External reviews
1,084 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Customer Service
What do you like best about the product?
Terrious was prompt and clear in communication. He understood the issue and very quickly suggested a workaround.
What do you dislike about the product?
Unfortunately, it was a real bug in the system
What problems is the product solving and how is that benefiting you?
Gathering all evidence and continuous monitoring of controls. Though we have discovered that depending on control, the monitoring can be suspect. Meaning even though the control is 'green' , monitoring did not catch errors.
Helpful customer service and good controls
What do you like best about the product?
Easy to understand how the controls work and how they are mapped onto specific frameworks. Useful to be able to assign specific owners for different people in the business. Quick response from customer support who are helpful and easy to talk to.
What do you dislike about the product?
It would be useful to have more international frameworks available such as IRAP.
I would like to be able to filter for controls that are about to have evidence that expires soon, not just what is currently ready and not ready.
I would like to be able to filter for controls that are about to have evidence that expires soon, not just what is currently ready and not ready.
What problems is the product solving and how is that benefiting you?
Helps us adhere with frameworks, especially in preparing for our ISO27001 audit.
The value proposition is immediate
What do you like best about the product?
I use Drata daily in my workflow and coming from legacy GRC platforms, the vision of multi-framework compliance testing is a no-brainer. I cannot count how many times I've said and heard phrases such as "minimize overlap" and "let's not retread ground" throughout my career. Drata is the first platform that's actually made me feel like these were more than platitudes, and more importantly, actually easy to implement! Drata's feature set is lean and targeted. There is no bloat and it cuts straight to the point.
Drata's integrations streamline and reduce tens of hours of manual evidence collection. When we encounter applications without pre-programmed integration, our support from Drata has been timely and knowledgeable in helping us navigate our options. I think it's valuable to hire former auditors who know the inside as guidance setters.
Drata's integrations streamline and reduce tens of hours of manual evidence collection. When we encounter applications without pre-programmed integration, our support from Drata has been timely and knowledgeable in helping us navigate our options. I think it's valuable to hire former auditors who know the inside as guidance setters.
What do you dislike about the product?
Drada's default policy guidance seems to lean towards more is better. As a former auditor myself, I know that auditors can only judge you based on what you give them so I feel like Drata's approach of covering all corners is not the right strategy when dealing with external auditors.
What problems is the product solving and how is that benefiting you?
Automating PCI-DSS and (eventually) our SOC2 program compliance.
Great CSM and platform experience
What do you like best about the product?
Responsiveness of customer success manager.
What do you dislike about the product?
Some things can only be configured by contacting the CSM.
Switching from another compliance platform to Drata is far less seamless than the marketing suggests.
* Drata has more (or different) automatic tests than our old compliance platform and therefore infrastructure changes had to be done.
* Some stuff like log retention is hard coded in automated tests and cannot be changed. Currently this value is 356 days. We have everything setup with 90 days for SOC 2 compliance and this now makes our transition harder.
Switching from another compliance platform to Drata is far less seamless than the marketing suggests.
* Drata has more (or different) automatic tests than our old compliance platform and therefore infrastructure changes had to be done.
* Some stuff like log retention is hard coded in automated tests and cannot be changed. Currently this value is 356 days. We have everything setup with 90 days for SOC 2 compliance and this now makes our transition harder.
What problems is the product solving and how is that benefiting you?
Where possible we centralize our security insights in Drata, this gives us a nearly 100% insight in one place. We also use it for compliance monitoring and SOC 2 audits. Drata also bought safe base which we are also using right now for trust center + security questionnaire filling support.
Best in the industry
What do you like best about the product?
Easy to use dashboard system, Support team (particularly Hunter) was very responsive and provided helpful materials when needed.
What do you dislike about the product?
None that i can think of. Everything has been easy to setup. It'd be nice to see more in-depth errors of why it something may not be working (i.e `hasMFA` would return null but not tell us *why* it would return null (i.e due to wrong permissions))
What problems is the product solving and how is that benefiting you?
Achieving SOC 2 compliance demonstrates our commitment to the highest standards of security and data protection. It establishes a strong foundation of trust with our current clients and sets the stage for building lasting confidence with future partners.
Effortless Compliance with Drata's Intuitive Features
What do you like best about the product?
I appreciate Drata's simplicity in guiding us through the compliance process, making it easy to set up and maintain. Its real-time synchronization ensures our operations stay up-to-date. I'm impressed by the policy templates and the useful integrations, particularly the connectors for different types of vulnerability scanners, which keep everything connected seamlessly.
What do you dislike about the product?
While I find the integrations and connectors in Drata great, I wish they were even more simplified. I believe there could be more development work done to enhance the system, potentially incorporating AI to guide users through the process with greater ease.
What problems is the product solving and how is that benefiting you?
I use Drata to achieve SOC 2 compliance easily, benefiting my company and clients, with real-time integration and useful policy templates ensuring seamless compliance maintenance.
Drata - Our Compliance Partner
What do you like best about the product?
Drata is proactive, timely, and professional — whenever there’s a problem, help is never far away; the team is friendly and professional, the AI and human help options save valuable time, the well-structured management software is easy to implement and easy to use, I use it daily multiple times, and Drata is the best solution we’ve ever tried.
What do you dislike about the product?
I honestly can’t think of a single thing to dislike about Drata.
What problems is the product solving and how is that benefiting you?
Drata automates the entire compliance process, making audits far less time-consuming and reducing management overhead. Its pre-mapped controls and tests are perfect for inexperienced users and teams just starting out, while its vendor management and review features orchestrate the whole process seamlessly. It keeps us on track with all audit-related tasks, ensuring nothing falls through the cracks.
The Document and Security solution for companies that just want it done and done right.
What do you like best about the product?
Drata makes creating policies and following frameworks easy and straight forward. Security is necessary at all companies now and so many companies are trying to re-invent the wheel. Why? Drata gives you what you need to pass your audits and do it right, without trying to re-invent what security is. Its a one stop shop for security professionals to keep their companies in the green in all senses of the word. We will continue to use Drata and it will enable us to grow without worrying about if we are doing it right. We know we are because we use Drata.
What do you dislike about the product?
I wish there were even easier way to fill out the templates for the policies. Allow more boxes to fill in the "stuff" that matters to your company.
What problems is the product solving and how is that benefiting you?
We are a small shop and we don't have extra money for all the bells and whistles that other companies want to sell you. However, that didnt' matter with Drata, we are able to monitor our users devices for security and compliance, while also doing User access reviews, and sending out our vendor surveys so we can stay in complaince. All from a single pane of glass.
Great Assistance
What do you like best about the product?
I love the automation of it all and how i can access several different frameworks that are already mapped to controls my environment is already following.
The assistance i received was not only quick but the 2 that i dealt with were very knowledgeable which made the process easy.
The assistance i received was not only quick but the 2 that i dealt with were very knowledgeable which made the process easy.
What do you dislike about the product?
Some end user stuff with how to access certain things. There are some things i would change just to make it easier for me as the end user to do my tasks when im using the tool.
What problems is the product solving and how is that benefiting you?
Mapping and understanding the controls correctly.
Easy automation for your Certification needs.
What do you like best about the product?
It is automated platform that now includes SafeBase and the Compliance Accelerator.
What do you dislike about the product?
Little hard to navigate in the beginning but it becomes easy to operate afterwards.
What problems is the product solving and how is that benefiting you?
Automation in Certification preparation by implementing controls and internal Auditing.
showing 1 - 10