External reviews
1,160 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Streamlined SOC2 Compliance, Intuitive and Effective
What do you like best about the product?
I appreciate how Drata keeps everything organized, from evidence and compliance to risk management, making it the key to everything. The interface is always improving, becoming smarter and easier to use, which is great since I am in it every day working on compliance. What I really like is how the interface actively guides me through compliance work by linking controls, policies, and integrations together. It lets me see what's wrong, what's missing, why it matters, and how to fix it. The setup process is very intuitive as well, allowing me to add and remove vendors, policies, and connections easily. Drata was essential in obtaining our first SOC2 certification and continues to be invaluable in maintaining it. I can't imagine how challenging it would be to organize everything without Drata.
What do you dislike about the product?
I always seem to struggle when it comes to the hardware. I feel that workstations could be reported on a little better. Same for people. When looking at people, and seeing their compliance tasks overdue, like policies, it feels a bit convoluted.
What problems is the product solving and how is that benefiting you?
I use Drata for maintaining our SOC2 compliance. It organizes our evidence, policies, and more in one place. The interface guides compliance work actively, linking controls and policies. I can't imagine organizing SOC2 without it.
Comprehensive Compliance Templates for Nearly Every Audit Type
What do you like best about the product?
Drata let's us control all of our compliance/audit related requirements in one system–simple as that. The UX is great–it's easy to understand, easy to navigate, easy to add evidence, etc. The automation workflows are great–being able to automatically import all of our employees, devices, 2FA rules, etc. directly from our SaaS/PaaS products (e.g., Azure) is fantastic. The TrustCenter is quite helpful as well as a way of sharing sensitive documents (e.g. audit reports) with third parties in a tracked manner. It's a great tool tbh.
What do you dislike about the product?
It's a big system so it can be quite confusing at first. It's hard to know what's actually required for your various audit types–Drata gives you a template for nearly everything, but do you actually need everything in the template? Probably not. That's not Drata's fault, it's just the nature of being a generalized compliance tool that works across every industry.
What problems is the product solving and how is that benefiting you?
What are our SOC 2 requirements? We can't go through a SOC 2 audit without knowing all of our requirements. Drata tells you your requirements and lets you manage them all in one place.
Easy-to-Use Interface, Reliable Security Solution
What do you like best about the product?
I like how easily and friendly the interface of Drata is. It's very clean, and everything is easy to find, which is important since we ask our employees to use this software once a year; having an easy-to-use interface is crucial. It ensures that they can complete courses and understand everything without spending a lot of time figuring out how the software works. The initial setup was easy too; we just needed to set some things, and it was working pretty well. Everyone can do the courses and make sure they're aware of the best practices, so it's easy-going software.
What do you dislike about the product?
I had some issues logging in, but the team was very helpful. They helped me, and I received a reply a few minutes after requesting some help. They can add an option to log in with social media to avoid issues, such as not receiving matching links because they end up in the spam folder.
What problems is the product solving and how is that benefiting you?
I use Drata to ensure my team understands secure best practices and that our computers run smoothly, free of viruses or breaches. It also helps prevent sensitive company data from being compromised.
Effortless Compliance, User-Friendly Interface
What do you like best about the product?
I find Drata to be a really effective tool for company compliance, and I don't see any reason to use another or change it. It's overall very easy to navigate, and the interface is not complicated, which is good for those using it for the first time.
What do you dislike about the product?
I wish there was an option where we didn't have to manually provide evidence if there's already a connection with our HR platform. The sync with Rippling isn't too much of an issue, but it could be improved.
What problems is the product solving and how is that benefiting you?
Drata is an effective tool for company compliance. I find it easy to navigate, with a simple interface suitable for first-time users, making it unnecessary to switch to another tool.
Effortless Compliance Gap Detection and Audit Readiness
What do you like best about the product?
The platform makes it very easy to identify compliance gaps and ensure you are audit-ready.
What do you dislike about the product?
The onboarding process can be quite involved depending on the existing compliance program.
What problems is the product solving and how is that benefiting you?
Drata makes audit readiness and control validation simple and centralized.
Smooth Onboarding, Budget-Friendly Compliance
What do you like best about the product?
I like the pricing point of Drata, which is important as we are mindful about our budget while trying to achieve SOC2 compliance. The onboarding process was smooth, and we were guided through a series of workshops and onboarding sessions that provided us the tools to start using the platform effectively. The initial setup of Drata was also easy.
What do you dislike about the product?
The UI is a little confusing sometimes. As someone who has already done a SOC2 audit with a competitor product, I sometimes find the Drata platform a little confusing. It's not straightforward to see what tasks are missing and what specific things we need to fix. I think UX could be improved.
What problems is the product solving and how is that benefiting you?
Drata simplifies compliance by having auditors use the same platform for audits, reducing the compliance burden. The reasonable pricing point helps us stay within budget while working toward SOC2 compliance. The onboarding process with workshops and sessions made it easy to start using the platform.
Exceptional Security and Customer Service
What do you like best about the product?
I like that Drata is easy to use, and I feel confident that everything is safe and secure when I store my information. I appreciate that I can just click into it whenever I need to. The support I receive is fast and efficient. It's very fast and efficient overall. Installing Drata was extremely easy; the instructions were simple, and it was ready to go right after downloading. The customer service is exceptional.
What do you dislike about the product?
I can't think of anything that I dislike about Drata. I found it so simple to install based on the instructions that were sent to me from my IT team.
What problems is the product solving and how is that benefiting you?
Drata helps us avoid any kind of security breaches, ensuring everything is safe so we don't have to worry about our computers.
Robust Security with User-Centric Support
What do you like best about the product?
What I like most about Drata is its user-centric format, and when we need help, tech support is fast and reliable. The initial setup of Drata for our team was very easy. We had a resource from Drata available if we needed it, but it was very self-explanatory and user-centric.
What do you dislike about the product?
Sometimes logging on can be a challenge. Recently, a few of us had issues with our logins, but we did get that resolved.
What problems is the product solving and how is that benefiting you?
I use Drata for data security, ensuring everything is safe and there's no data leaks.
Centralizes Compliance Evidence, Needs Policy Sync
What do you like best about the product?
I like that Drata reminds us when to update and submit our evidence for the past 12 months. It's convenient to have one place to add all the evidence instead of having pieces stored in different locations. This organization makes it easier to refer back to the information submitted as evidence. The reminders are also helpful once the time to review the evidence is near. We have successfully integrated Drata with our other platforms like Office365, Jira, and Bitbucket.
What do you dislike about the product?
The audit option is a bit clunky as it's hard to differentiate who owns the control. In addition, we still need to double up on maintaining the policies. Once version in Drata and another soft copy we need to keep when it is required by our clients when we do proposals. Our Sales team will need access to the latest version. It took a while to fully understand what it did.
What problems is the product solving and how is that benefiting you?
I use Drata to assist with obtaining SOC2 Type 2 and HIPAA reports. Drata centralizes evidence submission, making it easier to refer back and providing reminders when updates are needed.
Efficient Compliance Management, Needs UI Enhancements
What do you like best about the product?
I appreciate Drata because it eases the management of our SOC2 (Type I) compliance. I like the control and evidence management features, which make it easy to track completed, pending, or in-process controls and tasks with related evidence. Additionally, the integration with our internal tools and applications for control monitoring and automation adds value to our workflow.
What do you dislike about the product?
Need more better user interface and evidence repository management. There's also scope for adding country or region specific cyber security and data privacy laws or rules as notified by respective governments.
What problems is the product solving and how is that benefiting you?
I use Drata for SOC2 compliance, easing compliance management by tracking controls and related evidence efficiently.
showing 31 - 40