External reviews
1,092 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Beginning your Compliance journey
What do you like best about the product?
Drata gives you a great way to begin a Compliance journey if you don't have people to guide you.
What do you dislike about the product?
Not much, would be nice to see a Wizer integration.
What problems is the product solving and how is that benefiting you?
It pulls data from all sorts of sources and gives you a central view/alerting structure.
Drata and SOC2
What do you like best about the product?
I found the platform straightforward to use, with a high level of integration that made my experience smooth. The support teams were outstanding, always ready to help. Additionally, the AI provided valuable assistance with policy matters.
What do you dislike about the product?
A few of the policy templates lacked clarity regarding versioning, and the process of importing policies felt awkward and cumbersome.
What problems is the product solving and how is that benefiting you?
We first engaged a consultant to determine the cost of having an external firm provide us with SOC2 compliance. However, the proposals we received were too expensive for our company. Fortunately, we found that working with Drata allowed us to achieve our goals at a much lower cost.
Drata makes SOC2 easy
What do you like best about the product?
Our auditor is able to collect evidence directly from Drata and can also create new evidence requests within the platform. This workflow is a significant improvement over my previous experiences, where auditors and I had to use a shared ticketing system and all evidence had to be uploaded manually.
What do you dislike about the product?
The configuration options for monitors could be more detailed. For instance, I would like the ability to include or exclude specific resources from my AWS scans using regex, but currently, there is no way to achieve this.
What problems is the product solving and how is that benefiting you?
Streamlining our audit process
A seamless and reliable compliance automation platform, supported with an incredible CSM.
What do you like best about the product?
As a relatively small organisation, Drata has truly been a game-changer for us. Without a large compliance team, we have still been able to make steady progress toward our compliance goals, thanks to the platform. Working alongside a responsive auditing partner, we found the initial implementation straightforward and easy to get started with. The automation features for evidence collection and continuous monitoring have saved us countless hours of manual effort. We rely on Drata daily to ensure that any issues are promptly reported to the appropriate team and resolved quickly. We also value how smoothly it integrates with our core tools, such as AWS, Microsoft 365, and Intune, and how it offers clear dashboards and guided workflows that make preparing for audits much less stressful.
What do you dislike about the product?
The only real negative we’ve experienced is that support can sometimes be slower than we would like to respond. However, this has been more than mitigated by our highly responsive Customer Success Manager, who has consistently gone above and beyond to keep us moving forward. Overall, this balance has meant issues never become blockers. I wouldn't hesitate to recommend Drata to any organization.
What problems is the product solving and how is that benefiting you?
Drata is helping us overcome the challenges of managing compliance as a relatively small organisation without a large dedicated compliance team. It automates evidence collection, tracks controls continuously, and integrates directly with our core systems, which removes the need for endless spreadsheets and manual checklists. This saves us significant time, reduces human error, and gives us real-time visibility into our compliance posture. The biggest benefit is confidence—we can focus on growing the business while knowing we’re always audit-ready and aligned with frameworks like SOC 2 and ISO 27001.
Great
What do you like best about the product?
Rachel responded quickly to my ticket and helped me resolve my login issue.
What do you dislike about the product?
Everything is great. I have no issues with Drata.
What problems is the product solving and how is that benefiting you?
Login issue with my account.
Powerful compliance automation, but support can be slow
What do you like best about the product?
Drata makes it much easier to stay on top of compliance tasks that would otherwise take countless hours. The integrations with cloud services and tools pull in evidence automatically, which saves time and reduces manual work. The dashboards and automated workflows give great visibility into what’s on track and what needs attention. Overall, it’s a strong system that helps streamline compliance.
What do you dislike about the product?
While the system is powerful, some areas can be confusing to navigate at first, and documentation isn’t always clear enough to answer every question. When reaching out to support, the response time can feel too long, which slows down momentum when you’re trying to resolve an issue quickly. Faster turnaround on support and more intuitive guidance in the platform would make the experience even better.
What problems is the product solving and how is that benefiting you?
Drata helps us automate and simplify the compliance process, especially for SOC 2. Instead of chasing screenshots, spreadsheets, and reminders, we can rely on integrations to continuously collect the right evidence from our systems. This saves a huge amount of time for our team, reduces the risk of missing something important, and gives us confidence when preparing for audits. It also makes it easier to show partners and customers that we take security and compliance seriously, which builds trust.
Good experience so far but we are only just starting out.
What do you like best about the product?
Easy to implement connections, integrations and configuration.
Support chat seem very helpful and has resolved any issues very quickly so far.
Support chat seem very helpful and has resolved any issues very quickly so far.
What do you dislike about the product?
I have not found anything yet I really dislike about Drata.
What problems is the product solving and how is that benefiting you?
Simplifying the compliance process and reducing the resource demands across the business for multiple compliance requirements.
Customer Service
What do you like best about the product?
Terrious was prompt and clear in communication. He understood the issue and very quickly suggested a workaround.
What do you dislike about the product?
Unfortunately, it was a real bug in the system
What problems is the product solving and how is that benefiting you?
Gathering all evidence and continuous monitoring of controls. Though we have discovered that depending on control, the monitoring can be suspect. Meaning even though the control is 'green' , monitoring did not catch errors.
Helpful customer service and good controls
What do you like best about the product?
Easy to understand how the controls work and how they are mapped onto specific frameworks. Useful to be able to assign specific owners for different people in the business. Quick response from customer support who are helpful and easy to talk to.
What do you dislike about the product?
It would be useful to have more international frameworks available such as IRAP.
I would like to be able to filter for controls that are about to have evidence that expires soon, not just what is currently ready and not ready.
I would like to be able to filter for controls that are about to have evidence that expires soon, not just what is currently ready and not ready.
What problems is the product solving and how is that benefiting you?
Helps us adhere with frameworks, especially in preparing for our ISO27001 audit.
The value proposition is immediate
What do you like best about the product?
I use Drata daily in my workflow and coming from legacy GRC platforms, the vision of multi-framework compliance testing is a no-brainer. I cannot count how many times I've said and heard phrases such as "minimize overlap" and "let's not retread ground" throughout my career. Drata is the first platform that's actually made me feel like these were more than platitudes, and more importantly, actually easy to implement! Drata's feature set is lean and targeted. There is no bloat and it cuts straight to the point.
Drata's integrations streamline and reduce tens of hours of manual evidence collection. When we encounter applications without pre-programmed integration, our support from Drata has been timely and knowledgeable in helping us navigate our options. I think it's valuable to hire former auditors who know the inside as guidance setters.
Drata's integrations streamline and reduce tens of hours of manual evidence collection. When we encounter applications without pre-programmed integration, our support from Drata has been timely and knowledgeable in helping us navigate our options. I think it's valuable to hire former auditors who know the inside as guidance setters.
What do you dislike about the product?
Drada's default policy guidance seems to lean towards more is better. As a former auditor myself, I know that auditors can only judge you based on what you give them so I feel like Drata's approach of covering all corners is not the right strategy when dealing with external auditors.
What problems is the product solving and how is that benefiting you?
Automating PCI-DSS and (eventually) our SOC2 program compliance.
showing 1 - 10