External reviews
External reviews are not included in the AWS star rating for the product.
Drata gives our small business a clear path to SOC 2 compliance
What do you like best about the product?
Getting certified for SOC 2 is daunting, and as a software startup we do not have the expertise to get there on our own. Drata presents a checklist of what I need to tackle, saving me a ton of time researching and planning, so I can focus on the execution. I feel very confident in our ability to achieve certification, and don't think we'd be able to achieve it without Drata.
What do you dislike about the product?
There's not a lot to dislike. Drata hooks into our systems and imports most of our data automatically. One improvement that would save me some time is if Drata maintained Risk Assessment information on vendors, so I don't have to track down vendors SOC2 reports, or other data collection activities.
What problems is the product solving and how is that benefiting you?
We are working on SOC2 type 1 and type 2 certification. Having a discrete list of things I need to tackle to get us there has been critical to the progress we've made so far.
Recommendations to others considering the product:
There's other competitors out there, but after doing our own research and speaking with a few of them we went with Drata, and I'm very glad we did. It's been a great experience the whole time.
- Leave a Comment |
- Mark review as helpful
Compliance without infinite spreadsheets
What do you like best about the product?
Automatic monitoring and reporting for auditors in Drata have accelerated our audit a great deal. The staff at Drata have been instrumental in our success. In particular, working sessions with CS have helped us a great deal with prep for our audit, our account manager has been a great accountability partner, and Drata's compliance specialist has been able to weigh in with expert opinions where we're not quite sure about things.
What do you dislike about the product?
Lots of clicking to scope things in and out, where traditional methods would have included conversations with auditors about scoping Drata is pretty opinionated and requires scope to be deliberately in or out for all items. Programmatic vs Human interaction is really the crux of this and I don't have constructive feedback or know how this could go any other way with any other tool.
What problems is the product solving and how is that benefiting you?
We don't have a full time privacy/security officer. This is a big difference from my past experiences, and a huge win that Drata can fill that gap in many ways for us.
Recommendations to others considering the product:
Drata is great. Highly recommended.
So far, Drata has surpassed our expectations!
What do you like best about the product?
We're a software and data quality assurance company so we're pretty picky about the tools we use. It's clear that the Drata development team had their customers in mind when they built the product. The navigation is intuitive and the UI is aesthetically pleasing. It's been really easy to use so far and we're really happy with it. What we didn't realize when we decided to go with Drata was that we'd be getting a whole lot more than just a tool. From the beginning, we've had outstanding, personalized support as we work towards SOC 2 certification. Our friendly and knowledgeable support team, Nick and Rick, have been fantastic! They've helped us to refine the scope for our organization and have been there at every step to provide detailed guidance on anything we've needed. The combination of a solid tool and great support has made an ordinarily stressful and complicated process, smooth and easy so far.
What do you dislike about the product?
It would be great if there were a few more features to make internal collaboration even smoother when getting started (e.g. the ability to search & filter comments when communicating back and forth within our team about policy edits would be very handy).
What problems is the product solving and how is that benefiting you?
We're working towards SOC 2 certification and Drata has made the process so much easier. We always know what the next steps are and are easily able to make progress towards our security goals without having a dedicated security team.
Streamlined our security compliance program
What do you like best about the product?
Drata is easy to use for both employees as well as those who are managing the security program. The integrations with AWS, Jira, Google, GitHub, HiBob and Certn helped us save a lot of time in managing our compliance program. Drata offers a wide range of trusted partners such as auditors, penetration test providers, etc.
What do you dislike about the product?
Nothing much. As an early customer of Drata we have seen a lot of improvements in the platform over the last two years.
What problems is the product solving and how is that benefiting you?
Drata helped us turn the complex process of SOC 2 into a streamlined process. Drata not only increased our customers' confidence in using our product but also helped us close more opportunities at a faster rate.
Amazingly easy to setup combined with top notch customer support
What do you like best about the product?
The thing I like the most about Drata is the customer support they offer. Any issue we've faced we've been able to solve with the help articles they make readily available.
What do you dislike about the product?
The only issue we've come across is that some of the privacy and processing integrity controls are automatically monitored by Drata and that wasn't super clear (at least to me) on initial setup
What problems is the product solving and how is that benefiting you?
We have been able to handle our SOC2 audit with a very minimal about of people. This has allowed us to save a lot of money and time when it comes to hiring personnel, or borrowing them from their normal day to day job.
Recommendations to others considering the product:
I think this tool could help anyone - especially small-medium-sized companies.
DevOps Tech Lead and DPO
What do you like best about the product?
One of the best platforms I have ever used. Everything is so smooth and easy to understand. Help from Drata's employees is out of this world. Definitely makes achieving compliance readiness an easy and enjoyable process.
What do you dislike about the product?
To be honest there is nothing so far that I dislike!
What problems is the product solving and how is that benefiting you?
Drata helps us at automating our SOC 2 compliance.
Recommendations to others considering the product:
Schedule a demo with Drata! They will explain everything and after that, there will be no doubt if choosing them is the right choice!
A compliance and customer-centric product and company culture!
What do you like best about the product?
We are using the Drata platform for monitoring our HIPAA and SOC2 compliance status! Working with the Drata team has been a breeze since Day 1. The platform receives regular updates that help us align our organization's controls and measures with the law and stay current with industry standards. The Drata team is a set of talented and committed individuals who demonstrate commitment toward their customers and are well-versed with the features and how they apply to different compliances.
Our Customer Success Manager Nick Chapman has gone above and beyond to ensure we have all the information we need and even connected us with the audit and technology team if the issues require expert advice.
Our Customer Success Manager Nick Chapman has gone above and beyond to ensure we have all the information we need and even connected us with the audit and technology team if the issues require expert advice.
What do you dislike about the product?
Honestly, there is nothing that I dislike about the product or Drata's support. Like with anything new, there is a slight learning curve to using the product, and getting employees onboarded on the platform seems daunting at first. However, Drata makes it easy to adhere to and monitor the compliances.
What problems is the product solving and how is that benefiting you?
From a small organization perspective, before Drata, it was not easy to make sense of compliance requirements and keep up-to-date. Drata brings everything under one hood and provides both technical and business support. Their team is very prompt and clear in their responses. They will work with you day and night, regardless of time constraints, and ensure that goals and objectives are met.
Excellent product to speed up the ISO27001 or HIPAA certification process and managing all topics
What do you like best about the product?
- Continuous monitoring of evidence (AWS, MongoDB, Office 365 etc.)
- Simple process to provide evidence for ISO27001 or HIPAA controls.
- We have the best customer success manager (Gabe :) )!
- The support is really helpful and responsive. Recommending also other tools that can be helpful in the process.
- Nice UI/UX of the product
- Sample policies already included
- AWS access is with AuditRole and not with reading access as some competitors.
- Simple process to provide evidence for ISO27001 or HIPAA controls.
- We have the best customer success manager (Gabe :) )!
- The support is really helpful and responsive. Recommending also other tools that can be helpful in the process.
- Nice UI/UX of the product
- Sample policies already included
- AWS access is with AuditRole and not with reading access as some competitors.
What do you dislike about the product?
I have nothing to report here...sorry :)
What problems is the product solving and how is that benefiting you?
ISO27001 & HIPPA compliance and certification
Drata provides confidence for SOC 2 efforts
What do you like best about the product?
The ease of using the tool. it organizes information
What do you dislike about the product?
lack of integrations with some tools we use
What problems is the product solving and how is that benefiting you?
Preparing for SOC 2 examination. Assists with identifying areas we need to work on.
Couldn't imagine a better experience to get on track for SOC2
What do you like best about the product?
Drata provided value to us on day 1. They were able to get us set up with compliant policies and a generated compliance summary report that we could share with customers even before we had our SOC2 report.
As we worked to get fully certified, the team was exceedingly helpful with resources, referrals, and one-on-one help to get us to the SOC2 certification. I can't imagine a better experience.
As we worked to get fully certified, the team was exceedingly helpful with resources, referrals, and one-on-one help to get us to the SOC2 certification. I can't imagine a better experience.
What do you dislike about the product?
Honestly, not much. The team has been amazing, the platform has been stable, and they have always been extremely quick to help us solve any questions or concerns.
What problems is the product solving and how is that benefiting you?
We initially were interested in SOC2, but now are pursuing GDPR as well because the system has been so reliable and easy to set up. Even before we were certified, the automated reports they generated helped us pass customer security reviews, which was a huge win.
showing 471 - 480