External reviews
External reviews are not included in the AWS star rating for the product.
Great software for easing the SOC2 audit process
What do you like best about the product?
It's easy to see at a glance what criteria we need to satisfy for SOC2, and for many criteria, whether we're meeting them.
What do you dislike about the product?
Sometimes the UI is a little cramped, with the drawer that opens to show information on a particular entry (employee, policy, criteria, etc.) being relatively narrow when more of the screen could be used to display more information.
What problems is the product solving and how is that benefiting you?
We're in the process of getting SOC2 compliance and Drata has helped us pin down what we need to do to achieve this.
- Leave a Comment |
- Mark review as helpful
Makes it easy to get to SOC2 compliance
What do you like best about the product?
I like that it makes me figure out what to work on, the documents to produce and it doesn't require me to fish for information.
Customer Support is also amazing, quick, to the point, and with quick resolution of issues.
Customer Support is also amazing, quick, to the point, and with quick resolution of issues.
What do you dislike about the product?
Some features would be nice to have like if I change my company name from , inc to without Inc. the documents reflect that automatically, or at least give me the option to review all occurrences. Not a big deal, but nice to have.
What problems is the product solving and how is that benefiting you?
SOC 2 readiness.
Recommendations to others considering the product:
I'm a big fan.
Seamless Audit Guidance with Drata
What do you like best about the product?
Drata has been an excellent resource for our organization. We are more prepared to complete a SOC2 audit and have visibility of our security standing for our internal employees and contractors. With our team primarily working remotely, Drata has helped us easily capture important compliance information from employee devices without the hassle of manually pulling the data.
What do you dislike about the product?
Drata is still improving and adding features each month. Some features we'd like to see, such as integrations, are not yet available but are on the roadmap, and we're confident we will see them added soon.
What problems is the product solving and how is that benefiting you?
We needed a way to view unmet requirements to prepare for security audits easily. Drata has not only given us this insight but also can be used as a source of record for policy information device compliance and employee security training.
Thoughtful, pragmatic and valuable partner on a tough journey.
What do you like best about the product?
Excellent support - very thoughtful and passionate. Wonderful product concept and really good execution.
What do you dislike about the product?
It's an iterative process, so "dislike" is probably not the right word - may be, there is still room for growth in integrations with other products and platforms.
What problems is the product solving and how is that benefiting you?
SOC2 compliance is title - but really it's all about a solid security and process posture. Drata does an amazing job of keeping track of all the different controls that are very easily missed.
Great product, very easy to use
What do you like best about the product?
Ease of use, streamlined onboarding, all the integrations you could want.
What do you dislike about the product?
I haven't come across anything negative yet.
What problems is the product solving and how is that benefiting you?
We are using Drata to help us become SOC II compliant. Their platform has made it clear and simple what we need to do.
Makes getting certified super easy and helps setup ongoing monitors. Drata staff is amazing!
What do you like best about the product?
- I had never done an audit before, Drata made it super easy, though.
- The staff was amazing; they were available for calls, emails, Slack, etc., almost all day, every day.
- The software provides a ton of integrations: to cloud platforms, HR software, and many other tools.
- The checklist system of setting up monitors is really great for someone whose never done an audit before.
- The monitoring system is excellent for renewals and making sure you don't fall behind on any promised SOC2 Type2 checks.
- Overall the software is super functional and easy to user, the company is constantly making updates to improve.
- The staff was amazing; they were available for calls, emails, Slack, etc., almost all day, every day.
- The software provides a ton of integrations: to cloud platforms, HR software, and many other tools.
- The checklist system of setting up monitors is really great for someone whose never done an audit before.
- The monitoring system is excellent for renewals and making sure you don't fall behind on any promised SOC2 Type2 checks.
- Overall the software is super functional and easy to user, the company is constantly making updates to improve.
What do you dislike about the product?
- We didn't have a need for this, but if you have multiple cloud offers that you want to monitor, make sure you can connect to multiple accounts. e.g., Azure, AWS, GCloud. I don't think this is a very common scenario, but some companies might need this. Drata might already support this BTW, I know they didn't support it in early 2021, but they constantly release improvements, so it might already be resolved.
What problems is the product solving and how is that benefiting you?
- Becoming SOC2 Type2 compliance
- Easy audit/renewal
- Easy audit/renewal
Drata - Saved weeks on our way to SOC2
What do you like best about the product?
Drata makes a complex process orderly. SOC2 is a process that contains multiple stages and requires coordination and review. Drata simplifies something that once requires a full-time consultant and allows you to federate it amongst your team. We are a small group, but Drata allows us to move from nothing to our auditor in a few weeks because it kept us on track and let us to know where to focus.
I thought the templated policies (our auditor told us, if you just do those - you will pass) were a gamechanger. Writing those from scratch would not have been fun.
The onboarding checklist made connecting the monitored systems very easy and the overall UX made usage very easy. It was a good feeling when we saw all green checkmarks signifying that all of our connected systems were passing Drata's automated test. We also had weekly check-ins with our CSM who was incrediblly responsive
I thought the templated policies (our auditor told us, if you just do those - you will pass) were a gamechanger. Writing those from scratch would not have been fun.
The onboarding checklist made connecting the monitored systems very easy and the overall UX made usage very easy. It was a good feeling when we saw all green checkmarks signifying that all of our connected systems were passing Drata's automated test. We also had weekly check-ins with our CSM who was incrediblly responsive
What do you dislike about the product?
We used GCP and there was one test that kept failing and it was incredibly frustrtating. After a few rounds of reviews, we (both our team and Drata) knew that we had configured everything correctly. Turns out the Drata agent for GCP wasn't detecting our configuration properly. That said, our Customer Success agent connected us with Drata Engineering, and within two days, they had rolled out a fix.
What problems is the product solving and how is that benefiting you?
Our software product connects to customers systems and ingest data that they may consider sensitive. As such many customers have asked us for our security procedures and our certifications. SOC2 was required to continue growing our business. The benefits have been the ability to target larget customers than we were able to do so before.
Recommendations to others considering the product:
Get a basic understanding of what is required for SOC2 and then do some pre-work. Drata wont help you write your architecture diagram or the like, but it does help you understand what is needed to pass an audit and what is required to maintain a secure system. The customer support is exceptional, and it is clear to understand where you are in the process. There is still work to do on your part, but Drata helps you understand what is left on your checklist. Make sure your auditor is Drata familar as it helps the process.
Impressive automation for this new up and coming vendor
What do you like best about the product?
User interface is above and beyond the best of the 4 vendors we reviewed. Customer support is incredibly responsive, and they have actual auditors on hand from some of the big firms who can help answer compliance-related inquiries. Bravo to Erin and Ashley and Troy for helping us through our SOC 2 compliance effort.
What do you dislike about the product?
The Drata Agent definitely still needs some improvements. Each small hiccup/glitch becomes something that the person coordinating the effort has to answer for every single employee over and over. I know they are putting a ton of development resources into the agent and adding new features every month it seems, so I am sure this will improve over time. They are very open to customer feedback.
What problems is the product solving and how is that benefiting you?
We are going for SOC 2 compliance with the hopes of better protecting our data, our customers' data, and speeding up our sales cycle.
Drata has taken the effort out of obtaining SOC 2 and allows continuous compliance going forward.
What do you like best about the product?
The overview is excellent, giving you a percentage to completion and makes monitoring the whole SOC 2 compliance very easy. The help articles linked to each control that fails are brilliant and offer you semi-guided advice on what you need to do to get that control working. The support from the Drata is also second to none.
What do you dislike about the product?
Some checks are ran on a daily schedule not when the test on the control is ran, eg some GItlab checks, however my guess is this allows Drata to avoid being throttled by the GitLab.com API so it is something that can be lived with.
What problems is the product solving and how is that benefiting you?
We are able to up our baseline security along with obtaining SOC 2 compliance. Drata has flagged many things that we didn't do that we should have and makes doing them going forward much easier, things such as risk assessment, pen testing etc.
Drata is Awesome
What do you like best about the product?
Intuitive interface. A lot of automation. New features are released almost every week. CS people are amazing.
What do you dislike about the product?
Some support articles are missing. Some evidence still has to be added manually.
What problems is the product solving and how is that benefiting you?
SOC2 automation. Compliance monitoring.
showing 781 - 790