External reviews
1,107 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Outstanding Experience with This Software
What do you like best about the product?
Tracking and monitoring the controls and requirements to accomplish the targeted frameworks
What do you dislike about the product?
It takes some time to see the changes reflected in the application
What problems is the product solving and how is that benefiting you?
Tracking and monitoring the controls and requirements to accomplish the targeted frameworks
Automation and pre-filling that save time
What do you like best about the product?
Automation and pre-filling of controls.
What do you dislike about the product?
The price of frameworks.
I would prefer an access price to the platform, with all frameworks allowed.
I would prefer an access price to the platform, with all frameworks allowed.
What problems is the product solving and how is that benefiting you?
Pass the certifications efficiently, allowing for simplified tracking.
Outstanding for Security Compliance and Evidence Collection
What do you like best about the product?
Evidence collection and ability to ensure 100% security awareness compliance with personnel.
What do you dislike about the product?
Ability to contact a real person for best practices and quick implementation.
What problems is the product solving and how is that benefiting you?
Having everything in one place for the auditor, that helps me a lot.
Digitizes Compliance, Easy Setup, But Pricey Globally
What do you like best about the product?
I love how Drata has transformed the way I handle compliance by digitizing everything, eliminating the hassle of maintaining spreadsheets. The detailed and descriptive nature of Drata is incredibly helpful; it's well-labeled and grouped, which simplifies the setup process and makes it easier to ensure compliance. The initial setup was very easy, and I appreciate how it integrates seamlessly with other tools I use, such as Jumpcloud, AWS, GitHub, and Jira. The comprehensive nature of Drata makes my compliance tasks more manageable and efficient, offering a user-friendly experience that truly stands out.
What do you dislike about the product?
The cost of using Drata is a concern for me. While the cost might be justified, the annual fee of $30,000 may not be affordable in countries other than the US.
What problems is the product solving and how is that benefiting you?
I use Drata to digitize compliance processes, eliminating the hassle of spreadsheets. Its detailed and organized nature simplifies setup and compliance opt-ins.
Convenient Training and Compliance Management
What do you like best about the product?
I primarily use Drata for training, which is extremely convenient for me. I really appreciate how it helps me stay on top of compliance, especially given how busy we are. The setup process was straightforward and easy when I initially installed it, which was a pleasant surprise. Additionally, Drata appears to effectively manage important functions like antivirus and hard drive encryption, which adds to its value. Overall, it operates better than I had initially expected, and I'm quite satisfied with its performance, as reflected in my high likelihood of recommending it to others.
What do you dislike about the product?
Nothing comes to mind right now. I've only been using it for about a year.
What problems is the product solving and how is that benefiting you?
I use Drata for managing compliance training, which helps me stay on top of requirements and is convenient for my busy schedule.
Audit-Ready Dashboard and Automation Save Us Time
What do you like best about the product?
It's always audit-ready: I can literally look at the dashboard and see our real-time compliance status for SOC 2 or ISO 27001. If a control fails, I get an alert immediately, not six months later during a review.
Massive time savings: It has seriously automated 90% of the manual evidence collection. I no longer spend days or weeks before an audit compiling screenshots and documentation.
The Audit Hub is a game-changer: When the auditor shows up, everything they need is centralized in one place. Communication and evidence requests are streamlined, which makes the entire audit process so much smoother and faster.
Massive time savings: It has seriously automated 90% of the manual evidence collection. I no longer spend days or weeks before an audit compiling screenshots and documentation.
The Audit Hub is a game-changer: When the auditor shows up, everything they need is centralized in one place. Communication and evidence requests are streamlined, which makes the entire audit process so much smoother and faster.
What do you dislike about the product?
Limited Niche Integrations: We use a few niche tools, and Drata either doesn't have an integration for them or the pre-built connection is very limited in the evidence it can pull. This forces us back to the manual process for those specific controls, which defeats the whole purpose of the automation.
Lack of Flexibility in Control Mapping: For standard frameworks (like SOC 2), it's great. But if your organization has unique workflows, internal policies, or needs a less common framework, customizing or mapping your controls to fit those needs can be rigid and challenging. It can feel like it's a "my way or the highway" platform.
Lack of Flexibility in Control Mapping: For standard frameworks (like SOC 2), it's great. But if your organization has unique workflows, internal policies, or needs a less common framework, customizing or mapping your controls to fit those needs can be rigid and challenging. It can feel like it's a "my way or the highway" platform.
What problems is the product solving and how is that benefiting you?
The problem Drata solves is a huge one: It replaces the manual, fragmented, and panic-driven traditional approach to compliance (GRC) with a continuous, automated, and proactive system.
Before Drata, preparing for an audit (like SOC 2 or ISO 27001) was a company-wide crisis. It involved:
Manual Evidence Collection: Running reports from our cloud provider, HR system, ticketing system, and endpoint management tool.
Point-in-Time Compliance: Knowing we were compliant only on the day we pulled the evidence. As soon as a setting was changed, we were blind again.
Human Error and High Effort: Endless spreadsheets, copy-pasting, and chasing people for screenshots—all time that my security and engineering teams could have spent on actual security work
Before Drata, preparing for an audit (like SOC 2 or ISO 27001) was a company-wide crisis. It involved:
Manual Evidence Collection: Running reports from our cloud provider, HR system, ticketing system, and endpoint management tool.
Point-in-Time Compliance: Knowing we were compliant only on the day we pulled the evidence. As soon as a setting was changed, we were blind again.
Human Error and High Effort: Endless spreadsheets, copy-pasting, and chasing people for screenshots—all time that my security and engineering teams could have spent on actual security work
Robust Compliance Tool with a Steep Learning Curve
What do you like best about the product?
I find Drata extremely useful for complete document organization, alerts, compliance, and security across the board. The alert system stands out for its ability to integrate with tools like Slack and Linear, which enhances my workflow seamlessly. I also appreciate the templates for policies and recommendations that Drata makes; they provide valuable guidance and save me time in setting up our compliance processes. What truly sets Drata apart is the extraordinarily helpful support from Alex Hamilton and Tina, who are patient and knowledgeable, assisting me in learning how to optimize and best use Drata. As I become more familiar with the system, I'm increasingly able to leverage its full potential, which is a significant factor in my decision to continue using and considering repurchasing Drata. The combination of these features and the excellent customer support makes Drata an invaluable tool for me and my organization.
What do you dislike about the product?
{"I find the initial setup of Drata very difficult, and I felt a lack of sufficient onboarding support.","I'm also frustrated by the extensive knowledge required to effectively use Drata. I wish there were more accessible and responsive chat support, similar to the experience I have with Gusto, to quickly answer questions.","I believe Drata would benefit from having chat support available 24/7 to address issues and learning curves more efficiently."}
What problems is the product solving and how is that benefiting you?
Drata organizes documents, provides alerts, aids compliance and security. It integrates well with our tools and offers policy templates and recommendations, enhancing our compliance efficiency.
Good experience so far but we are only just starting out.
What do you like best about the product?
Easy to implement connections, integrations and configuration.
Support chat seem very helpful and has resolved any issues very quickly so far.
Support chat seem very helpful and has resolved any issues very quickly so far.
What do you dislike about the product?
I have not found anything yet I really dislike about Drata.
What problems is the product solving and how is that benefiting you?
Simplifying the compliance process and reducing the resource demands across the business for multiple compliance requirements.
Customer Service
What do you like best about the product?
Terrious was prompt and clear in communication. He understood the issue and very quickly suggested a workaround.
What do you dislike about the product?
Unfortunately, it was a real bug in the system
What problems is the product solving and how is that benefiting you?
Gathering all evidence and continuous monitoring of controls. Though we have discovered that depending on control, the monitoring can be suspect. Meaning even though the control is 'green' , monitoring did not catch errors.
Helpful customer service and good controls
What do you like best about the product?
Easy to understand how the controls work and how they are mapped onto specific frameworks. Useful to be able to assign specific owners for different people in the business. Quick response from customer support who are helpful and easy to talk to.
What do you dislike about the product?
It would be useful to have more international frameworks available such as IRAP.
I would like to be able to filter for controls that are about to have evidence that expires soon, not just what is currently ready and not ready.
I would like to be able to filter for controls that are about to have evidence that expires soon, not just what is currently ready and not ready.
What problems is the product solving and how is that benefiting you?
Helps us adhere with frameworks, especially in preparing for our ISO27001 audit.
showing 1 - 10