External reviews
1,093 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Streamlined SOC 2 Compliance for Startup
What do you like best about the product?
Drata has accelerated and simplified our SOC 2 Type I & II and HIPAA compliance efforts.
Onboarding & Policy Management: Drata comes equipped with a library of ready-to-use policy templates that are aligned with major industry standards. This gave us a tremendous head start—eliminating the need to draft policies from scratch or hire external consultants. Drata also automatically maps these policies to the relevant controls across frameworks like SOC 2, ISO 27001, and HIPAA, giving us instant visibility into how our documentation supports our compliance posture.
Automation: Drata integrates seamlessly with our Microsoft 365 environment and cloud infrastructure, automatically pulling in the evidence we need. Drata continuously collects and organizes compliance artifacts behind the scenes, saving all the manual effort.
Real-Time Monitoring & Intuitive Dashboards: The dashboard is clean, intuitive, and provides actionable insights. If something falls out of compliance—like an unencrypted storage bucket or an employee missing a required security training, Drata will flag this immediately. This constant visibility allows us to stay ahead of issues and maintain a strong compliance posture year-round, rather than scrambling just before an audit.
Bottom Line: Drata has saved us weeks of manual work and allowed us to stay compliant without having to grow our compliance team. It’s been a true enabler for our security and compliance operations—and we highly recommend it to any organization looking to scale securely and efficiently.
Onboarding & Policy Management: Drata comes equipped with a library of ready-to-use policy templates that are aligned with major industry standards. This gave us a tremendous head start—eliminating the need to draft policies from scratch or hire external consultants. Drata also automatically maps these policies to the relevant controls across frameworks like SOC 2, ISO 27001, and HIPAA, giving us instant visibility into how our documentation supports our compliance posture.
Automation: Drata integrates seamlessly with our Microsoft 365 environment and cloud infrastructure, automatically pulling in the evidence we need. Drata continuously collects and organizes compliance artifacts behind the scenes, saving all the manual effort.
Real-Time Monitoring & Intuitive Dashboards: The dashboard is clean, intuitive, and provides actionable insights. If something falls out of compliance—like an unencrypted storage bucket or an employee missing a required security training, Drata will flag this immediately. This constant visibility allows us to stay ahead of issues and maintain a strong compliance posture year-round, rather than scrambling just before an audit.
Bottom Line: Drata has saved us weeks of manual work and allowed us to stay compliant without having to grow our compliance team. It’s been a true enabler for our security and compliance operations—and we highly recommend it to any organization looking to scale securely and efficiently.
What do you dislike about the product?
While our overall experience with Drata has been very positive, we did encounter a bit of back-and-forth during renewals which could have been better managed.
What problems is the product solving and how is that benefiting you?
SOC 2 and HIPAA compliance
Drata has streamlined our compliance process with great support and onboarding.
What do you like best about the product?
Drata has been a valuable tool in simplifying our compliance and security processes. The onboarding experience was smooth, and their customer support has been consistently responsive and helpful.
The overall experience has been positive, and I would definitely recommend Drata to others looking to streamline their compliance efforts.
The overall experience has been positive, and I would definitely recommend Drata to others looking to streamline their compliance efforts.
What do you dislike about the product?
While most integrations work well, a few didn’t fully meet our expectations.
What problems is the product solving and how is that benefiting you?
Drata is helping me automate and manage our security compliance processes, which used to be really manual and time-consuming. It's made it much easier to stay audit-ready, track controls, and collect evidence without constantly chasing down documentation. The continuous monitoring gives me peace of mind, and it's definitely saved our team a lot of time and effort. It’s also helped us build credibility with customers by showing we take security seriously
Great support, improving fast—helps us punch above our weight on compliance
What do you like best about the product?
The customer support is top-notch—responsive, human, and genuinely helpful. They’ve also been rolling out thoughtful product updates regularly, which makes a big difference. For a small team managing SOC 2 and HIPAA, Drata gives us structure while still enabling us to move fast. The integrations (especially with Rippling and Google Workspace) save us a lot of manual work.
What do you dislike about the product?
The UI around controls and policies can be a little confusing at first—it takes a minute to figure out where things live or how to map them to your real workflows. That said, it's been getting better steadily, and the support team always helps us through.
What problems is the product solving and how is that benefiting you?
Drata helps us maintain ongoing compliance with industry standards while operating as a lean, agile team. It streamlines evidence collection, simplifies policy management, and provides clear visibility into our security posture—making it easier to stay organized and prepared as we scale.
Best Support and deep IT Ecosystem
What do you like best about the product?
Drata stands out not only for its advanced SOC2 process automation, which is more manageable and easy to start using their templates and third party connections which automatically bring the signals and provide you a overview of your compliance, but also for providing excellent assistance. Their Onboarding team also provides a clear explanation of what to expect and how to navigate their portal effectively.
What do you dislike about the product?
We've been using Drata for a couple of months now and haven't run into any problems we don't like. Another point will like to mention be sure of what you get in standard offer. Sometime Add-ons which you later encounter you need them can be expensive.
What problems is the product solving and how is that benefiting you?
Drata helps us to integrate our IT infrastructure seemingly into their portal providing you a super convenience to track and monitor your compliance progress.
Great database
What do you like best about the product?
Version control, reminders, ability to mass-mail to a department.
What do you dislike about the product?
The interface could be better. Would love to see structure for additional ISO standards.
What problems is the product solving and how is that benefiting you?
Security documents awareness across the organization.
Customer Support w/ terrious
What do you like best about the product?
Dratas framework comparison is excellent
What do you dislike about the product?
Unable to put more than one piece of evidence per artifact. Also tasks cannot be set to reset after completion
What problems is the product solving and how is that benefiting you?
Drata has enabled me to better maintain our compliance certifications and conduct training
Excellent Platform
What do you like best about the product?
Being able to connect various monitoring solutions (M365, AWS, etc) to automate evidence collection.
What do you dislike about the product?
None that I can think of. It's very straightforward to use, and the people at Drata are extremely helpful.
What problems is the product solving and how is that benefiting you?
Working toward SOC II compliance, Drata helps organize tasks, ingest data from various platforms, and automates the collection of evidence.
Good product, some issues still to resolve
What do you like best about the product?
Overall feature set. The product has a lot to offer, when it's working fully.
What do you dislike about the product?
There are still "oddities" and unusual design decisions that are preventing me from rolling this out fully, and progress isn't moving as quickly as I'd like on tat.
What problems is the product solving and how is that benefiting you?
Framework compliance, client security audits, and vendor security assessments.
DRATA Experience
What do you like best about the product?
Managing policies and overview of end user device compliance
What do you dislike about the product?
The way decide the vendor risk in Vendor registry is hard to understand.
What problems is the product solving and how is that benefiting you?
To distribute policy documents to employees and keep recording about policy acknowledgement. Also to understand how end users are compliance with controls.
Streamlined Compliance Made Easy
What do you like best about the product?
Drata makes compliance tracking incredibly simple and efficient. The automated workflows and integrations with tools like Google Workspace, AWS, and Slack save a lot of manual effort. The dashboard is clean and easy to navigate, making it easy to stay on top of tasks and audits.
What do you dislike about the product?
Some of the integrations require a bit of fine-tuning during the initial setup, and occasional sync delays can happen. A mobile app would also be a great addition for on-the-go access.
What problems is the product solving and how is that benefiting you?
Drata helps streamline and automate our security compliance processes, reducing the need for manual tracking and documentation. It ensures that we're continuously meeting requirements for frameworks like SOC 2 by integrating with our existing tools and providing real-time monitoring. This saves time, minimizes human error, and keeps us audit-ready at all times.
showing 21 - 30