External reviews
External reviews are not included in the AWS star rating for the product.
MFA issue
What do you like best about the product?
The team and the through SOPs! Zack and Dante, where instramental in solving this problem and they were super through.
What do you dislike about the product?
Had to wait a bit during shift changes but not a big deal
What problems is the product solving and how is that benefiting you?
Automating our compliance audits, and our security audits
- Leave a Comment |
- Mark review as helpful
Accelerator for our re-certification of ISO 27001:2022
What do you like best about the product?
- Built-in frameworks, controls and monitors
- Excellent risk management
- Great support
- Excellent risk management
- Great support
What do you dislike about the product?
- Connectors should be more configurable
What problems is the product solving and how is that benefiting you?
Continuous Compliance in a modern and automated way
Excellent support
What do you like best about the product?
We are still in our starting journey with Drata, so don't have much in terms of the platform however the support are alway there to help and sort issues in a timely manner
What do you dislike about the product?
so far the controls and connections are not obvious what they do or what they are for
What problems is the product solving and how is that benefiting you?
Automating evidance gathering hopefully saving users time
Drata is the way to go!
What do you like best about the product?
The Drata platform is very user friendly and provides great support and help articles for users to navigate and understand the compliance requirements. The Drata team is also extremely helpful, responsive, and approachable any time they are needed.
What do you dislike about the product?
I would like to see a feature that requires manual user updates (i.e. marking items ready for audit) as opposed to automatically checking off as green since this could lead to confusion.
What problems is the product solving and how is that benefiting you?
Drata improves the efficiency (time and effort) in maintaining security compliance. The frequent reminders of overdue, quarterly/annual tasks, and overall status dashboard provide great value to users who do not have the time or headcount to manually keep track of these. On the auditor side, it helps with being able to quickly identify which big ticket items are missing and provide some guidance to the user on how to best address those items.
Had an issue accessing a framework
What do you like best about the product?
Drata's customer service chat services (featuring Rachel) was able to solve my issue immediately.
What do you dislike about the product?
The Help & Feedback pops up behind the chatbox window, making it hard to interact with during chat.
What problems is the product solving and how is that benefiting you?
Drata listed out clearly all the necessary objectives needed to satisfy compliance certifications.
Help is always there!
What do you like best about the product?
I love that I have access to already built automation, controls and policies that I can tweek for my business!
What do you dislike about the product?
I wish someone could do it for me instead, like a managed service.
What problems is the product solving and how is that benefiting you?
Our customers require SOC 2 reporting on our system. Although we are secure, and adhere to security standards, having the SOC 2 stamp is the only requirement.
Best Compliance tool out there
What do you like best about the product?
It is very easy to use, Implementation was a breeze, and also has top-notch customer support. We use the product on a daily basis and since it was easy to integrate with our other platforms, compliance is easier to perform.
What do you dislike about the product?
Some granularity in controls still needs an uplift, one such place is ticketing management, It currently only supports Jira which creates some difficulties when performing tasks.
What problems is the product solving and how is that benefiting you?
Keeping up with compliance frameworks, monitoring controls and systems, maintaining policies and procedures, managing vendors
Strong tool at a good value
What do you like best about the product?
It's extensive without being overwhelming.
What do you dislike about the product?
None to speak of really. We're happy so far.
What problems is the product solving and how is that benefiting you?
We are currently working on our SOC II type 2 report. Drata helps up keep track of our progress and needs without getting lost or overwhelmed.
Amazing customer support by Pablo.
What do you like best about the product?
Best Connectivity capabiltiies they have on their tool.
What do you dislike about the product?
It would be great if you could provide mor information from an audit perspective.
What problems is the product solving and how is that benefiting you?
Security Compliance
Great compliance automation tool, great UX, easy to navigate.
What do you like best about the product?
Drata has been great to map from the ISO 27001 framework requirements to actual controls. Whilst it doesn't replace compliance activities, it has sped up our alignment of our existing process to the ISO 27001 framework controls. The in-built policies have been great to use a base for review and sometimes wholly draft new policies. The risk assessment area is also very good for keeping and scoring risks.
Finally the automation of controls is very good and suited to our environment (circa 150 employees + AWS infratructure). The tool makes it easy to disable tests (where not appropriate) or exclude particular items from the test (and justify this). The raw evidence is often very helpful for troubleshootin why our infrastructure may fail a particular test.
Their customer success folk are absolutely excellent and work with you the whole way, and the interface is very intuitive and so it's as 'self-service' as you can imagine. The onboarding of the various integrations/connections was seamless with little need for help.
During the "getting compliant", Drata has been used pretty mcuh every day by the security team in order to keep track of progress.
Finally the automation of controls is very good and suited to our environment (circa 150 employees + AWS infratructure). The tool makes it easy to disable tests (where not appropriate) or exclude particular items from the test (and justify this). The raw evidence is often very helpful for troubleshootin why our infrastructure may fail a particular test.
Their customer success folk are absolutely excellent and work with you the whole way, and the interface is very intuitive and so it's as 'self-service' as you can imagine. The onboarding of the various integrations/connections was seamless with little need for help.
During the "getting compliant", Drata has been used pretty mcuh every day by the security team in order to keep track of progress.
What do you dislike about the product?
Dislike is a strong word. Given the relative youngness of the company, there are a few rough edges spread around none of which stop getting the value from the tool. It sometimes feel like the tool is geared more towards "keeping compliant" than "getting compliant" - which of course will be the vast majority of the platform's use.
Occasionally, the platform is a little limited (integrating with Enterprise Intune policies needs to be done in a very particular way) - though this we managed to overcome with the help our Customer Success manager. In other areas, we disagreed with some of the automated monitoring tests and their implementation (for example around production access to Gitlab). but that was overcome by using their API to upload evidence automatically from a small CI/CD job and disabling that single test. On the whole, we use almost every test provided by Drata out of the box.
Occasionally, the platform is a little limited (integrating with Enterprise Intune policies needs to be done in a very particular way) - though this we managed to overcome with the help our Customer Success manager. In other areas, we disagreed with some of the automated monitoring tests and their implementation (for example around production access to Gitlab). but that was overcome by using their API to upload evidence automatically from a small CI/CD job and disabling that single test. On the whole, we use almost every test provided by Drata out of the box.
What problems is the product solving and how is that benefiting you?
It's helping ensuring that as we rework our policies, ways of working, etc, that we are algining to ISO 27001 and helping us formalise and identify activities we were already doing. Ultimately, it will help us with the ongoing compliance by prompting for regular activities to be performed, highlighting where we've departed from standards/policies immediately within 24 hours, etc.
showing 31 - 40