External reviews
External reviews are not included in the AWS star rating for the product.
Drata has been wonderful for our compliance tasks at hand and has gotten excited
What do you like best about the product?
The amazing support and the automation goes a long way for compliance.
What do you dislike about the product?
Nothing. I couldn't write something even if you paid me
What problems is the product solving and how is that benefiting you?
Actually making compliance responsive and being a forefront. Everyone puts it in the backlog but drata has been making it easier to tackle compliance.
- Leave a Comment |
- Mark review as helpful
Excellent Drata Support
What do you like best about the product?
A feature I like is Drata's support system. It is user-friendly and I can easily submit an inquiry. It's easy to go from the chat bot straight to chatting with a live support person if the bot cannot help. The support folks have been great, always friendly, professional, and willing to help me out.
What do you dislike about the product?
The only downside I've experienced is the recent slowdown in support response times. While the quality of support remains good, there are sometimes delays in getting answers - which can sometimes be a little bit frustrating, especially when I'm working on a tight deadline. However, it's still better than other platforms I've used. Overall, I really like Drata but I'd like to see those response times improve.
What problems is the product solving and how is that benefiting you?
Drata helps to simplify compliance management and saves time. The platform's dashboard, policy center, and evidence library, makes it easy to track our progress and easily communicate/demonstrate compliance to our auditors. It's an great tool with great features.
The most comprehensive GRC tool on the market
What do you like best about the product?
Drata has Significantly reduced the time it takes to organize and gather our compliance data. The integrations with multiple other tools and services that we use make it so easy to have almost everything we need in single location when it's time to complete an audit.
What do you dislike about the product?
Drata is working very hard to keep up with platform ideas requests from thier customers and there are a few integrations and additional features that we have suggested they implement. Hopefully we see those in the future!
What problems is the product solving and how is that benefiting you?
We were having a problem keeping all of our security and compliance data organized and structured for multiple different frameworks. There are also a lot of documents, evidence, and testing that has to be completed on a regular basis. Drata helps us to keep all that data organized and automated some of our testing. It also helps to ensure that users and workstations stay compliant and alert us when there are compliance issues.
Drata is a must need for GRC Teams
What do you like best about the product?
Drata is easy to integrate, implement and see value right away. Their success staff is world class.
What do you dislike about the product?
Data ingestion right now can be very rigid, but their team is open to feedback and will be making that process much better.
What problems is the product solving and how is that benefiting you?
We are using Drata as our one stop shop for GRC. They help us stay on top of compliance tasks, manage our vendors and risks, showcase our security program to prospects and customers and provide audit evidence.
Drata has been a game-changer for our SOC 2 journey.
What do you like best about the product?
Automated evidence collection and the ability to not only see the path to full compliance - but also to get a better sense for the level of effort needed to get there. Drata made a painful process much more manageable and accelerated the time to full SOC 2 compliance.
What do you dislike about the product?
Need notification enhancements please. In particular, beyond weekly emails, we need real-time, pro-active notifications (like Slack, Teams, SMS, etc) for controls that are about to "go red" (like a quarterly report that needs to be refreshed in the evidence library or a policy that needs to be renewed soon) - including the option to be notified about controls onwed by others. Also, when a control fails, we need to be able to send violation alerts hourly or at least daily to not just the control owner, but also to a team.
What problems is the product solving and how is that benefiting you?
Our small team doesn't have the bandwidth to manually collect all the evidence of controls to achieve/maintain compliance and the monitoring helps us maintain visibility of our security controls.
Like Advil for Your Compliance Headache
What do you like best about the product?
I like the fact it's a single pane of glass and a single source of truth for our compliance data. I like that the product continues to evolve and continues to add features that address challenges and needs in the compliance space as well. Support has good as well to assist with any issues, even if the issue is just our lack of knowledge on how a feature works.
What do you dislike about the product?
We have occasionally had some issues with monitoring, but these have been quickly addressed, and I would say 50-50 on an issue on our side or a vendor's side, or an issue on Drata's side.
What problems is the product solving and how is that benefiting you?
Drata is solving issues sournd policies and and monitoring for us.
Finally Found a Platform That Makes Compliance Feel Manageable!
What do you like best about the product?
Instead of drowning in spreadsheets and endless checklists, I found myself with a clear roadmap of exactly what we needed. It's like having a knowledgeable compliance partner who breaks everything down into bite-sized pieces. The way it automatically gathers evidence and keeps track of our progress has saved me countless hours of chasing down documents and pestering team members for updates. The support team is responsive and knowledgeable about compliance requirements. When you run into questions during setup or about specific controls, they're there to help guide you through the process.
What do you dislike about the product?
The initial setup can be a bit overwhelming - there are so many integrations and settings to configure that it took us some time to get everything properly connected.
What problems is the product solving and how is that benefiting you?
The platform solves the challenge of continuous compliance monitoring. Rather than scrambling to gather evidence during audit time, Drata automatically collects and updates evidence in real-time. This means we're always audit-ready, reducing the stress and rush typically associated with certification preparations. The direct benefit to me is peace of mind - knowing that we're consistently meeting our compliance requirements and having clear visibility into our certification progress at any given time.
Used Drata to Achieve SOC 2 Certification
What do you like best about the product?
Drata really helped us prepare for our SOC 2 audit, providing a starting framework to work from, continuous monitoring of various controls through integrations, and personal assistance from our customer success manager, Elizabeth. We've since decided to attempt to centralize our compliance processes and efforts within Drata, as the platform is naturally suited to this task.
What do you dislike about the product?
Drata is still growing and changing regularly, so expect changes to your process and the occasional idiosyncracy/bug.
What problems is the product solving and how is that benefiting you?
Drata allows us to continuously monitor the functionality of our controls, as well as the status of evidence and policy tied to those controls. This has allowed us to prepare for and successfully complete our SOC 2 audits within a relatively short period of time.
Drata is the lifeboat to a drowning compliance team
What do you like best about the product?
1. Drata's compliance automation is a game changer. The available integrations allow a small compliance team to scale to an unlimited size organization. For example, vulnerability scanning, device monitoring, data security testing, policy, network infrastructure, risk assessment, and the list goes on. These were previously controlled and documented in independent places and my compliance team 1) struggled to manage all of the compliance evidence and 2) "pushed" the information to the SOC 2 auditor. Drata consolidates this into one portal and the auditor has on demand access. This truly is automated compliance.
2. Live chat support, compliance library, policy templates, risk assessment guide. The provided tools help you effectively set up a compliance program.
3. My vendor rep has been extremely helpful and available throughout the process. We meet every two weeks to ensure we are progressing sufficiently. But also, I appreciate that she understands everyone works at their own pace so is not pushing us if not necessary.
2. Live chat support, compliance library, policy templates, risk assessment guide. The provided tools help you effectively set up a compliance program.
3. My vendor rep has been extremely helpful and available throughout the process. We meet every two weeks to ensure we are progressing sufficiently. But also, I appreciate that she understands everyone works at their own pace so is not pushing us if not necessary.
What do you dislike about the product?
The vendor management functionality is lacking. Specifically, the questionairre function is very limited and not very useful.
What problems is the product solving and how is that benefiting you?
SOC 2 type 2 certification. We found Drata because of issues we were facing with a SOC 2 type 2 audit and I am so please we did!
An Excellent Product
What do you like best about the product?
As a one-person team for our GRC at my organization, Drata has become a daily essential tool for me to maintain our compliance and readiness. Drata is easy to use, integrates well with our major providers like AWS, has amazing customer support, and a fairly painless implementation process. I can sincerely say that our small organization would not be able to handle all the necessary requirements of compliance without the software and Drata support.
What do you dislike about the product?
Integration with AWS and other items can be your greatest uplift when purchasing the product, as well as getting used to the numerous Controls can be a bit overwhelming, but once you get used to it, everything is pretty straight-forward.
What problems is the product solving and how is that benefiting you?
Everything that has to deal with a GRC program for a small organization. I use drata for our SOC 2 Type 2 compliance needs, risk assessment and analysis, and keeping track of our annual evidence for our audits.
showing 21 - 30