External reviews
1,085 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Impressive and user friendly security and compliance automation product
What do you like best about the product?
I had the opportunity to work on Drata platform for ISO 27001 certification work. The features of Drata aroung controls mapping, evidence gathering, policy implementation, automated controls testing, data sharing with the external auditors, trust center etc., were very user friendly and helpful. The support and guidance provided by the CSM, Elizabeth John had been timely, professional and efficient.
What do you dislike about the product?
The policy center display could be offered in a web page format with search function.
What problems is the product solving and how is that benefiting you?
Helped in compliance automation and brought efficiency in ISO 27001 certification process.
Drata for soc2 compliance
What do you like best about the product?
Drata has been an excellent tool for our SOC 2 compliance needs. Its intuitive interface makes the entire process seamless, allowing our team to navigate compliance requirements with ease. What truly sets Drata apart is its responsive customer support – they’ve been consistently helpful and quick to resolve any issues or questions, ensuring a smooth compliance journey
What do you dislike about the product?
There’s really nothing to dislike about Drata. The platform delivers exactly what it promises, efficiently supporting our compliance process.
What problems is the product solving and how is that benefiting you?
Drata is solving the challenge of navigating SOC 2 compliance by providing an easy-to-use platform that simplifies monitoring and documentation. As someone going through SOC 2 for the first time, I appreciate how Drata makes complex concepts more understandable, allowing me to confidently manage compliance requirements without feeling overwhelmed.
A little bit of work goes a long way!!
What do you like best about the product?
Drata exceeded our expectations during our SOC 2 audit. The platform’s ability to itemize all controls, paired with clear and detailed explanations, made navigating the audit process a breeze. Its integration with Microsoft 365 to automate the detection of controls added another layer of efficiency, saving us significant time and effort. On top of that, whenever we encountered something we didn’t fully understand, Elizabeth was always there and helped us resolve every issue we had. She consistently provided clarification and guidance each week, ensuring we stayed on track and felt supported throughout the entire process. Drata is an invaluable tool for simplifying compliance! Our CSM Elizabeth was great, she kept us on track throughout the entire year, she deserves a lot of credit for getting us to the finish line and I hope we continue to work with her.
What do you dislike about the product?
Not everything is as straight forward as one would think. Drata looks for specific names on things such as compliance policies in intune. If it isn't named exactly as Drata expects it to be named then it doesnt register. Not every auditor works with Drata but thats not Dratas fault. We just had to find one that did.
What problems is the product solving and how is that benefiting you?
Evidence Gathering for large scale audits
User friendly GRC platform
What do you like best about the product?
Compliance monitoring
Dashboard
simplifies audits
save time
Reduce manual efforts
Dashboard
simplifies audits
save time
Reduce manual efforts
What do you dislike about the product?
More applications or tools in connections cannot be added as per our process
What problems is the product solving and how is that benefiting you?
Audits
compliance monitoring
compliance monitoring
Drata is a great GRC product!
What do you like best about the product?
Ease of adoption, configuration, use, and most importantly its overall effectiveness of monitoring and testing your complaince.
What do you dislike about the product?
No real downsides. One critique, would be perhaps slow your role on new feature development a tiny bit and make sure you spend sprint time on quality of life development for your every day users.
What problems is the product solving and how is that benefiting you?
Build, maintain, and monitor our compliance posture.
Simplifying our ISO27001 Journey with Drata
What do you like best about the product?
Drata has streamlined our ISO27001 compliance process with its user-friendly automation and integrations. It is a great intuitive platform that greatly reduces the manual workload involved in compliance. Its automation capabilities for policy drafting, evidence collection, and monitoring make the entire process much more efficient! Plus, their customer support is truly one of the best we've ever experienced – they're always there to answer any question, no matter how small, and go above and beyond to help.
What do you dislike about the product?
While Drata is an amazing tool overall, the readiness score can sometimes be a bit misleading. It can signal that we are fully prepared when certain controls still require manual evidence to be uploaded. It would be great if there was a clearer way to indicate where manual evidence is still needed, even after the platform shows those controls as “ready.” A more transparent alert system for this would make the process even smoother!
What problems is the product solving and how is that benefiting you?
ISO27001 Compliance
The most responsive support team I've met
What do you like best about the product?
Drata automates and handles most of our ISO and SOC needs across the entire governance and compliance space for our company. It's multiple features and ease of use have been instrumental in completing our certification audits for the past 2 years. Their support team is very responsive and I've even talked with their CISO regarding one issue we had which was almost immediately resolved.
What do you dislike about the product?
In the initial setup for identity it asked for a global admin credentials to be used to set things up. This is a massive risk for any company. However, through working through their team we found a solution that exercised the practice of least privileged access and met my business needs. Needless to say, we've been very successful since that implementation.
What problems is the product solving and how is that benefiting you?
We use Drata to cover all our basis. We've implemented utilities and policies that enable our business to maintain governance and compliance across the infrastructure.
GRC engineering
What do you like best about the product?
Easy to use. Their on-demand support for platform questions is a great model. It is interactive and real-time.
What do you dislike about the product?
User Interface and Risk Management. The user interface isn't very friendly. Risk Register is pretty basic.
What problems is the product solving and how is that benefiting you?
Its monitoring your compliance controls in real time.
Drata has helped to automate our compliance and governance processes
What do you like best about the product?
Ability to track our risks w.r.t to personnel, process, infrastructure , policy and vendors - all in one place is super helpful.
What do you dislike about the product?
Not all auditors use Drata. So we need to supply the evidence manually in those cases.
Also Drata support quality can improve.
Also Drata support quality can improve.
What problems is the product solving and how is that benefiting you?
It integrates well with our cloud platform and its automation to manage the risks across people, process/policy and infrastructure/technology helps us track and remediate those risks timely. It helps with our compliance needs to met our regulations and framework requirements.
Good Repository of Policies and Procedures
What do you like best about the product?
Email notifications contain links that generally take me where I need to be. Dashboards and statuses are clear. Implemented quickly and we were quickly using it. The extra support for the first month was beneficial.
What do you dislike about the product?
As an infrequent user (a couple of times a week), I don't always remember which menu/toolbar items I need to click on if I am doing something outside of an email notification. The menu isn't always intuitive for me as to what I should click. The dashboard can be a little misleading when listing the completed task percentage - many tasks may be mostly finished but I'm not sure how to see, for example, that 20 tasks are completed and 40 tasks are 90+% done.
What problems is the product solving and how is that benefiting you?
Drata helps us ensure that our cloud product is secure. Certification will help us win contracts with larger prospects that are starting to ask for certifications completed.
showing 111 - 120