Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Useful Tool That is Underutilized by Auditing Companies
What do you like best about the product?
I really have enjoyed that all the evidence is aggregated in one spot and presented in a way that auditors have understood it. The integrations are also useful, data that syncs up with any changes is especially useful in a fast paced business environment.
What do you dislike about the product?
The real downside of using drata was the fact that Auditors were reluctant to use it. All the evidence was there in the platform and visible for them to use, but they still wanted us to walk them through all of our controls over video chats. This defeated the purpose of Drata and did not save us time.
What problems is the product solving and how is that benefiting you?
The tedious process of data and evidence collection.
- Leave a Comment |
- Mark review as helpful
A useful solution
What do you like best about the product?
Nice UI, nice cloud vendor tooling tie ins to AWS & GCP.
Easily see your IT assets and allocated users.
Useful top down view of compliance checklists all in one place.
Handy lightweight MDM solution with agents for all OSes and a web dashboard / onboarding flow for users.
Out of the box SSO/SAML IdP integrations like Google auth.
Easily see your IT assets and allocated users.
Useful top down view of compliance checklists all in one place.
Handy lightweight MDM solution with agents for all OSes and a web dashboard / onboarding flow for users.
Out of the box SSO/SAML IdP integrations like Google auth.
What do you dislike about the product?
Very limited custimization options. Because there is no way to customize user IT asset compliance rules, if you don't do things 100% the Drata way, 100% of yours users will show as non-compliant all the time, becaus there is no way to customize the ruleset Drata uses. This makes the compliance dashboard of limited value.
This is an overall theme in Drata. It's highly opinionated, so if you do things 100% their way, it works well, but if not you'll never see a complete compliance picture due to continuous false positives. This can also be seen in the cloud asset compliance checks and VCS checks. If you have no existing SOC2 apparatus, and want to use the Drata way hook line and sinker, this can work well, but if you have an existing compliance process, you'll possibly feel constrained in your ability to tailor Drata to fit.
Finally custom API integrations are rudimentary. The fact that you must open a support engineer directly to get an API key speaks to this currently being a rudimentary feature, rather than a rich API layer. We had to reverse engineer APIs and use UI tokens/sessions to automate processes, rather than the official Drata APIs to get things automated.
This is an overall theme in Drata. It's highly opinionated, so if you do things 100% their way, it works well, but if not you'll never see a complete compliance picture due to continuous false positives. This can also be seen in the cloud asset compliance checks and VCS checks. If you have no existing SOC2 apparatus, and want to use the Drata way hook line and sinker, this can work well, but if you have an existing compliance process, you'll possibly feel constrained in your ability to tailor Drata to fit.
Finally custom API integrations are rudimentary. The fact that you must open a support engineer directly to get an API key speaks to this currently being a rudimentary feature, rather than a rich API layer. We had to reverse engineer APIs and use UI tokens/sessions to automate processes, rather than the official Drata APIs to get things automated.
What problems is the product solving and how is that benefiting you?
Top down single source of compliance state and information.
Ease of compliance w Drata
What do you like best about the product?
The continuous monitoring of controls and regular updates on missing compliance
What do you dislike about the product?
They don't have international background check integrated w Checkr. Atleast they didn't have it while we were getting onboarded.
What problems is the product solving and how is that benefiting you?
It streamlines the various compliances for us, mainly SOC2 Type2 & HIPAA. Being into healthcare tech, these compliances are of utmost importance and Drata has definitely eased the process.
An easy to use compliance management software
What do you like best about the product?
Drata monitors our systems daily and raises alerts whenever something is amiss. Integrations are also seamless with many of the systems we use. It also makes audits like SOC2 easy by automating a lot of controls.
What do you dislike about the product?
Although the evidence management flow has been simplified, it can be improved further.
What problems is the product solving and how is that benefiting you?
Automated compliance checks for our systems and helping with audits.
Good system which is easy to use.
What do you like best about the product?
Automated task manager. Audit sync ability. Integrated with our HR system, need to explore other integrations to get the best out of it.
Customer support team are quick at responding and supporting the process.
Customer support team are quick at responding and supporting the process.
What do you dislike about the product?
No export option on any pages. This would make a lot easier when tracking and sharing updates with c-suite staff.
Ability to change the view, for example - tasks outstanding are in a view of by month, would be useful to have this interchangeable into a monthly calendar view (which can also be exported) so you can quickly see tasks needing focus for the month ahead.
Ability to change the view, for example - tasks outstanding are in a view of by month, would be useful to have this interchangeable into a monthly calendar view (which can also be exported) so you can quickly see tasks needing focus for the month ahead.
What problems is the product solving and how is that benefiting you?
Ensuring that we have got all policies in order and making sure these are reviewed regularly. Creating one source of the truth which is easy to share with team members for 1 quick check.
Great platform with excellent customer support
What do you like best about the product?
Super easy to set up, use and maintain, plus they have excellent customer support. The speed and frequency that Drata are releasing new & very good features is impressive and have really added to our experience.
What do you dislike about the product?
No downsides so far, we have loved the Drata product.
What problems is the product solving and how is that benefiting you?
Helping our small team maintain compliance on an ongoing basis
SOC2 made easy(ier)!
What do you like best about the product?
The setup of Drata was quite straight forward. The documentation and customer support was really helpful. The intergration was simple. Onboarding team was easy.
What do you dislike about the product?
The amount of policies can be overwhelming at first but this was where customer support came in handy!
What problems is the product solving and how is that benefiting you?
Getting a birdseye view of our current state and what needed to be done to achieve SOC2
Getting devices registered
Getting devices registered
Drata is excellent for compliance
What do you like best about the product?
This was the first time anyone had gone through SOC 2 compliance and Drata helped us achieve it without issue. Support was there from day 1 to help walk us through everything and answer any of our questions. I would not hesitate to use them again at another company.
What do you dislike about the product?
The drata agent could be better in regards to auto updating and covering all the main operating systems better. Some of the workflows and processes are a little clunky.
What problems is the product solving and how is that benefiting you?
Drata is helping us achieve our SOC 2 Type report. They helped us collect all the evidence and provided us with all of the boilerplate documented policies to help us get there. They also helped us find our SOC 2 Auditor as well.
Drata allowed us to attain our SOC2 Type II attestation within 12 months
What do you like best about the product?
The vast array of integrations into cloud platforms, idenitity providers and HRIS.
What do you dislike about the product?
UI was a little buggy initially but this improved as the product matured.
What problems is the product solving and how is that benefiting you?
Allows us to spend less time managing our SOC2 controls by providing continuous compliance.
Small Startup - Fast Track to Soc2 and HIPAA
What do you like best about the product?
Very easy and straighforward to use-prepopulated policies and easy to understand progress dashboards. Lots of very easy integrations.
What do you dislike about the product?
Not as automated as I thought--but hard to imagine how much easier they could make it. I wasnt very familiar with the security process before we went through this.
What problems is the product solving and how is that benefiting you?
Drata solves a lot of the project planning, coordination and communication around getting security certifications--and does so at a fraction of the cost and effort. Its hard to put a price on how much time and effort htis saved us.
showing 281 - 290