External reviews
External reviews are not included in the AWS star rating for the product.
Great compliance tool, although a little pricey
What do you like best about the product?
Drata has streamlined our security complance journey and made it easy to understand where our gaps are.
What do you dislike about the product?
The main downside for us as been the cost involved, additionally, there is limited support during our business hours as Drata are US based and we're in Australia, so things happen a little slowly.
What problems is the product solving and how is that benefiting you?
Drata and the connections to our services allow for a large amount of automation and gap anaysis, this has saved us a lot of time and manual checks.
- Leave a Comment |
- Mark review as helpful
Drata is the lifeboat to a drowning compliance team
What do you like best about the product?
1. Drata's compliance automation is a game changer. The available integrations allow a small compliance team to scale to an unlimited size organization. For example, vulnerability scanning, device monitoring, data security testing, policy, network infrastructure, risk assessment, and the list goes on. These were previously controlled and documented in independent places and my compliance team 1) struggled to manage all of the compliance evidence and 2) "pushed" the information to the SOC 2 auditor. Drata consolidates this into one portal and the auditor has on demand access. This truly is automated compliance.
2. Live chat support, compliance library, policy templates, risk assessment guide. The provided tools help you effectively set up a compliance program.
3. My vendor rep has been extremely helpful and available throughout the process. We meet every two weeks to ensure we are progressing sufficiently. But also, I appreciate that she understands everyone works at their own pace so is not pushing us if not necessary.
2. Live chat support, compliance library, policy templates, risk assessment guide. The provided tools help you effectively set up a compliance program.
3. My vendor rep has been extremely helpful and available throughout the process. We meet every two weeks to ensure we are progressing sufficiently. But also, I appreciate that she understands everyone works at their own pace so is not pushing us if not necessary.
What do you dislike about the product?
The vendor management functionality is lacking. Specifically, the questionairre function is very limited and not very useful.
What problems is the product solving and how is that benefiting you?
SOC 2 type 2 certification. We found Drata because of issues we were facing with a SOC 2 type 2 audit and I am so please we did!
I had trouble with a client of mine showing up on my auditor list.
What do you like best about the product?
I like the ability to automate compliance monitoring and evidence collection, signaficantly reducing the manual effort and speeding up the reporting proccess and timeline.
What do you dislike about the product?
The platform's rich feature set, while beneficial for larger organization with complex compliance requirements, can introduce unnecessary complexity for smaller teams. This can sometimes create a steeper learning curve.
What problems is the product solving and how is that benefiting you?
Drata streamlines compliance management, reducing the workload, enhancing security, and ensures clients are always audit ready.
An Excellent Product
What do you like best about the product?
As a one-person team for our GRC at my organization, Drata has become a daily essential tool for me to maintain our compliance and readiness. Drata is easy to use, integrates well with our major providers like AWS, has amazing customer support, and a fairly painless implementation process. I can sincerely say that our small organization would not be able to handle all the necessary requirements of compliance without the software and Drata support.
What do you dislike about the product?
Integration with AWS and other items can be your greatest uplift when purchasing the product, as well as getting used to the numerous Controls can be a bit overwhelming, but once you get used to it, everything is pretty straight-forward.
What problems is the product solving and how is that benefiting you?
Everything that has to deal with a GRC program for a small organization. I use drata for our SOC 2 Type 2 compliance needs, risk assessment and analysis, and keeping track of our annual evidence for our audits.
Drata
What do you like best about the product?
The in-app customer support can be very helpful
What do you dislike about the product?
Between the policies, monitoring tests and controls, the UX can become quite overwhelming.
What problems is the product solving and how is that benefiting you?
Provides a breakdown of all the actions required for our compliance and provides helpful templates for policies
Made our ISO certification much easier
What do you like best about the product?
- Predefined policy templates for ISO
- Drata Agent for automatical compliance checks
- Automated monitoring for controls
- Special access for Auditors makes certification much easier
- Integration with many tools (Atlassia, AWS, Azure, etc)
- Customer support answer quite fast
- Drata Agent for automatical compliance checks
- Automated monitoring for controls
- Special access for Auditors makes certification much easier
- Integration with many tools (Atlassia, AWS, Azure, etc)
- Customer support answer quite fast
What do you dislike about the product?
- No open info about prices
- Additional features are quite expensive
- Additional features are quite expensive
What problems is the product solving and how is that benefiting you?
Drata provides structured approach to keep all necessary documents, policies and controls for ISO 27001 in one place.
Seamless Compliance Management with Exceptional Support
What do you like best about the product?
We’ve been impressed by how intuitive and user-friendly Drata’s platform is. The onboarding process has been a breeze, and the step-by-step guidance helped us quickly set up compliance controls without feeling overwhelmed. The integrations with our existing tools (like AWS, Google Workspace, and Slack) were straightforward, and being able to continuously monitor our compliance status in real time has made our lives much easier.
Another standout has been their customer support. We recently set up a custom domain for our Public Trust page, and Drata’s team (specifically Christobal) was very responsive and knowledgeable, helping us troubleshoot DNS records in real time. Their attention to detail and willingness to go the extra mile made the entire process stress-free.
Another standout has been their customer support. We recently set up a custom domain for our Public Trust page, and Drata’s team (specifically Christobal) was very responsive and knowledgeable, helping us troubleshoot DNS records in real time. Their attention to detail and willingness to go the extra mile made the entire process stress-free.
What do you dislike about the product?
While Drata’s feature set is robust, there is a slight learning curve when it comes to fully leveraging all of its advanced features. Also, one specific area for improvement is the Trust Center requests workflow. We’d love to see tighter integration with tools like Slack—for instance, automatic notifications or messaging capabilities for incoming Trust Center requests so our team can respond quickly without leaving our primary communication tool.
What problems is the product solving and how is that benefiting you?
Drata is helping us centralize and streamline our compliance processes across multiple frameworks—including CCPA, GDPR, and SOC 2—so we no longer have to juggle multiple, disjointed tools or spreadsheets. By automating evidence collection and providing real-time monitoring of our controls, Drata saves us significant time and resources while ensuring we remain audit-ready. This unified approach not only reduces our operational overhead but also boosts trust with customers who need transparency into our compliance posture.
MFA issue
What do you like best about the product?
The team and the through SOPs! Zack and Dante, where instramental in solving this problem and they were super through.
What do you dislike about the product?
Had to wait a bit during shift changes but not a big deal
What problems is the product solving and how is that benefiting you?
Automating our compliance audits, and our security audits
A complete product offering more tools and features tailored for a GRC program.
What do you like best about the product?
Customer support and seamless integration across all app components, offering plenty of useful features for us.
What do you dislike about the product?
The UI isn’t intuitive and needs updates to make it more engaging.
What problems is the product solving and how is that benefiting you?
GRC, SOC 2, Vendor Managaement, Risk Management and more
Accelerator for our re-certification of ISO 27001:2022
What do you like best about the product?
- Built-in frameworks, controls and monitors
- Excellent risk management
- Great support
- Excellent risk management
- Great support
What do you dislike about the product?
- Connectors should be more configurable
What problems is the product solving and how is that benefiting you?
Continuous Compliance in a modern and automated way
showing 31 - 40