External reviews
External reviews are not included in the AWS star rating for the product.
Jumping into GRC
What do you like best about the product?
Platform helps first timers like myself comfortable with the frameworks we are starting our journey on. Reporting and automated tests help reduce time for us and avoid use spreadsheets.
The Drata support is also very helpful and responsive
The Drata support is also very helpful and responsive
What do you dislike about the product?
Its not free.
In all seriousness the policy editor is hot garbage. Working between the editor UI and copy/pasting between Google Docs or MS word is terrible.
In all seriousness the policy editor is hot garbage. Working between the editor UI and copy/pasting between Google Docs or MS word is terrible.
What problems is the product solving and how is that benefiting you?
I was tasked with getting my organization ISO 27001 compliant. As a one-man IT department I needed a platform and partner that can help me manage my time better. Continious monitoring, policy templates, support that is always available and a nice dashboard for reporting has helped so much and we're only getting started with our compliance journey!
- Leave a Comment |
- Mark review as helpful
Software Engineer at a small startup
What do you like best about the product?
We are just starting with security and compliance form our app and Drata looks promiosing
What do you dislike about the product?
nothing as of yet as we are just starting
What problems is the product solving and how is that benefiting you?
We are looking to get security compliance to present to our partners and inverstors and Drata is helping us in getting that
Great for keeping us compliant continuously
What do you like best about the product?
Integrations with all 3rd party systems.
What do you dislike about the product?
Need more user-roles for real enterprise use.
What problems is the product solving and how is that benefiting you?
Setting up for compliance and continuous monitoring for the controls.
Drata and the GRC Journey
What do you like best about the product?
Since implementing DRATA I have seen a reduction in audit burden on valuable resource within the company which has lead to increased productivity. DRATA has offered a simple one stop management tool for simplifying governance management.
What do you dislike about the product?
The risk management module still has some way to go to reach the level of maturity required for large enterprise.
What problems is the product solving and how is that benefiting you?
DRATA has enabled the [rimnciple of evidence once comply many which has reduced the time required for evidence collection. In addition it has also coalesced the audit experience for staff and external auditors.
Enhancing my security and compliance program
What do you like best about the product?
The organization it gives to my program. Having the policies, controls, and vendor risk profiles all in one place really helps get quick access into our compliance and risk posture, and identify any gaps that require extra attention.
What do you dislike about the product?
Nothing major, but I have a few product improvements that would be helpful. In the Risk Assessment module, would love it if you could customize the risk assessment to meet whatever risk assessment methology you're working towards, whether its a HIPAA risk assessment, or NIST 800-30 risk assessment.
There's a few places where having quicker automation for updating control information would be helpful, which is currently a manual process. However, I think that's likely a unique issue to our situation, so might not make sense to build a whole dedicated feature.
There's a few places where having quicker automation for updating control information would be helpful, which is currently a manual process. However, I think that's likely a unique issue to our situation, so might not make sense to build a whole dedicated feature.
What problems is the product solving and how is that benefiting you?
Organizing all controls and documentation involved with my security and compliance program.
Great product, provides guidance in navigating complex compliance
What do you like best about the product?
Very easy to use and integrate. Flexible product allows quick pivot to new compliance areas. Saved significant time and money with audits and compliance.
What do you dislike about the product?
Some areas can be clunky, or buggy but support handles most issues quickly
What problems is the product solving and how is that benefiting you?
Regulatory compliance with HIPPA, SOC and NIST. As a regulated company we have high standards to meet and Drata is helping us do so efficiently and effectively.
great founding team and has supported our investors
What do you like best about the product?
ease of use. logging in and have a good view of fields that i need.
What do you dislike about the product?
connectivity - api keys. could be better at using outside systems.
What problems is the product solving and how is that benefiting you?
soc 1
Powerful and easy to use
What do you like best about the product?
Great platform for storing and documenting compliance activities and evidence. Online support and chats have been very helpful.
What do you dislike about the product?
It would be good if the platform also provided more guidance on and even a walkthrough on key compliance activities. For example, a guided walkthrough on tabletop exercises or recommendations on pentest services.
What problems is the product solving and how is that benefiting you?
Using the platform to support and maintain SOC-1, SOC-2 and PCI compliance.
Never going back!
What do you like best about the product?
Ease of use (I'm a non technical end user) and I never thought I would be in a security tool this often as a salesperson - it's so easy
What do you dislike about the product?
No complaints - maybe expanding use cases for legal - but that's not been a problem
What problems is the product solving and how is that benefiting you?
In sales - I want to speed up the security review process as much as possible and provide all of the information in a central location.
But I also want to control who sees the documents and get alerts when they do.
Drata makes it super easy to do all of that. Never throught I would be in a security tool as often as I am!
But I also want to control who sees the documents and get alerts when they do.
Drata makes it super easy to do all of that. Never throught I would be in a security tool as often as I am!
No ability to add users
What do you like best about the product?
Gives us a process for getting ISO27001 that would have been difficult to follow otherwise.
What do you dislike about the product?
There's only really one thing, but it's important and incredibly painful. There's no ability to add your own users if they don't exist in your IDP. For example a contractor that doesn't have their email address on your domain - you cannot bring them into the system. This has wasted so much time as we need to find alternative systems for things that we're already paying for as part of Drata.
What problems is the product solving and how is that benefiting you?
ISO27001 is complicated and Drata at least makes the process easier to understand. There's a lot of value just in their documentation despite the platform being difficult to navigate.
showing 31 - 40