External reviews
External reviews are not included in the AWS star rating for the product.
Our internal GRCS process became Simple, Structured, planned.
What do you like best about the product?
Sinplicity
I have a 365 vew of the complaince posture.
InternalExternal audits are successfull and easy.
I have a 365 vew of the complaince posture.
InternalExternal audits are successfull and easy.
What do you dislike about the product?
I can't think of a metter which I dislike.
It would be great if I can have a more robust risk assesment and risk register tool.
It would be great if I can have a more robust risk assesment and risk register tool.
What problems is the product solving and how is that benefiting you?
I have 365 overview of operatoins.
This is the "one stop" to manage and control complaince and security.
This is the "one stop" to manage and control complaince and security.
- Leave a Comment |
- Mark review as helpful
Seamless experience and outstanding support
What do you like best about the product?
This was our first SOC II audit and we felt supported throughout the experience with great and caring advice from our customer success manager. Also their policies are well written and easy to tailor and adopt.
What do you dislike about the product?
Honestly- nothing at all. They even added an audit portal that allows us to gather evidence in one central location.
What problems is the product solving and how is that benefiting you?
We neede to get a SOC II report and knew we'd want a vendor to help us through the process
Ongoing successful SOC2/ISO27001 continuous compliance automation journey with Drata
What do you like best about the product?
Drata completely transformed the way we manage our compliance activities, especially in terms of keeping track of the controls and the related evidences. Prior to using Drata, our compliance activities such as policy management, risk assessments and evidence collection were all managed via Google Drive, mainly on spreadsheets which made everything quite manual and scattered around. Now we have everything in one place and in great detail. All our evidences are documented within the platform and it is a huge plus that we have the Audit Hub so there is no need for us or the auditor to waste time anywhere else trying to reach these documents. We manage all employee tasks from Drata and centralize the security training, too. Setting up the integrations is fast and easy, and the related monitors give us additional insight on our tech stack. Our periodic Risk Assessments are now easier because we have one platform to track treatment plans instead of spreadsheets. Vendor compliance management and report review functionality is also really handy. The custom framework capability is really helpful for us to track country-specific frameworks. We made use of the custom framework feature very recently an it worked wonders for us.
Drata team is always very quick to help us assist with any problem or question we might have. Our customer success manager efficiently keeps track of any open items and supports us in the process until they are solved. He also introduces us to new features often. The team behind the live chat, both for platform-specific questions and compliance questions, also approach the issues with the utmost care. We had a change of CSM's a few times, and each time we were accompanied with great attention and care.
We use Drata every day and it definitely helps us automate almost everything compliance related. It is a great tool to track SOC2, ISO controls. It has been over a year of using Drata, and we have not had any doubts since then
Drata team is always very quick to help us assist with any problem or question we might have. Our customer success manager efficiently keeps track of any open items and supports us in the process until they are solved. He also introduces us to new features often. The team behind the live chat, both for platform-specific questions and compliance questions, also approach the issues with the utmost care. We had a change of CSM's a few times, and each time we were accompanied with great attention and care.
We use Drata every day and it definitely helps us automate almost everything compliance related. It is a great tool to track SOC2, ISO controls. It has been over a year of using Drata, and we have not had any doubts since then
What do you dislike about the product?
There isn't anything that I particularly dislike about Drata. Even when there are issues with the platform (and there was nothing major so far at all, just a few issues that you would expect from any such platform of this size), our CSM and the rest of the team are really quick and helpful with their support.
The only con of the platform for us would be the lack of integration with GCPW, and how we cannot connect two IdPs at the same time. However the team is aware of this need of ours and from past experience we are aware of how important it is for them to take client needs and requests into account.
The only con of the platform for us would be the lack of integration with GCPW, and how we cannot connect two IdPs at the same time. However the team is aware of this need of ours and from past experience we are aware of how important it is for them to take client needs and requests into account.
What problems is the product solving and how is that benefiting you?
Ensuring compliance and maintaining it is highly important to us, both to ensure that our security posture is as strongest as possible and of course also to showcase it to our clients. As a SaaS with clients all over the world expecting continuous ISO27001 and SOC2 compliance from us, Drata simplified this process and made it efficient and helped us automate a lot. It helps us identify gaps and requirements clearly and quickly. We spend way less time preparing for the frameworks in scope and to maintain them. After starting to use Drata we got SOC2 Type II certified with ease, making extensive use of the control guidelines, document templates, and the overall automatizations that Drata offers.
Drata for first-time certification of a pan-African fintech company
What do you like best about the product?
Knowledgeable contacts assigned to our implementation team, and account engagement resource have been super helpful in guiding the process so far.
What do you dislike about the product?
Manual evidence-gathering adds to the overall time taken for the certifications, further automation for these items would be ideal.
What problems is the product solving and how is that benefiting you?
For automating security monitoring and certification of the entire infrastructure for our company
Helps small businesses accelerate their compliance journey
What do you like best about the product?
I love the easy integrations available, the ready-to-use document templates as well and the great customer support that is available. Drata really helped us kickstart our compliance journey and accelerated the implementation of ISO27001. This is really a clean and simple platform to use especially for companies that are just starting on their compliance journey.
What do you dislike about the product?
I don't feel that there are many downsides to the platform apart from being able to export documents from the policy editor in Word etc to make the process of preparation easier. Allowing for diagrams and collaborative editing would've been a plus point. However, the customer support provided would help cover these easily as templates in the correct format can be shared
What problems is the product solving and how is that benefiting you?
Drata is helping my organization kickstart our ISO27001 journey to improve our security posture as well as improve client confidence
Fantastic easy-to-use system with amazing onboarding support
What do you like best about the product?
Drata brings all my ISO and SOC compliance into one easy-to-use system. It allows me to use integrations to automate compliance as well as allocate responsibility to team so they can keep compliance for their department up to date. Prior to Drata our compliance was all manually tracked so this system has saved me 100's of hours in compliance. Implementation was simple and the team at Drata guided me through the process and checked in fortnightly with a 1:1 meeting to address any issues I was having. The onboarding support was NEXT LEVEL amazing. I have never felt so supported using a SaaS system and the ongoing support throughout the audit from subject matter experts was great as well.
What do you dislike about the product?
None! It's pretty costly but, with the time it saves the entire team, it will pay for itself.
What problems is the product solving and how is that benefiting you?
Drata brings all my ISO and SOC compliance into one easy-to-use system. Prior to Drata our compliance was all manually tracked so this system has saved me 100's of hours in manual data entry and repetition across the controls. Their recent change to the evidence library has allowed me to have all my evidence in one place and cross source where needed. That was the final piece that was missing for me.
Enabled us to build robust security policies and navigate through SOC 2 audit
What do you like best about the product?
The security automation platform has been instrumental in helping us build robust security policies and improve our overall security posture. One of the standout features of the platform is its ability to assist us in developing a clear and strategic security roadmap. Thanks to the Drata's capabilities, we were well-prepared for SOC 2 audit, and the experience was notably smoother than anticipated. We've had the pleasure of working with an exceptional customer success manager, Jordan.
What do you dislike about the product?
We did encounter a few instances where certain controls didn't seamlessly integrate with our cloud platform. However, it's worth highlighting that the platform's user-friendly interface made it relatively easy to manually produce the required evidence when needed.
What problems is the product solving and how is that benefiting you?
It helped us maintain compliance and demonstrate the security controls required by auditors.
Great Compliance Tool
What do you like best about the product?
It's a great compliance tool to keep all controls and requirement in one place. The functionalities work perfectly to keep everything in one tool rather than collect evidence manually all over the place. The integrations take care of most of the controls automatically and as the security team, you fill the blanks. I'm really happy with Drata.
What do you dislike about the product?
The trust page is not available for free which is unnecessary. I use another vendor for trust page for free so it would only make sense if Drata offers it to their customers included in their package as well.
What problems is the product solving and how is that benefiting you?
The vendor review page is great, it allows you to enter all of the information about vendors and subprocessors to create the automatic review. The personnal list also helps to keep MDM and other HR controls in one place. Overall, I'd only recommend this tool.
The best way to begin your complaince journey
What do you like best about the product?
Drata has been easy from start to finish. Our Customer Success Manager, Craig Macareg, has been a huge help in implementing our infrastructure, helping us select an auditor, and find the compliance guidance we need to continue on our compliance journey.
What do you dislike about the product?
We have had a few integration issues that were resolved quickly.
What problems is the product solving and how is that benefiting you?
Drata automaitcally gathers a huge percentage of evidence we need for our compliance program. Any evidence that isn't gathered automatically or isn't linked to a policy has guidance for uploading the right thing for the auditor. Drata has also connected us with auditors that are familiar with the platform to improve our auditing expirience.
Drata is very useful for SOC, HIPAA etc
What do you like best about the product?
Framework for SOC , HIPAA is excellent..
What do you dislike about the product?
Nothing,Drata is aawesome product.......
What problems is the product solving and how is that benefiting you?
SOC and HIPAA evidence collection
showing 151 - 160