Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Amazing customer support by Pablo.
What do you like best about the product?
Best Connectivity capabiltiies they have on their tool.
What do you dislike about the product?
It would be great if you could provide mor information from an audit perspective.
What problems is the product solving and how is that benefiting you?
Security Compliance
- Leave a Comment |
- Mark review as helpful
A great platform that is growing with our capabilities and maturity
What do you like best about the product?
Being able to manage 8 different security compliance frameworks on one platform with only one FTE! The customer sucess team is also great and very much focused on building a long-term relationship...this was the clincher for us. (A big shout out to Alex and Aoife)
What do you dislike about the product?
Some capabilites are maturing slower than others (such as risk and asset management) .
What problems is the product solving and how is that benefiting you?
Managing multiple compliance frameworks, as well as general GRC activities, with limited resources.
Great compliance automation tool, great UX, easy to navigate.
What do you like best about the product?
Drata has been great to map from the ISO 27001 framework requirements to actual controls. Whilst it doesn't replace compliance activities, it has sped up our alignment of our existing process to the ISO 27001 framework controls. The in-built policies have been great to use a base for review and sometimes wholly draft new policies. The risk assessment area is also very good for keeping and scoring risks.
Finally the automation of controls is very good and suited to our environment (circa 150 employees + AWS infratructure). The tool makes it easy to disable tests (where not appropriate) or exclude particular items from the test (and justify this). The raw evidence is often very helpful for troubleshootin why our infrastructure may fail a particular test.
Their customer success folk are absolutely excellent and work with you the whole way, and the interface is very intuitive and so it's as 'self-service' as you can imagine. The onboarding of the various integrations/connections was seamless with little need for help.
During the "getting compliant", Drata has been used pretty mcuh every day by the security team in order to keep track of progress.
Finally the automation of controls is very good and suited to our environment (circa 150 employees + AWS infratructure). The tool makes it easy to disable tests (where not appropriate) or exclude particular items from the test (and justify this). The raw evidence is often very helpful for troubleshootin why our infrastructure may fail a particular test.
Their customer success folk are absolutely excellent and work with you the whole way, and the interface is very intuitive and so it's as 'self-service' as you can imagine. The onboarding of the various integrations/connections was seamless with little need for help.
During the "getting compliant", Drata has been used pretty mcuh every day by the security team in order to keep track of progress.
What do you dislike about the product?
Dislike is a strong word. Given the relative youngness of the company, there are a few rough edges spread around none of which stop getting the value from the tool. It sometimes feel like the tool is geared more towards "keeping compliant" than "getting compliant" - which of course will be the vast majority of the platform's use.
Occasionally, the platform is a little limited (integrating with Enterprise Intune policies needs to be done in a very particular way) - though this we managed to overcome with the help our Customer Success manager. In other areas, we disagreed with some of the automated monitoring tests and their implementation (for example around production access to Gitlab). but that was overcome by using their API to upload evidence automatically from a small CI/CD job and disabling that single test. On the whole, we use almost every test provided by Drata out of the box.
Occasionally, the platform is a little limited (integrating with Enterprise Intune policies needs to be done in a very particular way) - though this we managed to overcome with the help our Customer Success manager. In other areas, we disagreed with some of the automated monitoring tests and their implementation (for example around production access to Gitlab). but that was overcome by using their API to upload evidence automatically from a small CI/CD job and disabling that single test. On the whole, we use almost every test provided by Drata out of the box.
What problems is the product solving and how is that benefiting you?
It's helping ensuring that as we rework our policies, ways of working, etc, that we are algining to ISO 27001 and helping us formalise and identify activities we were already doing. Ultimately, it will help us with the ongoing compliance by prompting for regular activities to be performed, highlighting where we've departed from standards/policies immediately within 24 hours, etc.
Great tool with a great team behind
What do you like best about the product?
Very easy-to-use tool with a lot of functionality provided out of the box. On top of this, the team is super supportive and responsive.
What do you dislike about the product?
When following a particular framework, ISO 27001:2022 in our case, it makes it difficult to get a clear overview of controls required within the framework, statement of applicability. So we had to develop a different overview we used for audit purposes to show the controls, whether they are applicable to us or now and how they are implemented (where we linked all relevant Drata controls). So was a bit of a work around.
What problems is the product solving and how is that benefiting you?
Automated monitoring, risk management, controls management, evidence library.
Excellent platform, all my security and compliance data in one solution, perfect.
What do you like best about the product?
I like that I can conduct all my GRC activities on one platform, and get instant feedback and dashboards to show my current level of compliance. In addition, the automation has helped increase efficiency exponentially.
What do you dislike about the product?
It would be usefull to be able to manage all my risk in one area, however, I am informed that an enterprise risk module is being released shortly.
What problems is the product solving and how is that benefiting you?
It is automating and therfore making security, risk, and thrid party management more efficient.
SOC2 compliance experience with Drata
What do you like best about the product?
Drata is pretty easy to use once you understand how the user interface is setup. The detailed guide in every step has been very helpful.
What do you dislike about the product?
Initially the UI was a little confusing. I can never talk to a live person under help option right away but they have a good customer team who are easy to reach through email.
What problems is the product solving and how is that benefiting you?
It streamlines the compliance process and reduces manual effort.
Good GRC platform, with several frameworks included.
What do you like best about the product?
It includes several frameworks, like PCI DSS, SOC2 and ISO.
What do you dislike about the product?
Connection for Orca Vulneranility scanner not available yet.
What problems is the product solving and how is that benefiting you?
It shows all of the controls required for each framework, evidence and policies can be uploaded there.
Drata offers expert support!
What do you like best about the product?
Drata streamlines compliance journey from start to audit-ready and provides professional support from its team of security and compliance experts, specially Ali!
And I would like to take a moment to commend her (Ali) for an exceptional efforts and dedication. She has consistently gone above and beyond in providing assistance, following up on meetings, and keeping us updated on Drata.
Ali’s proactive approach in ensuring that the our team remains as compliant as possible has been invaluable. Her diligence and commitment to excellence are truly commendable and have greatly contributed to the success of our compliance efforts.
We appreciate Ali’s hard work and dedication!
She's truly an asset!
And I would like to take a moment to commend her (Ali) for an exceptional efforts and dedication. She has consistently gone above and beyond in providing assistance, following up on meetings, and keeping us updated on Drata.
Ali’s proactive approach in ensuring that the our team remains as compliant as possible has been invaluable. Her diligence and commitment to excellence are truly commendable and have greatly contributed to the success of our compliance efforts.
We appreciate Ali’s hard work and dedication!
She's truly an asset!
What do you dislike about the product?
None .
What problems is the product solving and how is that benefiting you?
Drata helps streamline and simplify the SOC 2 compliance. It continuously monitors the systems and collects evidence needed for SOC 2 audits, reducing manual effort. The platform offers a real-time dashboard to track your compliance status, highlighting any gaps that need attention. It provides templates and frameworks tailored for SOC 2, making it easier to implement and maintain necessary controls.
Drata integrates seamlessly with tools and platforms you already use, such as cloud providers and project management systems, ensuring smooth data collection and monitoring. The security and compliance experts offer support to help you navigate the SOC 2 process and prepare for audits effectively. By automating key tasks and providing expert support, Drata helps you achieve and maintain SOC 2 compliance more efficiently.
Drata integrates seamlessly with tools and platforms you already use, such as cloud providers and project management systems, ensuring smooth data collection and monitoring. The security and compliance experts offer support to help you navigate the SOC 2 process and prepare for audits effectively. By automating key tasks and providing expert support, Drata helps you achieve and maintain SOC 2 compliance more efficiently.
experience has been fruitful was able to get most of our systems integrated
What do you like best about the product?
can house documents able to integrate with most softwares
had Outstanding support from Craig Macaraeg as our support/enginner with questions we had and his expertise was very helpfull
had Outstanding support from Craig Macaraeg as our support/enginner with questions we had and his expertise was very helpfull
What do you dislike about the product?
Although it integrates with various applications, its performance in certain apps, such as Rippling, is suboptimal. Specifically, it fails to retrieve certain policies set on devices and experiences delays in updating, with some updates taking longer than 24 hours to reflect.
What problems is the product solving and how is that benefiting you?
coompliance for Hipaa and soc2
Drata review and recommendation
What do you like best about the product?
Drata makes the entire process for compliance reports not only easy, but repeatable.
What do you dislike about the product?
I'd really like a built-in dark mode. :)
What problems is the product solving and how is that benefiting you?
Drata makes it easy to stay organized. There is far too much to keep track of manually or in spreadsheets, and Drata keeps the tasks more streamlined with reminders and follow-ups.
showing 51 - 60