External reviews
1,085 reviews
from
and
External reviews are not included in the AWS star rating for the product.
SOC2 compliance experience with Drata
What do you like best about the product?
Drata is pretty easy to use once you understand how the user interface is setup. The detailed guide in every step has been very helpful.
What do you dislike about the product?
Initially the UI was a little confusing. I can never talk to a live person under help option right away but they have a good customer team who are easy to reach through email.
What problems is the product solving and how is that benefiting you?
It streamlines the compliance process and reduces manual effort.
Good GRC platform, with several frameworks included.
What do you like best about the product?
It includes several frameworks, like PCI DSS, SOC2 and ISO.
What do you dislike about the product?
Connection for Orca Vulneranility scanner not available yet.
What problems is the product solving and how is that benefiting you?
It shows all of the controls required for each framework, evidence and policies can be uploaded there.
A beginner's guide to Drata
What do you like best about the product?
What makes Drata helpful is the overall consolidation and mapping of the security standards and technical requirements needed to achieve compliance. There are functionalities too that can automate tasks for compliance evaluation which makes it very helpful in analyzing the gaps as to what needs remediation.
What do you dislike about the product?
There are certain options that can be quite challenging to integrate and this needs to be head leveled in the documentation procedures.
What problems is the product solving and how is that benefiting you?
Evaluation and mapping of our current security posture which is needed for our ISMS certification. The ability to automate the evidence collection, control monitoring, and documentation for frameworks like SOC 2, ISO 27001, PCI DSS, HIPAA, and GDPR are hepful. Although there are no one-size fits all in security evaluation, the pre-built frameworks and controls are sufficient to come of with substantial evaluation for a security audit.
Drata: Simplifying Your Compliance Journey
What do you like best about the product?
Drata supports the most common compliance frameworks. It effectively translates compliance requirements into readable control items. Each control item consists of a set of tests that are defined with clear specifications. For example, if an organization wants to adhere to the compliance NIST CSF, personnel responsible for achieving compliance simply focus on the control items of target compliance that Drata organized. Some tests can be shared across multiple compliance frameworks! It is easier for them to implement other compliances more efficiently in the future. Secondly, the most impressive design is the capability of automated evidence collection. With easy configuration on integrations to popular platforms, it can save effort when collecting the evidence of control items. To manage the overall readiness of compliance continuously, Drata provides efficient monitoring of controls, the status of tests, and the integrity of essential evidence. It provides users with real-time status and benchmarks in the dashboard. That helps internal or external auditors to track progress, identify gaps, and demonstrate compliance to key stakeholders. Finally, when I was new to Drata in the beginning, the Drata support team consistently delivered effective solutions to customer issues. The experience of customer support really touched my heart.
What do you dislike about the product?
The automated evidence-collection feature is a very productive design. However, it has both pros and cons. The limitations on integrations may become a burden if the target platform is not on the support list. Another thing that needs to be improved is the instructions for fixing the failed/error tests. Sometimes, I can not directly understand the root cause of the failed test. I hope the error information or solution instructions become more transparent or readable.
What problems is the product solving and how is that benefiting you?
Readiness status: make the estimation on the progress of compliance adherence easier and more readable.
Continuous monitoring: easy to track progress and identify gaps, minimize the risk of non-compliance and reduces the likelihood of costly audit findings.
Automation on evidence: Drata automates many of the manual tasks associated with compliance, frees up valuable resource for the security team and product teams
Continuous monitoring: easy to track progress and identify gaps, minimize the risk of non-compliance and reduces the likelihood of costly audit findings.
Automation on evidence: Drata automates many of the manual tasks associated with compliance, frees up valuable resource for the security team and product teams
Soon to be the ultimate GRC tool for Tech companies
What do you like best about the product?
Drata stands out for its rapid delivery of reliable modules, easily manageable test infrastructure for large cloud clusters, and user-friendly integration process with an intuitive interface
What do you dislike about the product?
Customers may face challenges obtaining troubleshooting assistance, this is the cost of the fast growth, however easy to be fixed in the future.
What problems is the product solving and how is that benefiting you?
Drata streamlines compliance management across ISO27001 certification, audits, vendor management, and risk assessment processes by automating data population and eliminating redundancies, enabling a more efficient and integrated approach to security and compliance operations.
Drata helps us to navigate complex requirements easily
What do you like best about the product?
The automatic tests are an excellent feature for maintaining compliance activities.
What do you dislike about the product?
I find it difficult to assess whether a control is mandatory or optional. It should be better explained
What problems is the product solving and how is that benefiting you?
Drata is helping us in tracking required controls for SOC 2 and HIPAA compliance
Adds order and efficiency to a complicated and laborious process
What do you like best about the product?
The categorisation features including of the audit requirements, controls and policies are easy to use.
The templates are also full featured and while not ready out of the box, are much better than starting from ground zero.
Support is available nearly round the clock which helps with software learning process.
The templates are also full featured and while not ready out of the box, are much better than starting from ground zero.
Support is available nearly round the clock which helps with software learning process.
What do you dislike about the product?
As with anything that simplifies a complex process, there is a learning curve to the software. A few bumps in the road with integration to external software providers.
What problems is the product solving and how is that benefiting you?
Drata is simplifying the compliance journey with a cloud based tool that manages all controls, policies and tests in a mostly automated manner.
Surprise
What do you like best about the product?
integrations with others environments. Rich source of informational
What do you dislike about the product?
is necessary to much interaction to support rise a ticket.
What problems is the product solving and how is that benefiting you?
control security and compliance
Great Compliance Software for Small to Medium Business
What do you like best about the product?
- Easy to use and understand.
- Support staff are quick and communicate well.
- Product is evolving with its clients.
- Support staff are quick and communicate well.
- Product is evolving with its clients.
What do you dislike about the product?
- Because the product is constantly improving, some features feel incomplete
What problems is the product solving and how is that benefiting you?
Drata provides us with a robust "Governance, Risk, and Compliance" toolset which makes internal and external auditing easier for our small team. By consolidating major trust and GRC functions into a single platform for a reasonable cost, it makes aligning with our security requirements and frameworks much more manageable. At a glance, we can review and monitor all the major GRC requirements, such as our alignment with security controls, our Risk Management program, our Vendor Management process, and our Policy management.
Reliable security management platform for SOC2
What do you like best about the product?
- User friendly interface and easy to setup for users
- Continuous monitoring of systems ensures our organization stays compliant in real time
- Seamless integrations with a wide varitey of other control tools
- Automates many compliance tasks, such as evidence collection and report generation, saving significant time and reducing manual work
- Able to review audits at all times
- Comprehensive security framework support
- Excellent customer support
- Centralized dashboard
- Customizable policies and controls
- Continuous monitoring of systems ensures our organization stays compliant in real time
- Seamless integrations with a wide varitey of other control tools
- Automates many compliance tasks, such as evidence collection and report generation, saving significant time and reducing manual work
- Able to review audits at all times
- Comprehensive security framework support
- Excellent customer support
- Centralized dashboard
- Customizable policies and controls
What do you dislike about the product?
- Potential overhead for smaller teams, there are many features and policies that we dont use since we are a smaller company
What problems is the product solving and how is that benefiting you?
SOC2 compliance
showing 61 - 70