Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Drata is exceptional
What do you like best about the product?
In a world of substitutes, the only real product anyone offers is customer service. We partnered with Drata to help us prepare for a SOC2 compliance audit. The platform is excellent. If you've ever done an initial SOC2 audit prep, you know there are many questions to be answered. Drata's live support team is incredibly responsive and regularly answers my questions with one response. Not only are they really focused on making sure I have the answers I need to proceed, they often provide links to articles that empower DIYers like me. I appreciate a direct answer as much as anyone else, but these articles help me understand why the answer is what it is.
What do you dislike about the product?
If I have to come up with something, I'd have to say that I'd really like a way to search all policies from one location. For example, when we began the process of preparing for our SOC2 audit, there were many questions that arose from our need to better understand what was required in a given policy. We used the notation functionality within the policy editor to document our questions. There isn't however a centralized location to see all of my comments on all policies. Consequently, I have to open and close each of the 20 policies to find the comments and get answers. It's inconvenient but not a deal breaker.
What problems is the product solving and how is that benefiting you?
We need to achieve a passing SOC2 compliance audit. Without Drata, we could not do this on our own. We do not understand the needs well enough to spool up an internal team to make this happen. With Drata, we have the structure and support to launch into this process with a high degree of confidence.
- Leave a Comment |
- Mark review as helpful
SOC 2 and ISO 27001 compliance platform
What do you like best about the product?
Access to auditors via (mostly) immediate text chat. The frameworks are quite tricky to understand, and while the Drata platform makes many elements more straightforward, it's great to get clarification of my interpretation, just to get some reassurance that I've understood the wording correctly.
What do you dislike about the product?
It's not cheap! Many American SaaS platforms forget that companies outside the USA aren't able to pay USA prices - so I do think Drata needs to tailor to other markets, where it operates in them.
What problems is the product solving and how is that benefiting you?
I was tasked with "getting SOC 2" - which I wasn't too familiar with, beyond the fact it exists. This has been a massive can of worms, involving rewriting every policy, examining every single information system and process, and I have absolutely no idea how I'd have coped without Drata.
Some organisations have the benefit of inhouse auditors, legal, and so on - we're just 70 people, and SOC 2 / ISO 27001 projects are not my main job. If it wasn't for Drata, this process would be taking much longer, and I suspect would involve huge amounts of expense with external consultants.
Some organisations have the benefit of inhouse auditors, legal, and so on - we're just 70 people, and SOC 2 / ISO 27001 projects are not my main job. If it wasn't for Drata, this process would be taking much longer, and I suspect would involve huge amounts of expense with external consultants.
Their platform was not honest about what it was doing until I called them on it.
What do you like best about the product?
The tool is easy to use and it's clear how I can achieve ISO27001 and SOC2 compliance using the platform. The automated checks are what I want for my business, and I can see us utilising the platform in the future.
What do you dislike about the product?
I noticed that their MDM checks for hard drive encryption are only checking that there's an MDM policy called "FileVault" applied to the computers, and are not checking whether that policy actually contains a setting that enables disk encryption. When I confronted their support about this I was given incorrect information. They told me that it was actually checking encryption status when my testing showed that that's not the case. They are working on improving the check to actually check what it says it checks on the trust report it's checking, but...shouldn't that have already been done? Why is a customer pointing out that your platform doesn't do what it says it's doing? Why are you reporting on customer trust centers that you're checking hard drive encryption status with a big green tick when you're not actually checking that?
I was also misled during the sales process. The salesman insisted that all of support was available with a 2 minute turnaround. This is not true, as the compliance team is not available in my timezone at all. This is in no way a 2 minute response time, it's overnight response times for me.
I can see how I will leverage the platform to achieve the compliance requirements I want, but I do not trust them anymore, and I recommend other users don't trust them either after my experience.
I was also misled during the sales process. The salesman insisted that all of support was available with a 2 minute turnaround. This is not true, as the compliance team is not available in my timezone at all. This is in no way a 2 minute response time, it's overnight response times for me.
I can see how I will leverage the platform to achieve the compliance requirements I want, but I do not trust them anymore, and I recommend other users don't trust them either after my experience.
What problems is the product solving and how is that benefiting you?
It automates the evidence gathering portion of achieving ISO27001 compliance. This is the most labour intensive part of the work, so it's nice to have a platform that automates this work.
Using Drata as a SOC-2 compliance platform
What do you like best about the product?
We love Drata because it helps us gain visibility over our internal controls and audits in preparation for SOC-2 renewals. The support is top notch and always responds within minutes with accurate and precise information.
What do you dislike about the product?
Our experience has been great so far, although the self-service can use a few improvements. I am thinking in terms of a FAQ section that covers each major item (and sub-sections) in the user dashboard to make it easier for new users to browse the application.
What problems is the product solving and how is that benefiting you?
Please refer to what I said earlier about what we like about Drata.
Great experience
What do you like best about the product?
Very user friendly, fast and effective customer service (both account management and compliance guidance). Made compliance certification and tracking much less daunting.
What do you dislike about the product?
No real downsides. The reports and docs tab could be more user friendly - hard to search and doesn't have as many classification options as would be useful. Also, some reports are stored under HR/company settings rather than in reports and docs.
What problems is the product solving and how is that benefiting you?
Drata has allowed us to track our compliance and to prepare our certifications. Its frameworks mean that we do not forget any requirements and we can centrally store evidence.
Easy to use SOC2 compliance platform
What do you like best about the product?
User-friendly, easy to understand what you and your team need to manage to be successfully compliant. Onboarding new users is easy and managing requirements is quick.
What do you dislike about the product?
Nothing so far, it's going well. I've used the consultant chat service and it was quick and easy.
What problems is the product solving and how is that benefiting you?
We're obtaining our SOC2 certification and need guidance on how best to prepare for the audit.
Simplified the process of getting our first SOC 2 attestation
What do you like best about the product?
Drata has a modern software platform that I found to be highly usable and free of errors compared to many web apps. They automate everything possible about the compliance process. But the thing I like best about working with Drata are the professionals they make available to guide you through the steps to getting an attestation. They kept it all from being overwhelming.
What do you dislike about the product?
There is definitely a learning curve when first starting with the Drata platform, but that is to be expected. For me, I found it harder to scale the curve of understanding SOC 2 requirements than the web app itself.
What problems is the product solving and how is that benefiting you?
Drata tracks relevant data towards our SOC 2 compliance via both automated means and the addition of manual evidence. Our auditors use Drata to request information from us and track our responses.
Drata makes compliance easy
What do you like best about the product?
Drata includes plenty of tools to facilitate the compliance journey, ranging from boiler-plate policies to activity monitoring.
What do you dislike about the product?
The on-boarding flow could use some improvement, as it isn't immediately apparent what one should work on.
What problems is the product solving and how is that benefiting you?
As a small start-up, we did not have any prior compliance experience. Drata eliminated the need to build out a compliance team or hire a consulting firm and allowed us to build our capabilities in house with our current headcount.
Great platform that simplifies compliance certification
What do you like best about the product?
Intuitive UI, responsive support team, ample and thorough documentation and real time testing of controls
What do you dislike about the product?
A number of fields need to be relabelled to minimize conflicting messages
What problems is the product solving and how is that benefiting you?
SOC 2 certification for a new enterprise startup.
Incredible customer service & audit experts
What do you like best about the product?
Drata offers the best customer service I've ever experienced across both B2B SaaS and consumer products. Their audit / compliance experts are extremely helpful, responsive, and thoughtful in troubleshooting with you.
What do you dislike about the product?
I would love more integrations to keep everything in sync as well as better syncing across modules and tabs within the product.
What problems is the product solving and how is that benefiting you?
Drata is the compliance platform we use to ensure we consider and adhere to all of the requirements from various compliance frameworks.
showing 341 - 350