Overview
Product video
Drata's compliance automation platform integrates with over 200 applications and systems to continuously monitor security controls and streamline over 20 compliance frameworks, standards, and regulations, such as SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR, and more. Drata integrates with 45+ AWS services and is a proud AWS Security Competency partner with an AI engine built on AWS Bedrock.
Whether you're looking to get compliant quickly for the first time or want to streamline your complex GRC program, Drata scales with you. Get and stay compliant efficiently, build risk management into your GRC practice, and share your real-time compliance posture with prospects and customers to build trust and sell into new markets.
Continuous automated monitoring alerts Drata customers when security controls aren't operating effectively to remediate, stay secure, and keep from falling out of compliance. Plus, automatic evidence collection makes the audit process as seamless as possible.
Highlights
- Drata for Startups: Drata helps startups create a scalable foundation and systematic approach to compliance to unlock market opportunities and scale safely. Startups can speed up audit prep time with Drata's best-in-class automation and support from our compliance experts to achieve SOC 2 and ISO 27001 compliance quickly.
- Drata for Commercial and Mid Market: Drata helps companies with audit experience establish a scalable GRC program and structured process for risk management. Streamline compliance tasks and substantially reduce manual workloads while leveraging compliance to increase revenue and build trust.
- Drata for Enterprise: Customers can optimize and customize their mature GRC programs and depend on reliable compliance outcomes. Organizations can manage and remediate risk and leverage Drata workspaces and workflows to keep pace with the complexity of advanced compliance programs.
Details
Features and programs
Security credentials achieved
(2)
Financing for AWS Marketplace purchases
Pricing
Dimension | Description | Cost/12 months |
---|---|---|
Drata Platform Fee | Access to the Drata SaaS platform with capacity for a 100 FTE org | $25,000.00 |
SOC 2 Framework | SOC 2 2017 control set | $7,500.00 |
GDPR Framework | GDPR control set | $7,500.00 |
ISO 27001 Framework | ISO 27001 v2022 control set | $7,500.00 |
HIPAA Framework | HIPAA control set | $7,500.00 |
PCI DSS Framework | PCI DSS control set | $7,500.00 |
CCPA Framework | CCPA control set | $7,500.00 |
CMMC Framework | CMMC control set | $7,500.00 |
Microsoft SSPA Framework | Microsoft SSPA control set | $7,500.00 |
NIST CSF Framework | NIST CSF control set | $7,500.00 |
Vendor refund policy
All Orders are non-cancellable and all fees and other amounts you pay under this Agreement are non-refundable.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Included in your contract, Drata provides onboarding, live chat (in product), and continuous enablement. Onboarding includes integration setup, assistance configuring compliance policy and controls in the platform, and guidance on utilizing our network of auditors and technology/service partners to serve you in your compliance journey. support@drata.com
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Reviews
Functionality
Ease of use
Customer service
Cost effectiveness
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
Standard contract
Customer reviews
Game Changing
Drata’s user-friendly interface is intuitive, and the platform’s ability to continuously monitor and track our compliance status in real-time is incredibly valuable.
What really stands out is the level of support Drata provides. They've even made changes to their product based on some of our feedback.
Overall, Drata has been an essential tool for our team. It has not only helped us stay compliant but also enhanced our overall security posture.
Drata usage
Rachel was super helpful and checking with me several times to make sure that my issues were solved.
Drata provided the structure to achieve SOC 2 compliance
Strong framework to corral the prep for SOC 2 (and other standards)
Well configured to manage over the long haul - for annual audits and regular re-approvals of controls and policies
Hard to save view in some key areas as it always returns to the default view
Drata is Great with Fantastic Support!
I've seen Drata push out new features and improvements quarter after quarter, and I am blown away by their growth even after only a year of use. Their "Trust Center" as a resource as well as Docusign and Salesforce integrations help automate and streamline our internal processes.
Above that our CSM, Benjamin Chau, is phenominal. His professionlism, his can-do attitude, and availability makes him stand out against other CS personnel I've worked with in the past. There was more than one occasion Benjamin dropped what he was doing and joined one of our calls without hesitation to ensure our success, making us feel truly valued both as a customer and a partner.