Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Easy mode Compliance
What do you like best about the product?
Drata provides a great map for handling adoption of a framework and makes my team (who are not GRC experts) the ability to track where we are and where we need to go. Getting onboarded to the platform was streamlined and super easy, the policy templates were a life saver.
The software also has a plethora of available frameworks to ensure that as we continue to grow and scale we'll have a partner for our compliance needs.
The out of the box integrations provide a very simplified view of where our gaps exist in infrastructure/internal tooling.
Our CSM Gabriella is amazing and always has answers to our questions.
The software also has a plethora of available frameworks to ensure that as we continue to grow and scale we'll have a partner for our compliance needs.
The out of the box integrations provide a very simplified view of where our gaps exist in infrastructure/internal tooling.
Our CSM Gabriella is amazing and always has answers to our questions.
What do you dislike about the product?
I do not currently have any complaints about Drata's platform other than I am still doing compliance work.
What problems is the product solving and how is that benefiting you?
Drata's policy mapping makes it really easy to resolve compliance issues pre-audit to make things smooth/simple.
The vendor manager makes staying up to date super easy.
The vendor manager makes staying up to date super easy.
- Leave a Comment |
- Mark review as helpful
A lighthouse in the fog of security certifications
What do you like best about the product?
It gives me a clear and comprehensive list of things I need to put in place to achieve any certification. It is easy to use, easy to put in place. I use it every day.
What do you dislike about the product?
The product is still young and there are some bugs on the platform. The customer support seems sometimes overwhelmed.
What problems is the product solving and how is that benefiting you?
Saves time to gather evidences
Gives me a clear of requirements I can tick one by one
Gives me a clear of requirements I can tick one by one
Drata's platform makes compliance easier
What do you like best about the product?
The platform is great -- resources, chat, and just general monitoring of what's happening and needs to happen.
It's a single source of truth and easy to use on a regular basis. Plus the customer support is great!
It's a single source of truth and easy to use on a regular basis. Plus the customer support is great!
What do you dislike about the product?
I think the access to information on what the control means and what is needed could be more detailed. The information is a little hard to know exactly what is needed and working with auditors helps, but it would be more efficient with common examples and needs.
What problems is the product solving and how is that benefiting you?
getting and maintaining our SOC2 compliance
ensuring that we are up to date on the controls and needs throughout the year, so that it's easier when we have to go through the annual attestation process
communicating with our advisors
one place to house all the evidence and docs
ensuring that we are up to date on the controls and needs throughout the year, so that it's easier when we have to go through the annual attestation process
communicating with our advisors
one place to house all the evidence and docs
Head of Product
What do you like best about the product?
Integrations and UX are top notch. Also their support and customer success orgs are unparallelled.
What do you dislike about the product?
Finding the account settings/permissions page is somewhat nebulous.
What problems is the product solving and how is that benefiting you?
Drata helped us to quickly achieve our SOC 2 Type I and II Reports
Great guidance
What do you like best about the product?
The compliance experts team is super helpful.
What do you dislike about the product?
There's still a lot to trim if you're only looking for SOC2 compliance.
What problems is the product solving and how is that benefiting you?
It's helpingus understand what should and shouldn't be done to become compliant.
Detailed and Organized
What do you like best about the product?
I like the way drata is organized. Seperation of Controls, Policies and personal is perfect.
What do you dislike about the product?
Notifications were not always sent out when policies where updates
What problems is the product solving and how is that benefiting you?
Getting us to SOC2 compliance and then moving to HIPAA
White-glove, attentive and persistent services from humans in a technical world
What do you like best about the product?
Drata feels invested in their client's success when it comes to acheiving their compliance goals. It isn't often that you get attention from humans in today's world as everyone is trying to squeeze every penny out of every deal. You can also translate the previous sentance to, "everyone is trying to squeeze every human out of the production loop so you always get the same standard sub-par service, regardless of your actual needs". Drata is hands-on and even reviews information ahead of calls rather than showing up to calls with zero preperation or information. That is appreciated in today's impersonal world.
What do you dislike about the product?
The pricing is my least favorite part, but a high-quality service is rarely the most expensive and if time is money, I'd buy this again and again.
What problems is the product solving and how is that benefiting you?
Managing the compliance workflow and helping to maintain those compliance levels beyond the one-time tasks.
Great Product, Phenomenal Account Management and Follow-through
What do you like best about the product?
Drata is a well executed product for compliance automation. It is framed as a tool that helps your organization achieve a robust security and compliance posture and delivers on this promise. In general, the product is easy to use and improving at a steady pace.
What do you dislike about the product?
If there's no connector for a tool you use, the process of uploading evidence is manual. Most of ours were covered, but it's important to keep this in mind as you evaluate. New connectors are being built and improved all the time, but if several you need are missing, you should count on more hours spent.
If you are working on your first SOC2:
- Coming up with a system description is a manual process, even though many of the "component" parts already exist in the system, they don't provide a UI to compile them into the system description that is required by SOC2. This is a one-time pain and I can understand why they've prioritized other areas for improvement over this... better to improve the stuff that is an ongoing pain, rather than the stuff that comes up once and is done (until there is a major change to your architecture)
- Some of the boilerplate policies Drata ships with had minor typos (that was a few years ago and they've likely fixed them)
Finally, Drata's own security awareness training is straightforward and could use some improvement. They provided a lightweight solution that 100% works, but it's not as memorable and engaging as it could be.
If you are working on your first SOC2:
- Coming up with a system description is a manual process, even though many of the "component" parts already exist in the system, they don't provide a UI to compile them into the system description that is required by SOC2. This is a one-time pain and I can understand why they've prioritized other areas for improvement over this... better to improve the stuff that is an ongoing pain, rather than the stuff that comes up once and is done (until there is a major change to your architecture)
- Some of the boilerplate policies Drata ships with had minor typos (that was a few years ago and they've likely fixed them)
Finally, Drata's own security awareness training is straightforward and could use some improvement. They provided a lightweight solution that 100% works, but it's not as memorable and engaging as it could be.
What problems is the product solving and how is that benefiting you?
We mostly work with larger enterprise customers that are concerned with our security posture and our procedures, processes, and stable operation, even though our product is largely installed on-premises / hosted by our customers. For years we manually answered every security questionaire sent our way, by prospects and customers alike. This was a time consuming task and many of the same answers were provided over and over. Using Drata to help us achieve continuous SOC2 Type II compliance became our goal. We've now achieved it (with two successful third party attestations) and are moving on to new frameworks like ISO 27001 and HIPAA. Drata is at the center of all this work. It brings it all together. It's a product we can trust from a company that has proven they can execute quickly, at a high degree of competence.
The two CSMs we've worked with have been phenomenal. Shout out to Craig Macaraeg, our current CSM, who's consistently ready and willing to help, positive, informative, advocates for us, and follows up when he says he will. The entire Drata team is incredibly customer focused and obsessed with being the best at what they do. It's also important to keep in mind that the compliance automation vendor has leverage with their audit partners, and Drata has many of said partners. You want a solid relationship with both the vendor and the auditor you are working with, and you also want the automation vendor to be able to push on the auditor when necessary. For example, our auditor wasn't using the Audit Hub functionality in Drata. Once we brought this up with the Drata team they had a conversation with the auditor immediately and made sure they were committed to using the platform and all it's capabilities.
Ultimately, the Drata platform helps us build and maintain trust with our customers, which is incredibly valuable—and they are a solid partner as we navigate compliance in general, posessing a lot of inhouse knowledge about the various compliance frameworks, and constantly exanding those that are available, bringing new entrants to market as fast as they can. Our trust in Drata helps build our own confidence that we can build and maintain trust with our customers.
The two CSMs we've worked with have been phenomenal. Shout out to Craig Macaraeg, our current CSM, who's consistently ready and willing to help, positive, informative, advocates for us, and follows up when he says he will. The entire Drata team is incredibly customer focused and obsessed with being the best at what they do. It's also important to keep in mind that the compliance automation vendor has leverage with their audit partners, and Drata has many of said partners. You want a solid relationship with both the vendor and the auditor you are working with, and you also want the automation vendor to be able to push on the auditor when necessary. For example, our auditor wasn't using the Audit Hub functionality in Drata. Once we brought this up with the Drata team they had a conversation with the auditor immediately and made sure they were committed to using the platform and all it's capabilities.
Ultimately, the Drata platform helps us build and maintain trust with our customers, which is incredibly valuable—and they are a solid partner as we navigate compliance in general, posessing a lot of inhouse knowledge about the various compliance frameworks, and constantly exanding those that are available, bringing new entrants to market as fast as they can. Our trust in Drata helps build our own confidence that we can build and maintain trust with our customers.
Easy to Onboard and operate
What do you like best about the product?
The implementation of Drata, coming from a previous solution, was really ease: simple staged onboarding steps, precanned policies to review (and leverage which saved us $$$ in technical writing review costs) combined with easy agents to configure for employee devices. The integrated approach with our SaaS ecosystem helps reduce the operational time and speeds our compliance activity. In fact, I'm happy to dive into Drata on a daily basis and their customer support is both interactive and human!
What do you dislike about the product?
One minor issue I have is that while there may be an integration in place for a specific area, many companies have multiple systems in place. This allowing only one integration per category becomes difficult and forces other internal effort that may complicate rollouts.
What problems is the product solving and how is that benefiting you?
As a financial services technology company, measuring our compliance performance is important. It's also important to provide that transparency to our prospective and existing customers to support business development and build trust. By automating much of the compliance activity we are more nimble and agile as an operator.
Excellent tool for achieving security compliance
What do you like best about the product?
Our Drata customer success representative is outstanding. Through the whole process, she's communicated what we need to do very cleary, has been patient with our shifting timelines and responsive to our questions.
The Drata security center has become a fundamental part of our tooling when it comes to evaluating our security posture and it's easy to notice when something falls out of compliance.
The integrations with the multitude of tools we use simplifies our day-to-day security operations as well.
The Drata security center has become a fundamental part of our tooling when it comes to evaluating our security posture and it's easy to notice when something falls out of compliance.
The integrations with the multitude of tools we use simplifies our day-to-day security operations as well.
What do you dislike about the product?
The Drata agent occasionally won't recognize certain requirements that have been fulfilled on our employees computer; this issue has been fairly infrequent, so it's barely enough to even mention :)
What problems is the product solving and how is that benefiting you?
Making sure that we are compliant with multiple different security frameworks.
showing 151 - 160