paying customers, $500K+ ARR. Achieves 1 new customer per week, ramping to 2-3/week within 6 months

2018-08

Flies to Colorado for Vanta's first customer SOC 2 audit - sits in auditor's WeWork manually pulling data from database

2018-12

Running barebones vanta.com (llama mascot + email only) but generating 2-3 inbound emails per week

2019-01

Customers finding Vanta organically = product-market fit confirmation. Public website launches with llama branding

2019-06

Hires first support team, then customer success, then sales reps. Christina and co-founder had worked alone for 18 months

2019-12

Adds ISO 27001 compliance framework alongside SOC 2

2020-06

Adds HIPAA compliance. First marketing hire made in late 2020 after signing 600 customers purely through word-of-mouth

2020-12

Reaches $10M ARR on just $3M seed funding, operating at cash flow breakeven for 3 years

2021-05

Raises $50M Series A from Sequoia Capital led by Andrew Reed. 50 employees. Competitors emerging in market

2021-10

Billboard campaign at SaaStr: 'Compliance that doesn't SOC 2 much'. Invests in SEM, podcast sponsorships (This Week in Startups)

2022-02

Series B: $110M from Sequoia and Craft Ventures. Rapid team expansion

2022-10

Series B Extension: $40M at $1.6B valuation. 4,000+ customers. Named to Cloud 100 list

2023-01

3,000-5,000 customers across 45 countries. Positions as 'Trust Management Platform' beyond just compliance

2023-01

Acquires Trustpage (security status pages/trust reporting). First acquisition. Hired Stevie Case as CRO (joined 2021)

2024-01

Surpasses $100M ARR within approximately 5 years of first sale. 10,000+ customers

2024-07

Series C: $150M at $2.45B valuation, led by Sequoia. 35+ compliance frameworks supported

2025-07

Series D: $150M at $4B valuation backed by CrowdStrike and Sequoia. 12,000-12,000+ customers. 400+ integrations

2025-12

12,000+ customers globally. 500+ employees across San Francisco, New York, Sydney, Dublin, London