External reviews
1,094 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Aprio January 2025 Review
What do you like best about the product?
Client preparedness for audits. Ease of access through the auditor portal.
What do you dislike about the product?
Most clients believe that we gain efficiencies by obtaining documentation through a GRC platform, but for an auditor, it is really just an different documentation repository. This isn't specific to Drata, it applies broadly. However, integration with FieldGuide should change this.
What problems is the product solving and how is that benefiting you?
Drata helps clients better prepare audit artifacts and have more documenation available the first day of fieldwork.
Speeding up Compliance paired with great customer success
What do you like best about the product?
Automation, policy templates and monitoring
What do you dislike about the product?
The auditor experience could be improved. Sometimes the auditors arent really tech savyy and cant find evidences.
Giving them access read only to my complete instance was the way to go!
Giving them access read only to my complete instance was the way to go!
What problems is the product solving and how is that benefiting you?
Speeding up tremendously the security and compliance posture for SOC2
A great platform that is growing with our capabilities and maturity
What do you like best about the product?
Being able to manage 8 different security compliance frameworks on one platform with only one FTE! The customer sucess team is also great and very much focused on building a long-term relationship...this was the clincher for us. (A big shout out to Alex and Aoife)
What do you dislike about the product?
Some capabilites are maturing slower than others (such as risk and asset management) .
What problems is the product solving and how is that benefiting you?
Managing multiple compliance frameworks, as well as general GRC activities, with limited resources.
SOC2 compliance experience with Drata
What do you like best about the product?
Drata is pretty easy to use once you understand how the user interface is setup. The detailed guide in every step has been very helpful.
What do you dislike about the product?
Initially the UI was a little confusing. I can never talk to a live person under help option right away but they have a good customer team who are easy to reach through email.
What problems is the product solving and how is that benefiting you?
It streamlines the compliance process and reduces manual effort.
Good GRC platform, with several frameworks included.
What do you like best about the product?
It includes several frameworks, like PCI DSS, SOC2 and ISO.
What do you dislike about the product?
Connection for Orca Vulneranility scanner not available yet.
What problems is the product solving and how is that benefiting you?
It shows all of the controls required for each framework, evidence and policies can be uploaded there.
A beginner's guide to Drata
What do you like best about the product?
What makes Drata helpful is the overall consolidation and mapping of the security standards and technical requirements needed to achieve compliance. There are functionalities too that can automate tasks for compliance evaluation which makes it very helpful in analyzing the gaps as to what needs remediation.
What do you dislike about the product?
There are certain options that can be quite challenging to integrate and this needs to be head leveled in the documentation procedures.
What problems is the product solving and how is that benefiting you?
Evaluation and mapping of our current security posture which is needed for our ISMS certification. The ability to automate the evidence collection, control monitoring, and documentation for frameworks like SOC 2, ISO 27001, PCI DSS, HIPAA, and GDPR are hepful. Although there are no one-size fits all in security evaluation, the pre-built frameworks and controls are sufficient to come of with substantial evaluation for a security audit.
Drata: Simplifying Your Compliance Journey
What do you like best about the product?
Drata supports the most common compliance frameworks. It effectively translates compliance requirements into readable control items. Each control item consists of a set of tests that are defined with clear specifications. For example, if an organization wants to adhere to the compliance NIST CSF, personnel responsible for achieving compliance simply focus on the control items of target compliance that Drata organized. Some tests can be shared across multiple compliance frameworks! It is easier for them to implement other compliances more efficiently in the future. Secondly, the most impressive design is the capability of automated evidence collection. With easy configuration on integrations to popular platforms, it can save effort when collecting the evidence of control items. To manage the overall readiness of compliance continuously, Drata provides efficient monitoring of controls, the status of tests, and the integrity of essential evidence. It provides users with real-time status and benchmarks in the dashboard. That helps internal or external auditors to track progress, identify gaps, and demonstrate compliance to key stakeholders. Finally, when I was new to Drata in the beginning, the Drata support team consistently delivered effective solutions to customer issues. The experience of customer support really touched my heart.
What do you dislike about the product?
The automated evidence-collection feature is a very productive design. However, it has both pros and cons. The limitations on integrations may become a burden if the target platform is not on the support list. Another thing that needs to be improved is the instructions for fixing the failed/error tests. Sometimes, I can not directly understand the root cause of the failed test. I hope the error information or solution instructions become more transparent or readable.
What problems is the product solving and how is that benefiting you?
Readiness status: make the estimation on the progress of compliance adherence easier and more readable.
Continuous monitoring: easy to track progress and identify gaps, minimize the risk of non-compliance and reduces the likelihood of costly audit findings.
Automation on evidence: Drata automates many of the manual tasks associated with compliance, frees up valuable resource for the security team and product teams
Continuous monitoring: easy to track progress and identify gaps, minimize the risk of non-compliance and reduces the likelihood of costly audit findings.
Automation on evidence: Drata automates many of the manual tasks associated with compliance, frees up valuable resource for the security team and product teams
Soon to be the ultimate GRC tool for Tech companies
What do you like best about the product?
Drata stands out for its rapid delivery of reliable modules, easily manageable test infrastructure for large cloud clusters, and user-friendly integration process with an intuitive interface
What do you dislike about the product?
Customers may face challenges obtaining troubleshooting assistance, this is the cost of the fast growth, however easy to be fixed in the future.
What problems is the product solving and how is that benefiting you?
Drata streamlines compliance management across ISO27001 certification, audits, vendor management, and risk assessment processes by automating data population and eliminating redundancies, enabling a more efficient and integrated approach to security and compliance operations.
Drata helps us to navigate complex requirements easily
What do you like best about the product?
The automatic tests are an excellent feature for maintaining compliance activities.
What do you dislike about the product?
I find it difficult to assess whether a control is mandatory or optional. It should be better explained
What problems is the product solving and how is that benefiting you?
Drata is helping us in tracking required controls for SOC 2 and HIPAA compliance
Adds order and efficiency to a complicated and laborious process
What do you like best about the product?
The categorisation features including of the audit requirements, controls and policies are easy to use.
The templates are also full featured and while not ready out of the box, are much better than starting from ground zero.
Support is available nearly round the clock which helps with software learning process.
The templates are also full featured and while not ready out of the box, are much better than starting from ground zero.
Support is available nearly round the clock which helps with software learning process.
What do you dislike about the product?
As with anything that simplifies a complex process, there is a learning curve to the software. A few bumps in the road with integration to external software providers.
What problems is the product solving and how is that benefiting you?
Drata is simplifying the compliance journey with a cloud based tool that manages all controls, policies and tests in a mostly automated manner.
showing 61 - 70