External reviews
External reviews are not included in the AWS star rating for the product.
Best in class GRC automation tool with excellent customer service!
What do you like best about the product?
Drata automates control monitoring and evidence collection, making audits much easier and faster! It also provides a useful dashboard with continuous updates about our security posture. Their customer service is very helpful and responsive. Our CSM (Tony Russo) has gone above and beyond to ensure we are getting the most out of the tool and making progress towards our audit readiness. I would highly recommend Drata for any organization looking to automate and level up their security, trust, and GRC functions.
What do you dislike about the product?
Nothing specific to Drata, but setting up integrations for all the SaaS tools we use does take quite a bit of time.
What problems is the product solving and how is that benefiting you?
Drata is solving several problems for us:
1. Continuous security compliance monitoring (which controls are passing/failing and why)
2. Policy implementation (standardized templates that are fully customizable)
3. Security awareness/HIPAA training (tracking which employees completed training)
1. Continuous security compliance monitoring (which controls are passing/failing and why)
2. Policy implementation (standardized templates that are fully customizable)
3. Security awareness/HIPAA training (tracking which employees completed training)
- Leave a Comment |
- Mark review as helpful
SOC 2 Automation
What do you like best about the product?
Drata is easy to use and serves as a great foundation for additonal regulatory and privacy growth. Elise Spitzer is an amazing support consultant, providing professional direction and is always available.
What do you dislike about the product?
The initial learning curve is steep. It takes a certain time period to learn "Drataese."
What problems is the product solving and how is that benefiting you?
My firm is undergoing the SOC 2, Level II audit. Manual processes were used in the past which created a one off scenario. What we find with Drata is the data required, once captured, can be used for future assessments pertaining to required evidence collection.
Our Experience with Drata
What do you like best about the product?
Extremely helpful team with quick responses and always prepared with resources to help us on our SOC2 journey. The software has been easy to use and our project path is always clear.I also appreciate the integrations they provide as it saves us time and effort. Implementing policies has also been much easier on the Drata playform.
What do you dislike about the product?
I don't have any negative feedback at this time
What problems is the product solving and how is that benefiting you?
Helpin us write policies, provide evidence, and overall managing our SOC2 project
DRATA make mountains a breeze!
What do you like best about the product?
There are quite a few things that I have started to grow quite fond of in DRATA. Its really quite well baked from an interface standpoint, which is nice when you are having to worry about fighting with a UI while trying to get an IT program off the ground and into something a little more professional looking. Hooking things up to DRATA was really easy for the most part, with a single hiccup that their awesome customer support team helped me hunt down. It ended up being just something weird with how my BitBucket user is, due to some unique circumstances.
Also, their default templates are **STELLAR!**. We came from a competitor that I will not mention so that they can't have my review removed, but their templates in comparsion aren't even in the same playing field as DRATA. I think my favorite part is that the templates are marked up with what controls/framworks need those lines in the policy. This really helps speed up getting starting for the first time in a company.
There really is quite a bit to love about this application. They really have done a lot to take something that could be complex, and simplify it to the point that you feel good about getting things done. They haven't gone overboard in trying to gamify it, or pretend that its not as complex as it is, but instead nailed that sweetspot of being incredibly helping at the right time in the right way.
I know some people might bawk a little at the price, but trust me on this, you are getting what you pay for. We tried the cheaper option, and made painstakingly slow progress. Now trying DRATA, I wish I would have just gone with them from the getgo and not wasted the last year with their competitor.
Also, their default templates are **STELLAR!**. We came from a competitor that I will not mention so that they can't have my review removed, but their templates in comparsion aren't even in the same playing field as DRATA. I think my favorite part is that the templates are marked up with what controls/framworks need those lines in the policy. This really helps speed up getting starting for the first time in a company.
There really is quite a bit to love about this application. They really have done a lot to take something that could be complex, and simplify it to the point that you feel good about getting things done. They haven't gone overboard in trying to gamify it, or pretend that its not as complex as it is, but instead nailed that sweetspot of being incredibly helping at the right time in the right way.
I know some people might bawk a little at the price, but trust me on this, you are getting what you pay for. We tried the cheaper option, and made painstakingly slow progress. Now trying DRATA, I wish I would have just gone with them from the getgo and not wasted the last year with their competitor.
What do you dislike about the product?
All is not perfect with DRATA, there is some situations in which their software has its moments. The biggest one is if you do anything... unorthodox. Nothing crazy, but for example my BitBucket user is part of a workspace where I am the owner and one where I am not. This isn't probably very common, but that makes it so that I cannot set up the Version Control integration for BitBucket. This is super overcomable though.
Honestly, that is the worst thing thats happened and I wouldn't even consider that more than a roadbump at best. Its been probably one of the easiest softwares to bring into the organization. They really have thought about and considered a lot!
Honestly, that is the worst thing thats happened and I wouldn't even consider that more than a roadbump at best. Its been probably one of the easiest softwares to bring into the organization. They really have thought about and considered a lot!
What problems is the product solving and how is that benefiting you?
We are preparing the compant to be SOC 2 Type 2 ready. This includes getting all of our base IT policies formally written down in one pane of glass, getting checks and controls in place to _ENSURE_ those policies are being followed, and making sure those policies comply with the famework we are shooting for in their entirety. DRATA makes this super slick by being able to help you get started from the ground up, with an onboarding experience to make sure the transition into being a DRATA customer is smooth. Its interfaces make it very clear the things you need to do, and how to get them done. Even better is that if you don't know, their team always does (outside of legal advise which stays with lawyers for obvious reasons). Logging into their dashboard you will know where your complicance program is at, who/what you need to work on, and how to get to the finish line.
This makes it really easy as a bootstrapped startup like ourselves to make sure we are heading in the proper direction. While some larger companies have a board with years of expertise, you don't always have that luxury in a startup/maturing startup company. So the features in DRATA lend themselves well to making sure you are asking the proper questions internally and finding any gaps in your policies/implimentations.
Is there really anything else I could ask for?
This makes it really easy as a bootstrapped startup like ourselves to make sure we are heading in the proper direction. While some larger companies have a board with years of expertise, you don't always have that luxury in a startup/maturing startup company. So the features in DRATA lend themselves well to making sure you are asking the proper questions internally and finding any gaps in your policies/implimentations.
Is there really anything else I could ask for?
They promised extraordinary customer service and they delivered
What do you like best about the product?
During the sales process, I asked what differentiates them from their competitors. I was told it was their customer service and I re-iterated that my expectations were very high due to their promise. They surpassed my expectations. They have a chat interface available to answer most of my simple questions in near real-time, plus our success manager was available weekly to keep us on track.
The software is easy to use. It has many features that could get lost, but the interface makes it easy to find.
The software is easy to use. It has many features that could get lost, but the interface makes it easy to find.
What do you dislike about the product?
They had some bugs in their software, but we were able to work directly with the software engineers to explain the recreate the issue to help get it resolved quickly.
What problems is the product solving and how is that benefiting you?
Drata has help automate our compliance activities to make our SOC2 audits much easier.
Best thing we've done to manage security and compliance
What do you like best about the product?
- Customer Success is flawless. They've been with us on the journey, ensuring we realise the platform's value and connecting us with great audit partners.
- Drata simplifies the security certification process a ton! From managing policies, vendors and evidence, all you need is there. The automation of evidence collection and monitoring of the status of controls is incredible.
- The quickest way to increase your security posture. For a startup like us, it made a huge difference.
- Drata simplifies the security certification process a ton! From managing policies, vendors and evidence, all you need is there. The automation of evidence collection and monitoring of the status of controls is incredible.
- The quickest way to increase your security posture. For a startup like us, it made a huge difference.
What do you dislike about the product?
- There is nothing to dislike. We're very happy with the platform. Probably the best tech decision we made in 2023!
What problems is the product solving and how is that benefiting you?
Helped us get to SOC2 certification (which then helps Sales conversations with enterprise customers) and renew our PCI compliance. We're a small startup, so anything that helps reduce operational overhead is money well spent.
Neat compliance platform and great customer support!
What do you like best about the product?
Easy to use platform, especially when you have multiple compliance frameworks. The controls that are common across them are mapped and you only require to upload the eveidences once. The constant monitoring and ease of use for our clients through the Trust Page gives our clients the flexibility to see our live security postures and download the relevant documents as they wish without the need of emailing huge files. Drata is also very receptive to feedback and the looks to constantly improve the user experience.
What do you dislike about the product?
Flexibility in the customization of the Trust page restricts what we can present and sometimes cost us time when we want the items to be placed in an certain order.
Some minor glitches in the ineggration with other platforms but they get resolved eventually after some investigations which we appreciate can be reduced as much as possible.
Some minor glitches in the ineggration with other platforms but they get resolved eventually after some investigations which we appreciate can be reduced as much as possible.
What problems is the product solving and how is that benefiting you?
Version controls on the evidences allows for us to track and document all evidences that has been used without deleting. It aligns with our internal record retention requirements and we do not need to save the old records somewhere else.
Best Soc2 automation software i have seen yet
What do you like best about the product?
Interface was intuitive and easy to learn and their helpfull staff was with us the entire way to our soc2 certification. We have tried several differant platforms and by far they were the best
What do you dislike about the product?
Would like to be able to assign managers to groups of users so they can help monitor soc2 compliance of their own employees
What problems is the product solving and how is that benefiting you?
Was struggling to wrap our arms around soc2 compliance and drata made it easy
Easy to use and wonderful staff to work with
What do you like best about the product?
The application is very easy to use and efficient given the amount of data that is needed to supply in order to become compliant with a framework
What do you dislike about the product?
I cannot think of any downsides to the platform or capabilities of the system. Updates are made regularly and new integrations are added frequently. I look forward to continuing to see it grow and working within the platform for years to come.
What problems is the product solving and how is that benefiting you?
helping to guide us through the process of compliance with HIPAA and working towards SOC-2 compliance
Drata crucial to ISO audit success
What do you like best about the product?
Drata has made it much simpler to provide complaince evidence in audits - the automated monitoring of our systems and software development tools has been invaluable. Drata has also dramatically rediced the burden of administrating our Information Security Manage System - without this it would be a full-time task for someone in our organisation.
What do you dislike about the product?
No real downsides and they make improvements all the time to improve workflows. A report linking policies to controls would be really helpful as would integration with Notion for ticket generation and management.
What problems is the product solving and how is that benefiting you?
A s asmall tech company, we need ISO27001 accreditation and compliance at all times. Our customers demand it and rightly so. We have to maximise our productivity in managing information security and Drata is a the main factor here.
showing 141 - 150