External reviews
External reviews are not included in the AWS star rating for the product.
Drata Great Compliance Platform
What do you like best about the product?
This Platform is easy to set up and also, incorporates your contractors and vendors.
What do you dislike about the product?
You must have Policies in place for our employees and contractors to mandate they fully comply. Otherwise, they have to manually enter evidence. Its always better when the employer decides what all employees and contractors must do.
What problems is the product solving and how is that benefiting you?
We are meeting our yearly 12-month compliance posture
Recommendations to others considering the product:
I recommend DRATA for any organization needing to meet its compliance requirements.
- Leave a Comment |
- Mark review as helpful
An excellent product for your compliance and security framework such as SOC2, ISO27001 & more...
What do you like best about the product?
Drata has made it so simple to capture and provide evidence for SOC2 and ISO270001 controls. With their autopilot (continuous) monitoring it is even easier to see your controls and their status in action. Their integration with AWS, Azure, Github etc enable them to monitor most of the controls on continous basis.
What do you dislike about the product?
To be honest this product made SOC2 auditing and (ISO27001 certification controls) like a breeze. We are almost ready for the upcoming SOC2 auditing and based on our previous experience it feels a lot simpler and easier this time. A couple of suggestions have been passed on to Drata.
What problems is the product solving and how is that benefiting you?
Collecting evidences for SOC2 auditing has always taken a significant amount of time but with Drata's integration with Cloud providers such as AWS, Azure, Github (Source Controls) and many more have made the evidence collection process simpler. For us Drata app is source of truth for auditing and for the evidences.
Can't Imagine Achieving SOC2 Without Drata
What do you like best about the product?
The way the software holds your hand throughout the process is impressive. There were so many elements of our SOC2 journey that would have been missed if we had not been using Drata.
What do you dislike about the product?
The software is sometimes not intuitive for navigation.
What problems is the product solving and how is that benefiting you?
This is now our platform for compliance. We plan on doing additional frameworks after we complete our first. Knowing that I'm working on the right policies and right controls takes most of the guesswork out of getting compliant. Plus we now have a repository for all of our policies that anyone in the company can get to for reference.
Conquered partner compliance needs in less than 60 days
What do you like best about the product?
The policy center makes it incredibly easy to fine-tune and publish policies. The connection to Google Workspace ensures that all of our employees are tracked and updated when policies change. The workstation client does a great job of ensuring basic compliance can be met. Drata onboarding support has been superb.
What do you dislike about the product?
One of the recommended vendors did not return our message. This isn't really Drata's fault, per se, but it was a small disappointment.
What problems is the product solving and how is that benefiting you?
We have a short-term problem that we have already solved -- convincing a partner that our path towards a secure environment meets their requirements. The long term problem of passing a SOC 2 audit is underway and Drata makes the roadmap super easy to follow.
Security & Compliance Observability Platform
What do you like best about the product?
Easy to get going and set up. Connecting core systems in 15 min and getting visibility on what I need to resolve for the audit.
What do you dislike about the product?
There is an annoying "refer customers" banner. I will and I have. Please remove the banner from my dashboard
What problems is the product solving and how is that benefiting you?
We are going for a SOC2 Type 2 audit for our SaaS platform. We are using Drata to understand what we need to get done before kicking off the audit process.
Solid product to help achieve SOC-2 compliance
What do you like best about the product?
Provides one place for policies, active monitoring, and other artifacts needed for SOC-2.
What do you dislike about the product?
Some of the capabilities of select integrations need to mature more (e.g. fine-tuning of evidence pulled, what is/isn't monitored, etc)
What problems is the product solving and how is that benefiting you?
The active monitoring of endpoints is a platform feature that has proven beneficial.
Drata does compliance right to actually build a culture of security
What do you like best about the product?
I've been working at growth-stage SaaS startups for a decade and have never found another platform like Drata. The technology this team built for automating compliance goes beyond what's on the market today from the other providers claiming they make achieving compliance easy. Drata also has an awesome team of humans helping to project manage the journey to achieving SOC 2, HIPAA, ISO 27001, or whatever framework of requirements you're working with.
What do you dislike about the product?
It will be interesting to see how Drata continues to innovate on its platform considering this is becoming a crowded category. But there isn't much to dislike about Drata when you're working with such a great squad. Just go on social media to see all the shoutouts they're getting from other companies they helped to achieve compliance.
What problems is the product solving and how is that benefiting you?
The way that Drata makes it easy to project manage the compliance process, and has architected a platform to support it, makes working towards SOC 2 much easier than having to go through the process manually.
Recommendations to others considering the product:
Forget Vanta. Go with Drata.
Perfect for making SOC 2 feel like Turbotax
What do you like best about the product?
There are a lot of vendors to choose from for SOC 2 automation. We chose Drata because their team has former auditors and their CEO Adam understands there is much more to SOC 2 than just checking the box for compliance. We decided to use Drata for our security and compliance automation tool to help with SOC 2 and get advice from their experts.
What do you dislike about the product?
It doesn't support serverless frameworks which is much more difficult to snapshot evidence than just a typical EC2. This makes the evidence and data collection back to manual processes for us.
What problems is the product solving and how is that benefiting you?
SOC 2 compliance automation. We are using Drata to organize our data and get our compliance evidence package as automated as possible. They have a ton of expertise on the subject and seem to be very knowledgeable about the process.
Recommendations to others considering the product:
SOC 2 expertise is a priority and they gave us a lot of guidance around the technical controls in SOC 2.
Great customer service, transparent sales
What do you like best about the product?
Drata has offered us top-notch customer service so far. Many vendors can help with SOC 2, but Drata stood out with their warm customer service. They were very flexible when dealing with requests, provided transparent info during sales calls and have made a small team like ours feel welcome. Thanks Ali and Ashley for the regular help with onboarding and prompt responses to our requests.
What do you dislike about the product?
Nothing so far. Still in the process of getting SOC 2 but it looks like Drata has all bases covered. I have suggested some improvements to their documentation - to add videos to explain the product better.
What problems is the product solving and how is that benefiting you?
We are in the process of getting SOC 2 certified. We have connected our cloud infrastructure and other resources to Drata and are monitoring it for security.
Recommendations to others considering the product:
I'd recommend Drata for their customer service and transparent dealing during Sales calls. Most products in this market are similar, so customer service is an essential point of differentiation.
Fantastic product and support
What do you like best about the product?
Drata makes going through SOC 2 certification almost fun! Very clear interface, logical flow of what needs to be done, dashboard for the overall health of the project etc. The company constantly adds new features and all of them really spot on. All this plus an exceptional customer support. Access to a chat with knowledgable human during extended business hours and customer success manager who goes far and beoynd to assure the success of project (pun intended). I am genuinly enjoying to use them for our SOC 2 certification.
What do you dislike about the product?
Nothing really. Gotchas like not supporting contractors with a different email domain, but those are minor issues.
What problems is the product solving and how is that benefiting you?
We are a startup with naturally limited resources. Having Drata by our side makes getting SOC 2 certified possible.
Recommendations to others considering the product:
Exceptional product and service.
showing 501 - 510