External reviews
1,130 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Effortless Compliance Management and Auditing
What do you like best about the product?
I think one of Drata's key strengths is its ability to perform framework mapping across compliance frameworks, which greatly reduces redundant work and duplicate work. I also appreciate its monitoring capabilities. Drata provides timely system updates on governance risk and compliance processes, making them more efficient and significantly less burdensome.
What do you dislike about the product?
I would like to be able to manipulate their dashboards a little better, just so I could cater it specifically to what our company needs to see, especially for generating reports to leadership.
What problems is the product solving and how is that benefiting you?
Drata automates our compliance status for risk management and auditing, gives us a clear view of our security posture, identifies real-time risks, and excels in framework mapping across compliance frameworks, reducing redundant work.
User-Friendly Compliance Platform with Helpful Templates and Resources
What do you like best about the product?
Drata is very user-friendly and offers a great platform that provides all the necessary information and templates to get started with anything related to compliance, even for startups.
What do you dislike about the product?
At the beginning, it can feel a bit overwhelming, but they offer so many resources and onboarding calls that it quickly feels manageable again.
What problems is the product solving and how is that benefiting you?
Drata helps us keep everything related to compliance in one place, and it automatically reminds us to renew policies when needed.
Streamlined SOC2 Compliance, Intuitive and Effective
What do you like best about the product?
I appreciate how Drata keeps everything organized, from evidence and compliance to risk management, making it the key to everything. The interface is always improving, becoming smarter and easier to use, which is great since I am in it every day working on compliance. What I really like is how the interface actively guides me through compliance work by linking controls, policies, and integrations together. It lets me see what's wrong, what's missing, why it matters, and how to fix it. The setup process is very intuitive as well, allowing me to add and remove vendors, policies, and connections easily. Drata was essential in obtaining our first SOC2 certification and continues to be invaluable in maintaining it. I can't imagine how challenging it would be to organize everything without Drata.
What do you dislike about the product?
I always seem to struggle when it comes to the hardware. I feel that workstations could be reported on a little better. Same for people. When looking at people, and seeing their compliance tasks overdue, like policies, it feels a bit convoluted.
What problems is the product solving and how is that benefiting you?
I use Drata for maintaining our SOC2 compliance. It organizes our evidence, policies, and more in one place. The interface guides compliance work actively, linking controls and policies. I can't imagine organizing SOC2 without it.
Comprehensive Compliance Templates for Nearly Every Audit Type
What do you like best about the product?
Drata let's us control all of our compliance/audit related requirements in one system–simple as that. The UX is great–it's easy to understand, easy to navigate, easy to add evidence, etc. The automation workflows are great–being able to automatically import all of our employees, devices, 2FA rules, etc. directly from our SaaS/PaaS products (e.g., Azure) is fantastic. The TrustCenter is quite helpful as well as a way of sharing sensitive documents (e.g. audit reports) with third parties in a tracked manner. It's a great tool tbh.
What do you dislike about the product?
It's a big system so it can be quite confusing at first. It's hard to know what's actually required for your various audit types–Drata gives you a template for nearly everything, but do you actually need everything in the template? Probably not. That's not Drata's fault, it's just the nature of being a generalized compliance tool that works across every industry.
What problems is the product solving and how is that benefiting you?
What are our SOC 2 requirements? We can't go through a SOC 2 audit without knowing all of our requirements. Drata tells you your requirements and lets you manage them all in one place.
Effortless Compliance Gap Detection and Audit Readiness
What do you like best about the product?
The platform makes it very easy to identify compliance gaps and ensure you are audit-ready.
What do you dislike about the product?
The onboarding process can be quite involved depending on the existing compliance program.
What problems is the product solving and how is that benefiting you?
Drata makes audit readiness and control validation simple and centralized.
Exceptional Security and Customer Service
What do you like best about the product?
I like that Drata is easy to use, and I feel confident that everything is safe and secure when I store my information. I appreciate that I can just click into it whenever I need to. The support I receive is fast and efficient. It's very fast and efficient overall. Installing Drata was extremely easy; the instructions were simple, and it was ready to go right after downloading. The customer service is exceptional.
What do you dislike about the product?
I can't think of anything that I dislike about Drata. I found it so simple to install based on the instructions that were sent to me from my IT team.
What problems is the product solving and how is that benefiting you?
Drata helps us avoid any kind of security breaches, ensuring everything is safe so we don't have to worry about our computers.
Robust Security with User-Centric Support
What do you like best about the product?
What I like most about Drata is its user-centric format, and when we need help, tech support is fast and reliable. The initial setup of Drata for our team was very easy. We had a resource from Drata available if we needed it, but it was very self-explanatory and user-centric.
What do you dislike about the product?
Sometimes logging on can be a challenge. Recently, a few of us had issues with our logins, but we did get that resolved.
What problems is the product solving and how is that benefiting you?
I use Drata for data security, ensuring everything is safe and there's no data leaks.
Effortless Setup and Promising Governance Features
What do you like best about the product?
I am enjoying the experience working on transitioning from my prior GRC tool to Drata. Although I have not fully explored all the functionality of Drata, it looks like it will be extremely useful. I'm working with the compliance frameworks, building them out for my environments, setting up vendor risk management surveys, and risk management.
What do you dislike about the product?
I wish Drata had the ability for policies to be visible to any user, not just to those who have acknowledged them. I also wish Drata supported PCI DSS targeted risk assessment.
What problems is the product solving and how is that benefiting you?
Drata replaced my previous GRC tool, which was not sufficient for my needs.
Comprehensive Compliance Tools with Real-Time Monitoring
What do you like best about the product?
Drata has so many tools to help with policy creation and real-time compliance monitoring. It's more that just a GRC tool, it provides live data when policy, process, and assets fall out of compliance so you can quickly reign them back in.
What do you dislike about the product?
There have been issues with rolling out new features. Support responsiveness has slowed lately, especially after the introduction of the chatbot.
What problems is the product solving and how is that benefiting you?
We are able to monitor all aspects of our internal and cloud infrastructure to ensure our employees are applying what we state in our internal policy. They also keep us up to date on any new changes to the frameworks we implement.
Streamlined PCI Management with Intuitive Ease
What do you like best about the product?
Drata has been incredibly easy to use—simple, intuitive, and very well designed. Their support has been outstanding. We were paired with an onboarding specialist who stayed with us for nine months during our first year and guided us all the way through completing our audit. Setting up Drata was straightforward, and the automated monitoring features worked well with just a bit of tuning for our environment. The workflows make it easy to manage controls, maneuver through the platform, and upload evidence. Overall, Drata has helped us stay extremely organized and efficient with our PCI compliance program.
What do you dislike about the product?
One area that could be improved is the level of detail provided within the control environment. Drata goes one or two layers deep, but for more complex compliance programs, it would be helpful if the platform went further into the nitty-gritty details. Another area is around certain automated monitoring features that rely on specific applications. Expanding support to a broader range of third-party tools would make the monitoring even more flexible and effective.
What problems is the product solving and how is that benefiting you?
Drata helps us manage the entire PCI process end to end. It keeps us organized operationally, from daily compliance tasks all the way through the audit cycle. The platform centralizes everything we need, streamlines evidence collection, and makes the audit process significantly more efficient. Overall, Drata removes a lot of manual effort and gives us structure and visibility, which saves time and reduces audit stress.
showing 1 - 10