Listing Thumbnail

    Drata Security & Compliance Automation Platform

     Info
    Sold by: Drata 
    Vendor Insights
    An AWS Security Competency Partner, Drata is a GRC automation solution that allows companies to continuously monitor security and compliance controls, automatically collect evidence needed for an audit, and manage and remediate risk. Drata streamlines common compliance frameworks like SOC 2, ISO 27001, GDPR, and more and allows you to share your real-time compliance posture with prospects and customers to build trust and accelerate growth.
    Listing Thumbnail

    Drata Security & Compliance Automation Platform

     Info
    Sold by: Drata 

    Overview

    Play video

    Drata's compliance automation platform integrates with over 200 applications and systems to continuously monitor security controls and streamline over 20 compliance frameworks, standards, and regulations, such as SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR, and more. Drata integrates with 45+ AWS services and is a proud AWS Security Competency partner with an AI engine built on AWS Bedrock.

    Whether you're looking to get compliant quickly for the first time or want to streamline your complex GRC program, Drata scales with you. Get and stay compliant efficiently, build risk management into your GRC practice, and share your real-time compliance posture with prospects and customers to build trust and sell into new markets.

    Continuous automated monitoring alerts Drata customers when security controls aren't operating effectively to remediate, stay secure, and keep from falling out of compliance. Plus, automatic evidence collection makes the audit process as seamless as possible.

    Highlights

    • Drata for Startups: Drata helps startups create a scalable foundation and systematic approach to compliance to unlock market opportunities and scale safely. Startups can speed up audit prep time with Drata's best-in-class automation and support from our compliance experts to achieve SOC 2 and ISO 27001 compliance quickly.
    • Drata for Commercial and Mid Market: Drata helps companies with audit experience establish a scalable GRC program and structured process for risk management. Streamline compliance tasks and substantially reduce manual workloads while leveraging compliance to increase revenue and build trust.
    • Drata for Enterprise: Customers can optimize and customize their mature GRC programs and depend on reliable compliance outcomes. Organizations can manage and remediate risk and leverage Drata workspaces and workflows to keep pace with the complexity of advanced compliance programs.

    Details

    Sold by

    Delivery method

    Features and programs

    Vendor Insights

     Info
    Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
    Security credentials achieved
    (2)

    Pricing

    Drata Security & Compliance Automation Platform

     Info
    Pricing is based on contract duration. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.

    12-month contract (15)

     Info
    Dimension
    Description
    Cost/12 months
    Drata Platform Fee
    Access to the Drata SaaS platform with capacity for a 100 FTE org
    $25,000.00
    SOC 2 Framework
    SOC 2 2017 control set
    $7,500.00
    GDPR Framework
    GDPR control set
    $7,500.00
    ISO 27001 Framework
    ISO 27001 v2022 control set
    $7,500.00
    HIPAA Framework
    HIPAA control set
    $7,500.00
    PCI DSS Framework
    PCI DSS control set
    $7,500.00
    CCPA Framework
    CCPA control set
    $7,500.00
    CMMC Framework
    CMMC control set
    $7,500.00
    Microsoft SSPA Framework
    Microsoft SSPA control set
    $7,500.00
    NIST CSF Framework
    NIST CSF control set
    $7,500.00

    Vendor refund policy

    All Orders are non-cancellable and all fees and other amounts you pay under this Agreement are non-refundable.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Software as a Service (SaaS)

    SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

    Resources

    Vendor resources

    Support

    Vendor support

    Included in your contract, Drata provides onboarding, live chat (in product), and continuous enablement. Onboarding includes integration setup, assistance configuring compliance policy and controls in the platform, and guidance on utilizing our network of auditors and technology/service partners to serve you in your compliance journey. support@drata.com 

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Similar products

    Customer reviews

    Ratings and reviews

     Info
    3
    4 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    50%
    0%
    0%
    0%
    50%
    4 AWS reviews
    |
    812 external reviews
    External reviews are sourced from G2  and are not included in the star rating for this product.
    Chris S.

    Zero Regrets

    Reviewed on Oct 30, 2024
    Review provided by G2
    What do you like best about the product?
    I love that they have taken something hard, expensive, and abstract and made it attainable for small SaaS companies like ours. The ROI is outrageous and it has quite literally made us a far better company as a result.
    What do you dislike about the product?
    It takes a good bit of time to get up to speed with how it works and how you will work with it to drive toward your audit. That said, it is time well spent.
    What problems is the product solving and how is that benefiting you?
    We needed to get a SOC 2 Type 2 in an affordable, practical, and authentic way. Drata has lived up to what we hoped it would be and, once our audit is done, we believe it will help us progress from green light to signed contract much faster.
    Insurance

    Great service

    Reviewed on Oct 29, 2024
    Review provided by G2
    What do you like best about the product?
    Our service representative has been so patient and informative during the process of setup.
    What do you dislike about the product?
    The process is complicated, but I don't believe that's a Drata issue. It's just the world of cybersecurity and compliance. I feel like Drata has the tools required.
    What problems is the product solving and how is that benefiting you?
    Organizing our policies and controls.
    Albert C.

    Compliance automation made easy.

    Reviewed on Oct 29, 2024
    Review provided by G2
    What do you like best about the product?
    The implementation service offered was great. 30 days handheld through the process with experienced users. Support is always fast and incredibly helpful. SSO worked really well and it integrated with the majority of our tech stack. Most of my team are able to navigate their way around it easily. For me, its easy to use and has become an unconscious standard practice to use it every day.
    What do you dislike about the product?
    Quite a bit of the products newer useful features don't support our versioning control i.e. 'compliance as code' and gitlab.
    A lot of newer features released, i.e., risk management and trust centre pro are rather costly addons and during the procurement process, we weren't made aware of this.
    What problems is the product solving and how is that benefiting you?
    Evidence gathering is largely automated with helpful reminders for the less automated bits. It is a single pain of glass for our various standards and their controls.
    Mohamed T.

    great support

    Reviewed on Oct 28, 2024
    Review provided by G2
    What do you like best about the product?
    Drata is highly regarded for its compliance automation, seamless integrations, and user-friendly interface. It streamlines processes by automating evidence collection, monitoring controls continuously, and integrating with popular tools, making compliance management more efficient and transparent.
    What do you dislike about the product?
    too many controls without careful configuration.
    What problems is the product solving and how is that benefiting you?
    accompanying us through the certification process
    Khoa T.

    A great product and exceptional support to boot

    Reviewed on Oct 24, 2024
    Review provided by G2
    What do you like best about the product?
    Drata is a true time saver. We have a small team, so becoming compliant with any framework seemed a daunting task, but Drata's automated tests, policy templates, and system integrations made it incredibly fast and easy to not only organize evidence for an audit but ramp up the maturity of our security program. You can't review the platform without mentioning the exceptional customer support that comes with it. The support we've received from their team (especially Craig) has been nothing but professional and attentive. They not only want us to use the platform at its full potential, but they are a close partner in helping us plan for and achieve compliance with our desired frameworks.
    What do you dislike about the product?
    While Drata has satisfied all of our needs for reaching compliance, I believe some of their features (like risk assessment) should be more widely accessible perhaps in an open-source format since compliance and security is something that is important for all organizations, not just the ones who can pay for it.
    What problems is the product solving and how is that benefiting you?
    We have a lot of resources but not an easy way to map their configurations to frameworks. We solved this by integrating our AWS environment so Drata's automated tests tell us immediately if something is not compliant.

    We don't have an easy way to do vendor inventory or risk management. We solved this by using these features in Drata and now have a central place to not only track vendors/risk, but assign tasks to executives/employees who need to review them.

    We needed a central repository to draft and update policies and have employees acknowledge them. We used Drata's templates to create policies and use it to push them out to employees for acknowledgement.
    View all reviews