External reviews
1,093 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Great product and best support
What do you like best about the product?
Drata has provided a great platform to begin our ISO-27001 journey. There are so many aspects of this certification and Drata has simplified it in many ways. We had so many questions regarding the policies, etc. and Drata has helped us enormously.
What do you dislike about the product?
The tool has some limitations- and one of the most annoying is the inability to store my list/filter settings in the controls, personnel, etc. We have so many people that for it to show only 20 items at a time is a waste of my time. Also, when I go to the controls, I sort by policy number, not alphabetical and I have to reset that *every* time I use the app.
What problems is the product solving and how is that benefiting you?
It's a one-stop for us to write the policies, have personnel acknowledge those, has security awareness training, and maps tasks/evidence to the policies via controls. This makes is so much easier to work through the requirements for ISO-27001. On top of it, it's very easy to see where we are missing something.
Fantastic way to go through the overwhelming process of HIPAA and SOC II auditing
What do you like best about the product?
We were pretty overwhelmed when we started our HIPAA/SOC II TYPE II certification. Using Drata made that 100% easier and allowed us to focus on what needed to be done and quickly.
What do you dislike about the product?
Our auditing was different as we outsource a ton of our infrastructure so the app seemed a bit overwhelming but once we walked through the app with our rep, it was super easy to use and we dug right in!
What problems is the product solving and how is that benefiting you?
Compliance and auditing for our HIPAA and SOC II certifications
Drata User Experience
What do you like best about the product?
The automation and ease of use, implementation and integration
What do you dislike about the product?
Customer support can be very delayed at times depending on the issue. When organizations are tyring to meet audit deadlines it is not a good experience.
What problems is the product solving and how is that benefiting you?
It is a team of one at my organization so having things organized is setting me up for success. The automation is great although not as intuitive. I have to rely on support more than i would like to.
Review for Rachel's support
What do you like best about the product?
I like the support i get from Drata agents.
What do you dislike about the product?
connections can be improved, and sometimes policy editing is super slow.
What problems is the product solving and how is that benefiting you?
Having everything in a centralized platform really boosts effective collaboration.
Issue Resolved Quickly
What do you like best about the product?
What I love most about Drata is its ease of use, effortless automation of compliance tasks, and user-friendly platform.
What do you dislike about the product?
While the platform is user-friendly, it could provide more guidance to help new users get started more easily
What problems is the product solving and how is that benefiting you?
Drata tackles key compliance and security challenges by automating security control tracking, offering real-time compliance updates, and reducing manual audit prep work.
Easy to use, powerful functionality
What do you like best about the product?
Rollout was relatively easy compared to other platforms I've used over time. Support is always responsive when issues have come up. Integrations continue to expand to include more IdPs, vulnerability management tools, etc.
What do you dislike about the product?
Policy center can be clunky to navigate especially during policy renewal time. The baked-in awareness training is a little rudimentary by modern standards but it checks the box at least which is good.
What problems is the product solving and how is that benefiting you?
Managing multiple framework controls across similar systems on a small team.
Great Features but Mediocre UX
What do you like best about the product?
Drata has a big range of features and covers a lot of usecases for us. Also, the integrations that exist are relatively easy to integrate.
What do you dislike about the product?
There are two downsides to Drata, in my opinion:
1) User Experience
The UX of the product is okay, but it's not great. There are multiple smaller paper-cuts: The UI is overall a bit slow, frequently presenting loading spinners. Controls/Monitors have individual URLs, but unfortunately when shared they get removed. I.e. even if I send a colleague a link to a specific /control/123 they will get redirected to all controls instead of the specific one.
2) Integration Limitations
The default integrations that come with Drata are a bit limited, e.g. we still haven't been able to connect a vulnerability scanner into Drata, as it comes with 14 different options by default and we use none of them. That's always an issue with these integration platforms, but it's not clear to us yet how we could build a manual API integration for this feature.
1) User Experience
The UX of the product is okay, but it's not great. There are multiple smaller paper-cuts: The UI is overall a bit slow, frequently presenting loading spinners. Controls/Monitors have individual URLs, but unfortunately when shared they get removed. I.e. even if I send a colleague a link to a specific /control/123 they will get redirected to all controls instead of the specific one.
2) Integration Limitations
The default integrations that come with Drata are a bit limited, e.g. we still haven't been able to connect a vulnerability scanner into Drata, as it comes with 14 different options by default and we use none of them. That's always an issue with these integration platforms, but it's not clear to us yet how we could build a manual API integration for this feature.
What problems is the product solving and how is that benefiting you?
Drata helps us track our compliance against a wide range of controls. We are using Drata's automation features to reduce the burden on our employees.
Drata for SOC2
What do you like best about the product?
Great support team who does a great job answering questions about Drata product and compliance-related controls.
Product is easy to use.
Product is easy to use.
What do you dislike about the product?
Missing the feature to acknowledge company policies annually for every personnel. As an alternative, I have to create new policy versions every year and ask everyone to acknowledge the new versions, even if they just acknowledge the old version recently.
It will also be great to have a compliance owner rotation feature instead of just specifying a single owner for each control. Then every week there could be a separate person to receive notifications of compliance tasks.
It will also be great to have a compliance owner rotation feature instead of just specifying a single owner for each control. Then every week there could be a separate person to receive notifications of compliance tasks.
What problems is the product solving and how is that benefiting you?
SOC2 controls and auditing
HIPPA and GDPR controls
HIPPA and GDPR controls
Takes a little time to have a real person assigned but once they are they're quite responsive
What do you like best about the product?
If all relevant info is linked to a control Drata can easily tell you if you're compliant
What do you dislike about the product?
That controls are split out to Drata's DCF controls - these didn't map well our audit schedule and meant increased work to get through an internal audit
What problems is the product solving and how is that benefiting you?
One place of truth for internal audits
The tool makes compliance much easier!
What do you like best about the product?
The chat support takes a bit to get used to - most engineers are quick to want to chat with someone live or read docs.... however, having a human on the other end making a quick turnaround with more nuanced support really helps. The AI chatbot helps as well.
What do you dislike about the product?
Some of the checks aren't always straight forward to determine why something failed and how to fix it. Sometimes/many times this is because of different implementations for the check details and/or exclusions.
What problems is the product solving and how is that benefiting you?
It's providing a way for us to see our estate and status and health - and (working towards) making it so that we can keep this running with minimal effort AND provide critical data to auditors and customers (as needed).
showing 31 - 40