External reviews
External reviews are not included in the AWS star rating for the product.
Great software and even better people
What do you like best about the product?
With its intuitive and well-laid-out interface, Drata makes it a pleasure to track compliance controls and policies. It has certainly saved countless hours. Our customer success manager, Gabe, is very knowledgeable and quickly gets us answers to any of our compliance questions. When compared to other similar products, or even tracking compliance manually, Drata is a no-brainer.
What do you dislike about the product?
Drata is missing some features, such as an API, but new features and integrations are being added all the time and now the API is in beta (as of this writing 12-2022).
What problems is the product solving and how is that benefiting you?
Tracking compliance controls and policies, as well as providing proof of compliance to customers.
- Leave a Comment |
- Mark review as helpful
Drata makes completing compliance objectives much easier!
What do you like best about the product?
We reviewed five or so compliance platforms before ultimately settling on Drata. The user experience is superb. The integrations and automation tools are a real timesaver. The support is always responsive, and it really helps that there is an experienced team behind Drata. Questions that come up about meeting controls in the spirit of the framework often seem like answers could waver one way or the other, and they've been able to help us out. Gabe is one of the best customer success managers I've ever worked with. He's highly positive and knowledgeable. He does an excellent job keeping us on track to meet our compliance objectives. I often feel like our feedback is heard as we get updates on the development roadmap.
What do you dislike about the product?
The Drata Agent doesn't pick up our Windows BitLocker encryption, so we have to manually upload evidence to support that. Drata is aware of this limitation and is working on ways to improve it. We keep a lot of evidence in an external documentation system since most of it already exists there. Sometimes adding this evidence gets repetitive, but Drata is aware of the feedback (internal evidence or policies don't have this issue). The big takeaway here is that there's not much to dislike, and even if we find something, I have no problem mentioning it because I feel like we have a real chance of that feedback becoming an improvement later.
What problems is the product solving and how is that benefiting you?
Drata is helping keep our compliance efforts across multiple subsidiaries and security frameworks all in one spot. We can use automation and integrations to monitor evidence in ways we wouldn't have been able to with a spreadsheet or ticket system. It's a force multiplier for our small team.
I think for our team, the big win is the level of experience the support team has and that this support is available with the cost of the platform. We had so many questions answered that brought things to light for us. The other platforms we evaluated did not offer this.
I think for our team, the big win is the level of experience the support team has and that this support is available with the cost of the platform. We had so many questions answered that brought things to light for us. The other platforms we evaluated did not offer this.
Organized and automated compliance and security platform
What do you like best about the product?
Customer Support is great, integrations are easy to use. Security monitoring across our systems gives peace of mind. Having all of our policies in one location with yearly reminders to keep updated is so incredibly helpful.
Drata empowers small companies to take on the compliance process which is normally reserved for big companies with large IT teams.
Drata empowers small companies to take on the compliance process which is normally reserved for big companies with large IT teams.
What do you dislike about the product?
It is fairly expensive to use their platform and the platform cost does not include security testing or auditing. Luckily, Drata has a small company / startup discount.
The process of getting SOC-2 or other types of compliance is long and complicated. Drata makes it easier and way more organized, but it is still a large commitment for any company.
The process of getting SOC-2 or other types of compliance is long and complicated. Drata makes it easier and way more organized, but it is still a large commitment for any company.
What problems is the product solving and how is that benefiting you?
Compliance and security monitoring.
Best service to automate SOC2 compliance process
What do you like best about the product?
- Drata supports integration with major cloud services to collect evidence for SOC2
- Policy templates save us ton of time
- Customer support team is already there to help us
- Policy templates save us ton of time
- Customer support team is already there to help us
What do you dislike about the product?
- Nothing major but UX could be improved a little bit. For example, providing "sync" button for each connection to sync data again from cloud service and improve experience of mapping Github accounts with Google Workspace employee
What problems is the product solving and how is that benefiting you?
It is helping us achieve SOC 2 certification which of course improves our application security and process but also helps us to get more B2B customers by providing the trust to customers
Excellent experience and support for our SOC2 and ISO certification
What do you like best about the product?
Quite comprehensive solution, well-organized frameworks, and allowed us to automate many functions in compliance. Company provided very good support.
What do you dislike about the product?
Since Drata is checking so many portions of our infrastructure, it generates many notifications. These are all valid, however the burden is on us to resolve them or override them. This is more of a challenge on our side than on Drata's, but the resulting checks and balances can easily become time that we must manage carefully.
What problems is the product solving and how is that benefiting you?
Drata manages all of the content which is used in our audit. Drata provides good tools for the auditor to access that content. Drata lets us upload any report or content for the audit process. It forms a really useful 'system of record' for compliance information. It organizes controls by framework in a useful way.
Customer Support 10/10
What do you like best about the product?
The customer support from Drata was incredible, very timely and thoughtful responses. We worked with Mike Mechling specifcially and he always took the time to meet with us and made our feel like a priority.
What do you dislike about the product?
Not applicable. All of the experiences we had with the Drata team were positive. They took the time to listen to our requirements, and we never had to remind them about follow-ups; they were very focused and cared about their customers.
What problems is the product solving and how is that benefiting you?
Drata is helping our team become Soc-2 compliant, which will allow our company to work with larger organizations since this is a hard requirement. Their platform has also helped us remain more organized by providing a central location for all critical information.
Extremely helpful for our SOC2 effort
What do you like best about the product?
The team checkins with Elise Spitzer have been outstanding. She is knowledgable and insightful in assisting us with the tooling and the recommendations.
What do you dislike about the product?
Rarely the UI has some quirks with regard to things snapping in or disappearing.
What problems is the product solving and how is that benefiting you?
SOC2 Type 2 Readiness as well as HIPAA, specifically around evidence collection and streamlining the whole process.
Enabled us to do months of tedious work in days!
What do you like best about the product?
The fact that there are predefined processes and the fact that there is an autmotaic, comprehensive and ongoing monitoring and checking of our infrastructure, enabled us to quickly find out the items we needed to resolve these issues. There are already a ton of guides and wikis provided by Drata on how to resolve specific issues on different platforms ( Azure, AWS, etc.). This, again, made it very easy for us to resolve issues quickly without needing outside help. Drata also recommended many other businesses, such as security companies providing background checks for our employees and prospects, which seamlessly integrate with Drata. One of the most important and helpful aspects was the Drata customer success manager, Elise, who set up regular meetings with us to ensure we had all we needed to achieve our goals, and provided very accurate and timely advice.
What do you dislike about the product?
Automatic integration of Drata agent with our infrastructure helped us tremendously. However, there are a few things there that can be improved ( which are probably very platform specific). For example, the ability to create a rule within Drata to automatically mark external users as out of scope. Besides these minor features, there is not much that I don't like about this platform.
What problems is the product solving and how is that benefiting you?
Drata is helping us to acquire our SOC2 and ISO certifications and also provides ongoing compliance monitoring of our cloud infrastructure. If any of our infrastructure features are non-compliant with the criteria ( controls that ensure security, availability and confidentiality of the company and customer data and ensure business continuity and process efficiency), Drata platform identifies them and reports them to us, and suggests quick remediation to stay compliant.
Invested in making our compliance journey a success
What do you like best about the product?
The automation of evidence collection once you hook up connectors. Also, Drata's customer support is very quick to respond and knows how to best reach the goal you are looking to achieve. Tayler Gase is our CSM and is very helpful in scheduling calls and responding to inquiries whenever we need help with the tool. She's also scheduled proactive check-ins to make sure we are getting the most value out of Drata.
What do you dislike about the product?
The number of controls included within a certification, can be overwhelming at first, but once you familiarize yourself and the team on how to use the tool, it becomes easier to use.
What problems is the product solving and how is that benefiting you?
Automating and fast-tracking our company's compliance goals. We are able to complete and upload control evidence for multiple certification frameworks by tackling the common denominator controls that span across different frameworks. This, along with evidence collection, refresh reminders, helps us keep on top of our control implementations and recertification journey.
Amazing product with a knowledgeable team behind it and incredible support
What do you like best about the product?
The product is easy to use and understand. Compliance is boring and complicated, but Drata somehow made it a little more accessible and user-friendly with their platform. However, the best thing about Drata is their knowledgeable team. Out of all the options we evaluated, Drata's team was by far the one providing the most information not just about their product, but also about the SOC2 and GDPR processes. They know their stuff when it comes to compliance and they know how to help you understand what needs to be done. Their documentation is thorough and well-written. They have a stellar team, excellent communication and fantastic support!
What do you dislike about the product?
We've been customers of Drata for close to a year now and so far, there is nothing I can point to that we dislike. It would be great if their support hours matched our time zone, but this is really not a big deal and we are making it work as is.
What problems is the product solving and how is that benefiting you?
Drata's platform simplifies compliance. In our case, we used Drata for SOC2 and for GDPR. It literally saved us hundreds of hours and many dollars in consulting fees.
showing 401 - 410