External reviews
External reviews are not included in the AWS star rating for the product.
A compliance and customer-centric product and company culture!
What do you like best about the product?
We are using the Drata platform for monitoring our HIPAA and SOC2 compliance status! Working with the Drata team has been a breeze since Day 1. The platform receives regular updates that help us align our organization's controls and measures with the law and stay current with industry standards. The Drata team is a set of talented and committed individuals who demonstrate commitment toward their customers and are well-versed with the features and how they apply to different compliances.
Our Customer Success Manager Nick Chapman has gone above and beyond to ensure we have all the information we need and even connected us with the audit and technology team if the issues require expert advice.
Our Customer Success Manager Nick Chapman has gone above and beyond to ensure we have all the information we need and even connected us with the audit and technology team if the issues require expert advice.
What do you dislike about the product?
Honestly, there is nothing that I dislike about the product or Drata's support. Like with anything new, there is a slight learning curve to using the product, and getting employees onboarded on the platform seems daunting at first. However, Drata makes it easy to adhere to and monitor the compliances.
What problems is the product solving and how is that benefiting you?
From a small organization perspective, before Drata, it was not easy to make sense of compliance requirements and keep up-to-date. Drata brings everything under one hood and provides both technical and business support. Their team is very prompt and clear in their responses. They will work with you day and night, regardless of time constraints, and ensure that goals and objectives are met.
- Leave a Comment |
- Mark review as helpful
Excellent product to speed up the ISO27001 or HIPAA certification process and managing all topics
What do you like best about the product?
- Continuous monitoring of evidence (AWS, MongoDB, Office 365 etc.)
- Simple process to provide evidence for ISO27001 or HIPAA controls.
- We have the best customer success manager (Gabe :) )!
- The support is really helpful and responsive. Recommending also other tools that can be helpful in the process.
- Nice UI/UX of the product
- Sample policies already included
- AWS access is with AuditRole and not with reading access as some competitors.
- Simple process to provide evidence for ISO27001 or HIPAA controls.
- We have the best customer success manager (Gabe :) )!
- The support is really helpful and responsive. Recommending also other tools that can be helpful in the process.
- Nice UI/UX of the product
- Sample policies already included
- AWS access is with AuditRole and not with reading access as some competitors.
What do you dislike about the product?
I have nothing to report here...sorry :)
What problems is the product solving and how is that benefiting you?
ISO27001 & HIPPA compliance and certification
Drata provides confidence for SOC 2 efforts
What do you like best about the product?
The ease of using the tool. it organizes information
What do you dislike about the product?
lack of integrations with some tools we use
What problems is the product solving and how is that benefiting you?
Preparing for SOC 2 examination. Assists with identifying areas we need to work on.
Intuitive interface and compliance team to make SOC 2 compliance easy
What do you like best about the product?
Drata greatly increased our speed and knowledge while decreasing the number of hours required from our team to get SOC 2 compliant. We really like the ability to check all of our W2 employee's and contractors' compliance in one simple place as well as the continuous monitoring of our security items. Without the continuous monitoring, it would have taken us a lot of time to ensure our security items are still compliant over time (especially for SOC 2 Type 2 which has a longer monitoring period).
Drata's available compliance team was also super valuable and easy to communicate within the web application. We had many questions on best practices and how to ensure compliance on certain items that the compliance team made easy.
Drata's available compliance team was also super valuable and easy to communicate within the web application. We had many questions on best practices and how to ensure compliance on certain items that the compliance team made easy.
What do you dislike about the product?
There were a few items we had to complete for our SOC 2 compliance with our auditor company that was outside of the Drata platform. However, this was fairly minimal and might be specific to just what the auditor looks at.
What problems is the product solving and how is that benefiting you?
Solving SOC 2 compliance in a short period without sacrificing quality. We received our SOC 2 compliance is a much faster timeline (< 2 months) with a lot less work because of Drata.
Seamless automated compliance monitoring based on systems available to connect
What do you like best about the product?
Automated tests that runs everyday and the detailed Raw test evidence gives us a granular view of non compliant controls. DRATA technical architects are great to work with and gives us regular insights on how to fix the errors to increase our compliance percentage. SOC2 automated evidence gathering and providing results to auditors becomes a frictionless effort for cloud native organizations. The available frameworks keeps growing in DRATA and happy to be part of the product journey.
What do you dislike about the product?
Like to see more connections in DRATA to Cloud native systems that cover key cyber domains. Like to see more IAM capabilities and support for multiple IDP's. More insights into failed results within Raw test evidence and extrapolating that for analysis could be more mature.
What problems is the product solving and how is that benefiting you?
DRATA showed us what infrastructure controls failed, why they failed and how to remediate them. This will help us improve our overall SOC2 compliance posture as well as reduce cyber risk from misconfigured infrastructure
Couldn't imagine a better experience to get on track for SOC2
What do you like best about the product?
Drata provided value to us on day 1. They were able to get us set up with compliant policies and a generated compliance summary report that we could share with customers even before we had our SOC2 report.
As we worked to get fully certified, the team was exceedingly helpful with resources, referrals, and one-on-one help to get us to the SOC2 certification. I can't imagine a better experience.
As we worked to get fully certified, the team was exceedingly helpful with resources, referrals, and one-on-one help to get us to the SOC2 certification. I can't imagine a better experience.
What do you dislike about the product?
Honestly, not much. The team has been amazing, the platform has been stable, and they have always been extremely quick to help us solve any questions or concerns.
What problems is the product solving and how is that benefiting you?
We initially were interested in SOC2, but now are pursuing GDPR as well because the system has been so reliable and easy to set up. Even before we were certified, the automated reports they generated helped us pass customer security reviews, which was a huge win.
Quality is going down, price is going up.
What do you like best about the product?
The account managers and security experts they make available are a huge help on understanding the nuances of compliance
What do you dislike about the product?
The platform has not always been the most user-friendly. The quality has deteriorated over the last year or so, while they continue to raise their prices. We no longer get one-on-one meetings with a compliance manager, and our account managers keep changing.
What problems is the product solving and how is that benefiting you?
We are getting through SOC 2 compliance for much less than if we hired an outside compliance consultant.
Tremendous Guidance and Support Throughout the Process
What do you like best about the product?
Ali and the Drata team have been highly responsive and supportive throughout the process. It gave our team a lot of confidence knowing that we had someone we could reach out to with questions or challenges at any time. Beyond that, Drata makes the process very clear and they are willing to pull in other domain experts on their team as needed.
What do you dislike about the product?
Honestly, there hasn't been any aspect of our relationship that we have disliked. We are looking at working with Drata for other compliance efforts given how smooth our initial experience has been.
What problems is the product solving and how is that benefiting you?
We started our engagement with Drata with a focus on SOC 2 compliance. Ali and the team were ready to dive in and got the process off to a great start and supported us at every step. Now, we are looking forward to Drata's help on other compliance efforts in the future.
Recommendations to others considering the product:
We spoke to several vendors before moving forward with Drata and encourage you to do the same.
Drata is a great partner that improves your security and makes audit periods easier.
What do you like best about the product?
I love all the automatic controls they have, and how they handle the different roles (CISO, auditor, etc.)
As it is continuous it helps you to keep the same level of security the whole year, not just before being audited.
As it is continuous it helps you to keep the same level of security the whole year, not just before being audited.
What do you dislike about the product?
It's a fairly young tool, and sometimes you'll find some filtering or things that are not working as expected. Not too bad, but they have some quality issues in the front-end sometimes. The controls works good and are reliable in my opinion.
What problems is the product solving and how is that benefiting you?
Keep your system secure and ready to be audited all the time during the year.
Drata made SOC 2 compliance for our lean team, reducing risk and unblocking our sales pipeline
What do you like best about the product?
Canned policy documents, automated compliance testing with best practices built-in
What do you dislike about the product?
Some of the cloudwatch monitor alerts could be smarter to see that you are monitoring all instance instead of individual instances.
What problems is the product solving and how is that benefiting you?
Outsourcing some (a lot?) of the work required to be SOC 2 compliant which reduces risk and unblocks our sales pipeline.
showing 801 - 810