Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Drata Review
What do you like best about the product?
Ease of use and implementation, very straight forward and user friendly.
What do you dislike about the product?
Appears to be the odd sync issue across some of the employees and compliance, but it seems to be intermittent and self-correcting over time.
What problems is the product solving and how is that benefiting you?
Preparing for your SOC 2 Type 2 certification.
- Leave a Comment |
- Mark review as helpful
Great company to work with
What do you like best about the product?
The platform has a clean layout, the customer success team is engaged, support is awesome.
What do you dislike about the product?
Nothing major, but I would like more notification features (Slack, etc) as well as reporting features.
What problems is the product solving and how is that benefiting you?
Drata helps us simplyfy and visualize our compliance stance, giving us actionable items to build out our security and foster trust with our customers.
Drata has strengthened and accelerated our security program.
What do you like best about the product?
Drata is able to integrate with many of our systems and provide automated continuous compliance monitoring of our security controls. This allows us to easily identify items that fall out of compliance. The breadth of integrations won us over.
What do you dislike about the product?
The UI can have some challenges or jankiness at times. Typically this is the result of a capability being built for MVP and not yet fully-fledged. The response from feedback is very strong and often I find my suggestions in the product next month.
What problems is the product solving and how is that benefiting you?
Internal audit of SOC2 controls can be timely and burdensome. Nothing is great unless it has an owner and Drata allows someone to own oversight and monitoring of our SOC2 program as a part of their work instead of as their job. This benefits our security team greatly so they can spend more time on other aspects of our security posture instead of tickbox exercises that a machine can do (such as ensuring proper configuration of employees' laptops).
The value from Drata is increased security through the use of continuous monitoring streamlining many SOC2 controls. Areas that are not automatically monitored are able to be tracked manually. Drata is an extremely comprehensive system that has dramatically improved our SOC2 program.
The value from Drata is increased security through the use of continuous monitoring streamlining many SOC2 controls. Areas that are not automatically monitored are able to be tracked manually. Drata is an extremely comprehensive system that has dramatically improved our SOC2 program.
SOC2 compliance on the autopilot
What do you like best about the product?
The UI/UX of the service is top-notch. Drata is literally holding hands in preparing your company for a SOC2 certification, when you have never done this before.
What do you dislike about the product?
I literally have no complaints so far. The service is very well designed, and their support team is always available to help.
What problems is the product solving and how is that benefiting you?
Drata is helping your company get ready for a SOC2 audit. It removes all the hassle from the process and makes such a complex project look so easy.
DRATA integral partner during SOC 2 Type 2 journey
What do you like best about the product?
Details on entire process shared at the onset - you'll know the plan, what step in the journey you've completed, and what comes next
Super responsive customer success team and technical solutions support - answered any & all questions
Full automation - immediate insights for all in scope employees, no guesswork for where to focus
Super responsive customer success team and technical solutions support - answered any & all questions
Full automation - immediate insights for all in scope employees, no guesswork for where to focus
What do you dislike about the product?
No complaints
The DRATA team were our partners in this journey, not just our support team
They answered all questions readily and with sufficient detail
My only advice to other users - share the test# when you ask a question, and you'll gain even more insights from the response
The DRATA team were our partners in this journey, not just our support team
They answered all questions readily and with sufficient detail
My only advice to other users - share the test# when you ask a question, and you'll gain even more insights from the response
What problems is the product solving and how is that benefiting you?
SOC2 Type 2
Streamlined platform & exceptional customer service
What do you like best about the product?
The Drata platform is sleek and easy to use. It kept us on track and organized as we prepared for our first SOC audit. Raahsaan and the rest of the Drata team provided exceptional customer service, as well. Many thanks to the Drata team for getting us through our SOC audit!
What do you dislike about the product?
Sometimes the Drata Governance > Personnel section indicators do not update to reflect the current status. For example, we have two new users using encrypted computers, but Drata still shows the encryption indicator as red/non-compliant. These new users started Monday, 11/1, yet the platform has not yet updated. It isn't a deal-breaker, but the delay can be frustrating.
What problems is the product solving and how is that benefiting you?
Drata keeps our SOC policies and requirements in one place. Drata's organization of information has streamlined our SOC preparations tremendously. The policy templates saved us a lot of time, as well!
Easy tool, valuable support
What do you like best about the product?
The team is always available to help with support and answering questions anytime
What do you dislike about the product?
Impossible to update personnel data uploading a csv
Some minor bugs with the system
Some minor bugs with the system
What problems is the product solving and how is that benefiting you?
Guide to get soc 2 compliance, automation
Great tool and platform to ensure everything is compliant with our policies.
What do you like best about the product?
The automated monitors and tests reporting on resources that are not compliant.
What do you dislike about the product?
Some bugs on the monitors forced us to change the way we do some things.
What problems is the product solving and how is that benefiting you?
We are using Drata to help get us SOC2 compliant.
Great platform, exceptional support
What do you like best about the product?
I like the customer support aspect the best -- Andrew, our assigned customer success rep has been super helpful with our on-boarding process. the platform is relatively straightforward and easy to use -- all for a great price!
What do you dislike about the product?
Maybe there is a way to streamline the policy documents a little bit more -- to me, that was the longest part of getting on-boarded on the platform - if there is a place I could suggest some improvement - that might be it -- we are a super small, early stage startup - having some guidance and an easier way to create the policy document could be great
What problems is the product solving and how is that benefiting you?
We need to be soc 2 type 2 compliant -- and for a small company with limited resources, we need a fair bit of hand holding to get there. Drata provides that with , along with a dedicated customer success agent to help you along the process
Amazing Support; Maturing Functionality
What do you like best about the product?
Our client success manager has really made our experience with Drata worth it. He is quick to reply with training and information, and when he doesn't have the answer, he finds it out. On a couple of items where Drata is unable to meet our needs, he hasn't ghosted us or left us in the dark--he has been honest and straightforward, which is an undervalued virtue when bearing bad news (more info on that in the next question).
What do you dislike about the product?
The AWS integration currently does not support access to our GovCloud region within the VPC. They are currently studying the regulations around this type of architecture, and I am assured that it will be supported in the future. They simply must do their due diligence--that's a good thing.
Additionally, their policy center is geared more for companies with less mature policy documentation. As we have a decade+ / 600+ pages of policy/proof, we didn't want to have to fit our "square peg" infosec policies into their "round hole" policy test interface, so I had to disable nearly half of the automatic tests. They inform me that they are working on a redesign to facilitate companies like ours with mature policy documents.
Additionally, their policy center is geared more for companies with less mature policy documentation. As we have a decade+ / 600+ pages of policy/proof, we didn't want to have to fit our "square peg" infosec policies into their "round hole" policy test interface, so I had to disable nearly half of the automatic tests. They inform me that they are working on a redesign to facilitate companies like ours with mature policy documents.
What problems is the product solving and how is that benefiting you?
So much is automated, and this is our first SOC 2 Type II audit, so I can't really say what life would be like with versus without Drata, but our CPA firm did provide a discount price on the audit when we told them we are using Drata as our readiness platform. The integrations are helpful, and either help us know where we can improve or affirm that our security controls are properly configured.
When a test fails, their documentation and instructions on how to get a test to pass is invaluable.
The Drata Agent (a lightweight app installed on each workstation) does some heavy lifting to ensure that each employee and their equipment are SOC 2-ready. Fantastic tool.
When a test fails, their documentation and instructions on how to get a test to pass is invaluable.
The Drata Agent (a lightweight app installed on each workstation) does some heavy lifting to ensure that each employee and their equipment are SOC 2-ready. Fantastic tool.
Recommendations to others considering the product:
Referring back to my two issues, Drata is not yet mature enough to easily handle:
1. Software system architecture within the AWS GovCloud region--Drata's API does not work with the API, and if you connect it to the VPC, tests will fail since all of your security controls will be configured in the GovCloud.
2. You will have to provide evidence of your policies manually if you choose not to use their policy template system. It is a lot of work.
1. Software system architecture within the AWS GovCloud region--Drata's API does not work with the API, and if you connect it to the VPC, tests will fail since all of your security controls will be configured in the GovCloud.
2. You will have to provide evidence of your policies manually if you choose not to use their policy template system. It is a lot of work.
showing 751 - 760