External reviews
External reviews are not included in the AWS star rating for the product.
Makes a Complex Certification a Breeze
What do you like best about the product?
Hundreds of integrations automate everything
What do you dislike about the product?
Nothing! We're big fans of everything they're building, and whenever an issue does arise, they fix it within hours.
What problems is the product solving and how is that benefiting you?
Drata took what is an inherently complicated certification and made it easy to follow and understand. We've improved our security significantly and fixed things we never even thought of as risks.
- Leave a Comment |
- Mark review as helpful
Dashboard that works for you paired with excellent customer service
What do you like best about the product?
There are quite a few compliance solutions that perform similar tasks. Drata's dashboard/checklist is easy to use and gives a solid overview of where you stand but where they really stand out is with their customer success team. Their team's frequent follow-ups help keep the project on track and they are extremely helpful in answering questions and navigating the compliance process.
What do you dislike about the product?
While they are growing the number of partnerships they have, growing this bench of integrations is something this can be improved.
What problems is the product solving and how is that benefiting you?
No problems. As far as benefits, having a dedicated customer success manager has helped us keep our project on track. Other offerings failed us in the past as we did not have the help navigating the process and answering all of the questions that come along with SOC 2 complaince.
Making SOC compliance easy
What do you like best about the product?
The Drata dashboard makes monitoring outstanding compliance items easy to identify and resolve. The policy editor is also much easier tool to create and edit compliance documents, especially compared to competing products. Finally, the chat support has been helpful in clarifying compliance questions.
What do you dislike about the product?
At this time, we haven't encountered anything we disklike. Having worked with the Vanta product previously our transition to Drata has been easy and has eliminated all the pain points we felt with the Vanta platform.
What problems is the product solving and how is that benefiting you?
Consolidating all our outstanding SOC compliance items in 1 place to ensure all items are accounted for as we move towards our Type 1 compliance and future Type 2 as well.
Recommendations to others considering the product:
The Drata tool is a must-have for any company looking to obtain SOC certification. In addition, Drata would be a tremendous resource for an organization just looking to follow best practices even if certification isn't the immediate goal. If you are considering a compliance management tool I couldn't recommend Drata enough.
Application is easy to use, and the onboarding experience is amazing
What do you like best about the product?
The user interface is intuitive, very easy to identify monitoring errors and quickly resolve them.
What do you dislike about the product?
SOC 2 is tedious and requires the preparation of a lot of documents. I wish that process was a bit smoother; perhaps they could use a service like useanvil.com to generate the documents with the relevant company information pre-populated automatically
What problems is the product solving and how is that benefiting you?
Achieving SOC2Type2 compliance has allowed us to work with many industries we previously had to avoid, such as Banking.
We loved our experience with Drata
What do you like best about the product?
Drata's team/customer service (especially Fox!) is responsive and knowledgeable. Auditors highly recommend the platform, and it walked us through everything we needed to do. I especially appreciated the Framework tool, where you could go through all of the required controls one by one and add evidence to Drata as needed. The Monitoring feature is also superb.
What do you dislike about the product?
The policy editing view was hard to use; there is no track changes feature. Also, the monitoring feature doesn't catch changes right away. It would also be nice to have more templates available for required evidence, such as an incident response test template.
What problems is the product solving and how is that benefiting you?
Drata helped us prepare for our SOC 2 Type 1 audit, and we will be using it to go through our Type 2 audit as well.
A comprehensive product and team that streamlines the journey of becoming SOC2 compliant
What do you like best about the product?
Intuitive and well designed product focused on exactly what you need it to do, thorough documentation, seamless ability to export reports that outline compliance standing along with a helpful and friendly support team that guides you along the way to best shape your policies and procedures.
What do you dislike about the product?
At the time we started using Drata, they provided support for SOC2 only. Right now, they are also offering ISO27001. Although specializing and being experts in one type of compliance is an asset, it would be helpful to leverage the same monitoring setup for other types of certifications as well. So, I'm glad to see they are actively expanding into other frameworks.
What problems is the product solving and how is that benefiting you?
Drata guided us through our journey of becoming SOC2 compliant
The easiest compliance tool I’ve ever used
What do you like best about the product?
To sum it up - Drata took us from not even knowing Soc2 was a thing, to being completely audit ready in a matter of weeks. Everything with Drata has been nothing but simple. Basically You just connect your integrations your using, wait for the data to be synced then literally just go through all the things that need fixing until it's all done. It's literally so simple and so clearly laid out with explanations for each controls as well as any additional steps you need. If I did get stuck somewhere then I'd just shoot a message to Ashley and the CS team and someone would have a detailed answer for me (usually) within the hour. More importantly, since they've released the auditor side, our auditor seems pretty happy with Drata and how easy it makes evidence gathering from their side.
What do you dislike about the product?
Sometimes if you're knew to Soc2 it can be unclear exactly how to solve a particular monitor, so a bit more in depth documentation/explanations for certain co trols would be great. However in saying that - I have seen it greatly improve since we've started using Drata.
What problems is the product solving and how is that benefiting you?
Literally what it says on the tin - Helping us get soc2 ready. Will definitely use them for iso27001 as wel.
Recommendations to others considering the product:
Honestly just pull the trigger - you won't regret it.
Complete experience with lot of support
What do you like best about the product?
Support and ability to talk with an auditor
What do you dislike about the product?
The security training provided can be a little light
What problems is the product solving and how is that benefiting you?
When starting a certification you don't know, Drata provides you with a framework to work on to go with the flow. It is easy to start, stop and then follow after some time.
Employee integration is also efficient.
Employee integration is also efficient.
Best bang for your compliance $$
What do you like best about the product?
I love how easy and efficient the risk assessments are. The platform is about 100x easier to use than other compliance platforms and the price point is perfect.
What do you dislike about the product?
The only issue are other frameworks other than SOC2, but those are coming online soon. I'm looking forward to these new frameworks.
What problems is the product solving and how is that benefiting you?
The problem I am solving is starting a compliance program from scratch. Drama has made that infinitely easier
Recommendations to others considering the product:
If you need all framework compliance right away, I would wait; however, if you have some time to put together a complete compliance program, this is for you!
SOC in a box - It really helps!
What do you like best about the product?
Out of the box, it comes with almost every policy your IT and InfoSec department needs. It comes with approved pre-written policies! Policies are labeled with each of the SOC controls it is tied to, which is invaluable. You go in, make a few edits, assign a policy owner, and you're done. I likely would have bought Drata if this was the only thing it did. For me, the integrations are where Drata shines. It is a one-stop-shop to monitor for non-compliance and prevent 'oops' moments. From someone forgetting to turn on MFA or an employee accidentally turning on a firewall rule that is too permissive. Drata will catch it.
Did I mention it has a risk assessment tool too?
Did I mention it has a risk assessment tool too?
What do you dislike about the product?
Policy acceptance. When you edit a policy, you are presented with a full-screen so you can easily read the policy you are working on. When employees are accepting policies, the default screen only uses about half of your available screen. Not ideal for reviewing policies. You can manipulate the screen and zoom in, but it's a few extra steps that feel unnecessary.
The security awareness training seems to be a little bit thin, but it does touch on the key things you want your employees to know.
The security awareness training seems to be a little bit thin, but it does touch on the key things you want your employees to know.
What problems is the product solving and how is that benefiting you?
Continuous monitoring for compliance. Drata has given us visibility into some environments that could potentially be overlooked.
Recommendations to others considering the product:
You get policies, asset management, vendor management, monitoring, and an excuse to remind employees to do something ("...well Drata still shows you haven't done it..") all in one. It's a great product, and I'm glad we purchased it.
showing 581 - 590