External reviews
1,144 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Effortless Compliance, User-Friendly Interface
What do you like best about the product?
I find Drata to be a really effective tool for company compliance, and I don't see any reason to use another or change it. It's overall very easy to navigate, and the interface is not complicated, which is good for those using it for the first time.
What do you dislike about the product?
I wish there was an option where we didn't have to manually provide evidence if there's already a connection with our HR platform. The sync with Rippling isn't too much of an issue, but it could be improved.
What problems is the product solving and how is that benefiting you?
Drata is an effective tool for company compliance. I find it easy to navigate, with a simple interface suitable for first-time users, making it unnecessary to switch to another tool.
Effortless Compliance Gap Detection and Audit Readiness
What do you like best about the product?
The platform makes it very easy to identify compliance gaps and ensure you are audit-ready.
What do you dislike about the product?
The onboarding process can be quite involved depending on the existing compliance program.
What problems is the product solving and how is that benefiting you?
Drata makes audit readiness and control validation simple and centralized.
Smooth Onboarding, Budget-Friendly Compliance
What do you like best about the product?
I like the pricing point of Drata, which is important as we are mindful about our budget while trying to achieve SOC2 compliance. The onboarding process was smooth, and we were guided through a series of workshops and onboarding sessions that provided us the tools to start using the platform effectively. The initial setup of Drata was also easy.
What do you dislike about the product?
The UI is a little confusing sometimes. As someone who has already done a SOC2 audit with a competitor product, I sometimes find the Drata platform a little confusing. It's not straightforward to see what tasks are missing and what specific things we need to fix. I think UX could be improved.
What problems is the product solving and how is that benefiting you?
Drata simplifies compliance by having auditors use the same platform for audits, reducing the compliance burden. The reasonable pricing point helps us stay within budget while working toward SOC2 compliance. The onboarding process with workshops and sessions made it easy to start using the platform.
Exceptional Security and Customer Service
What do you like best about the product?
I like that Drata is easy to use, and I feel confident that everything is safe and secure when I store my information. I appreciate that I can just click into it whenever I need to. The support I receive is fast and efficient. It's very fast and efficient overall. Installing Drata was extremely easy; the instructions were simple, and it was ready to go right after downloading. The customer service is exceptional.
What do you dislike about the product?
I can't think of anything that I dislike about Drata. I found it so simple to install based on the instructions that were sent to me from my IT team.
What problems is the product solving and how is that benefiting you?
Drata helps us avoid any kind of security breaches, ensuring everything is safe so we don't have to worry about our computers.
Robust Security with User-Centric Support
What do you like best about the product?
What I like most about Drata is its user-centric format, and when we need help, tech support is fast and reliable. The initial setup of Drata for our team was very easy. We had a resource from Drata available if we needed it, but it was very self-explanatory and user-centric.
What do you dislike about the product?
Sometimes logging on can be a challenge. Recently, a few of us had issues with our logins, but we did get that resolved.
What problems is the product solving and how is that benefiting you?
I use Drata for data security, ensuring everything is safe and there's no data leaks.
Centralizes Compliance Evidence, Needs Policy Sync
What do you like best about the product?
I like that Drata reminds us when to update and submit our evidence for the past 12 months. It's convenient to have one place to add all the evidence instead of having pieces stored in different locations. This organization makes it easier to refer back to the information submitted as evidence. The reminders are also helpful once the time to review the evidence is near. We have successfully integrated Drata with our other platforms like Office365, Jira, and Bitbucket.
What do you dislike about the product?
The audit option is a bit clunky as it's hard to differentiate who owns the control. In addition, we still need to double up on maintaining the policies. Once version in Drata and another soft copy we need to keep when it is required by our clients when we do proposals. Our Sales team will need access to the latest version. It took a while to fully understand what it did.
What problems is the product solving and how is that benefiting you?
I use Drata to assist with obtaining SOC2 Type 2 and HIPAA reports. Drata centralizes evidence submission, making it easier to refer back and providing reminders when updates are needed.
Efficient Compliance Management, Needs UI Enhancements
What do you like best about the product?
I appreciate Drata because it eases the management of our SOC2 (Type I) compliance. I like the control and evidence management features, which make it easy to track completed, pending, or in-process controls and tasks with related evidence. Additionally, the integration with our internal tools and applications for control monitoring and automation adds value to our workflow.
What do you dislike about the product?
Need more better user interface and evidence repository management. There's also scope for adding country or region specific cyber security and data privacy laws or rules as notified by respective governments.
What problems is the product solving and how is that benefiting you?
I use Drata for SOC2 compliance, easing compliance management by tracking controls and related evidence efficiently.
Transforms Compliance with Seamless Automation
What do you like best about the product?
I really appreciate how Drata transforms compliance from a stressful, manual process into a seamless, automated system that runs in the background, keeping me continuously audit-ready without slowing down my business. I find it most powerful when paired with other tools in our compliance and security stack due to its wide integration, eliminating the need to manually bridge gaps. I also find the initial setup straightforward thanks to its guided onboarding and Quick Start process.
What do you dislike about the product?
The main areas where Drata could improve are around customization, integration depth, and cost. I love its automation but often find limitations when workflows get complex.
What problems is the product solving and how is that benefiting you?
Drata solves compliance issues by automating evidence collection, continuous monitoring, and policy management. It replaces manual, error-prone processes, keeping me audit-ready without slowing down my business.
Effortless Setup and Promising Governance Features
What do you like best about the product?
I am enjoying the experience working on transitioning from my prior GRC tool to Drata. Although I have not fully explored all the functionality of Drata, it looks like it will be extremely useful. I'm working with the compliance frameworks, building them out for my environments, setting up vendor risk management surveys, and risk management.
What do you dislike about the product?
I wish Drata had the ability for policies to be visible to any user, not just to those who have acknowledged them. I also wish Drata supported PCI DSS targeted risk assessment.
What problems is the product solving and how is that benefiting you?
Drata replaced my previous GRC tool, which was not sufficient for my needs.
Efficient Compliance Management, Needs More Reporting options
What do you like best about the product?
I like Drata's simple login UX which makes onboarding users easy since they just need to go to the login screen and sign in with Google. The reporting feature is decent and allows me to track how many people are yet to install the agent. I also appreciate the ease of installing the agent software. The initial setup was fairly good, with simple integration of Google Workspace and Atlassian, and even though the integration with Hibob (HRIS) took a bit longer, Drata support was helpful in resolving this by providing the necessary third-party integration docs.
What do you dislike about the product?
More reporting options would be useful. More granularity with filters is needed; for example, I can filter by non-compliant devices, but I can't filter by a single non-compliant device-related item like a screen lock. Also, scheduled and saved reports are a must, which is missing currently. The initial setup with certain integrations like HiBob (HRIS) took a little longer because the guide we followed ended up missing a few steps. Eventually, Drata support helped by finding the third-party integration docs and forwarding them to me.
What problems is the product solving and how is that benefiting you?
Drata identifies security gaps, helps us start policies, and simplifies user onboarding with Google sign-in. Reporting shows agent installation status, and the agent is easy to install.
showing 21 - 30