External reviews
1,130 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Taking much of the effort and guesswork out of compliance.
What do you like best about the product?
Drata is much easier to use than other compliance platforms that we have used and was easy to get up and running. When we do have questions or issues, their support team can be contacted directly via chat within the platform and are friendly, responsive, and knowledgeable. We feel like Drata will be an excellent partner for years to come and we appreciate the straightforward pricing per framework. That will make it easy to grow in the future as we add additional frameworks.
What do you dislike about the product?
We wish that there were additional automations or improvements on some of the existing integrations. For example, many of the monitors/tests are geared towards Jira being used for tracking things such as onboarding/offboarding. We use Freshservice for that and even though there is a Freshservice integration, we cannot currently tell Drata to look at Freshservice for those types of tickets. This is frustrating as it means we then have to submit that evidence manually.
Additionally, we wish that there was more clarity or guidance around when a test is failing. For example, a test may fail for a variety of reasons such as reliance on a policy being approved or evidence being provided. It's not always clear why a monitor or control is failing. Is it due to the policy? Is it a lack of evidence? Should that evidence have been pulled automatically or is it something we need to provide manually? This could be streamlined and provide more detailed guidance as to what exactly is needed to fix it.
Additionally, we wish that there was more clarity or guidance around when a test is failing. For example, a test may fail for a variety of reasons such as reliance on a policy being approved or evidence being provided. It's not always clear why a monitor or control is failing. Is it due to the policy? Is it a lack of evidence? Should that evidence have been pulled automatically or is it something we need to provide manually? This could be streamlined and provide more detailed guidance as to what exactly is needed to fix it.
What problems is the product solving and how is that benefiting you?
We needed a product to help us manage our SOC2 compliance while providing the ability to easily add additional frameworks in the future. When doing so, we wanted to try and maximize the work already completed towards those additional frameworks.
Great Automation capabilities & amazing support
What do you like best about the product?
Very responsive Support
Good automation workflows
Good automation workflows
What do you dislike about the product?
Nothing as such. So far so good. will point out any issues when I come across
What problems is the product solving and how is that benefiting you?
Cloud compliance automation
Helpful product for approaching SOC 2 Compliance
What do you like best about the product?
User Friendly
Easy to set up and use
Easy and useful integrations
Fantastic and helpful support
Extensive risk library with helpful visuals
Easy to set up and use
Easy and useful integrations
Fantastic and helpful support
Extensive risk library with helpful visuals
What do you dislike about the product?
Drata agent had some issues with some machines, especially during the install
Further integrations, especially with EDR software, would have been helpful
Further integrations, especially with EDR software, would have been helpful
What problems is the product solving and how is that benefiting you?
We are using Drata to persue SOC2 compliance. Drata is the tool we are using to assist us in meeting all the requirements and provide the auditor with the tools needed to check our compliance.
There was a learning curve, but now I find everything very useful.
What do you like best about the product?
Fast customer support. I think all the other parts can be finetuned with engineering efforts, but the fact how the support is acting makes my life happier when in need.
What do you dislike about the product?
Policies/Controls navigation sometimes is tricky and I need to have tons of tabs opened not to loose my initial view.
What problems is the product solving and how is that benefiting you?
Compliance tracking and everything related to these topics.
Great platform for getting compliance certifications quickly
What do you like best about the product?
Provides pre-built templates for all required policies and controls for the common certifications. Comes with pre-built controls that helps track the current status of compliance with each requirement.
It's very simple to use and kept us organized when building the policies, implementing them, gathering evidence, and during the audits themselves.
It's very simple to use and kept us organized when building the policies, implementing them, gathering evidence, and during the audits themselves.
What do you dislike about the product?
Missing some features, specifically better customization in monitored tests and the Drata agent which verifies endpoint compliance.
I would like to have a tighter link between the policies and the controls. After setting up the initial policies, adding new frameworks is a bit more complex. It's hard to keep track of your policy changes compared to the standard template.
I would like to have a tighter link between the policies and the controls. After setting up the initial policies, adding new frameworks is a bit more complex. It's hard to keep track of your policy changes compared to the standard template.
What problems is the product solving and how is that benefiting you?
policy creation (templates), policy impementation, evidence collection including ongoing monitoring
Growing Compliance Platform
What do you like best about the product?
If you're implementing a new compliance program Drata will give you default policies that are impactful for a number of different frameworks and if you link your stack it will help you automate the monitoring of your services.
Compliance support is really good and knowledgeable.
I think on average I get an email a month about some new feature being released. Seems to be in active development.
Any issues I've run into I've dropped a message in the chat box and it gets resolved or followed up with a ticket.
Onboarding users and giving visibility into compliance status was a breeze.
Compliance support is really good and knowledgeable.
I think on average I get an email a month about some new feature being released. Seems to be in active development.
Any issues I've run into I've dropped a message in the chat box and it gets resolved or followed up with a ticket.
Onboarding users and giving visibility into compliance status was a breeze.
What do you dislike about the product?
Their trust page functionality is interesting but has a rather large footer advertising their service. I'm all for attribution but the star of the show should be the data a customer is looking for.
What problems is the product solving and how is that benefiting you?
I just wanted a place to manage my compliance program that isn't a series of spreadsheets. This technically meets that requirement.
Additionally:
- a very simple security training
- automated checks for infrastructure, hrip, and date tracker for when evidence or policies need an update
- centralized policy accepting for all staff, as well as a transparent portal for self-serving themselves to be compliant
- user onboarding/tracking for compliance status
- the notifications when a status changes is really helpful
Additionally:
- a very simple security training
- automated checks for infrastructure, hrip, and date tracker for when evidence or policies need an update
- centralized policy accepting for all staff, as well as a transparent portal for self-serving themselves to be compliant
- user onboarding/tracking for compliance status
- the notifications when a status changes is really helpful
Excellent ROI. Cut 90% off of our audit effort. Manage risk, vendors, and access reviews, now, too.
What do you like best about the product?
The daily automated evidence collection, great UX (that even auditors understand), and the reduction of our audit effort by 90%, make Drata one of my highest returning investment. We use it every day.
What do you dislike about the product?
There is notihng I dislike, but there are a few boutique integrations I would like Drata to develop.
What problems is the product solving and how is that benefiting you?
The most important problem Drata has solved for us is reducing the effort to do SOX ITGC, SOC2 Type2, and PCI-DSS audits by 90%. Beyond that, Drata has solved most of my evidence collection problem by automating the collection of most evidence. Drata also solved the problem of meaningfully tracking and managing information security risk, somethign that has become a regulatory requirement.
Drata is also solving other problems for us, including access reviews and attestations, and responding to partner information security questionnaires.
Drata is also solving other problems for us, including access reviews and attestations, and responding to partner information security questionnaires.
Superb customer support, documentation, and platform
What do you like best about the product?
Drata's customer support and success team has been amazing in helping us achieve compliance across all our efforts. They've been super on top of helping us through both automated and manual outreach efforts. Their documentation and platform have also been AWESOME!
What do you dislike about the product?
Using Drata can be expensive depending on what you are going for (compliance framework wise), so just be mindful of costs! This is true for anything to do with compliance to be honest, goes with the territory.
What problems is the product solving and how is that benefiting you?
SOC2 compliance, GDPR/CCPA compliance
Drata: A great tool for centralized compliance
What do you like best about the product?
Drata centralizes all of our compliance data and allows us to continuously monitor for changes. This saves our compliance team a huge amount of effort in auditing our customer-facing products and IT services. It also helps our technical/operations staff quickly identify and document changes to infrastructure.
What do you dislike about the product?
The user interface can be difficult to use. Some of the test failures are hard to interpret and diagnose, requiring jumps back and forth from Drata app to Drata docs to provider docs to certification/standard definitions, etc.
What problems is the product solving and how is that benefiting you?
It's difficult to monitor and audit the compliance of our infrastructure as it evolves to meet product needs. Drata solves this and pushes us to implement better patterns for infrastructure and software.
Excellent environment for supervising your compliance efforts
What do you like best about the product?
Intuitive UI design and excellent/close customer support
What do you dislike about the product?
The document editor might be more advanced.
What problems is the product solving and how is that benefiting you?
Decreasing the overall burden and required effort to manage compliance processes for multiple standards/frameworks.
showing 191 - 200