External reviews
External reviews are not included in the AWS star rating for the product.
A top notch, total portal for SOC reviews
What do you like best about the product?
Drata was easy to implement and provided an accurate place to upload our evidence. It gave us frameworks so that our guidance in our SOC 2 review was quickly done - we received our audit results in practically no time thanks to Drata's system.
What do you dislike about the product?
The only real downside we experienced with Drata was the occasional glitch with internal testing. The help desk was able to resolve any of those issues quickly.
What problems is the product solving and how is that benefiting you?
Drata helped us with our SOC 2 certification - this benefits us as it gives our business a lift among our clients and provides us with the needed tool to get in the door with further clients.
- Leave a Comment |
- Mark review as helpful
Great product and support!
What do you like best about the product?
Drata's been a great solution partner for our firm, Bright Defense. We've been very happy with the technology, the pace of innovation, their intregrations, and their support.
What do you dislike about the product?
Drata is a fantastic product, but it is priced in the premium tier of compliance automation platforms. There are cheaper solutions, but they offer less functionality.
What problems is the product solving and how is that benefiting you?
Drata automates the compliance journey for our clients.
GRC platform for companies that take risk management seriously
What do you like best about the product?
It is a very complete package. My team and I do audits and risk management integration daily. It is straight forward to work with. Everything is there, and it is so convenient for us to work with. Risk Management within an organization is a discipline, a commitment within the organization that risk management is more important than internet access. GRC becomes the public face of the collective strategic risk initiatives. It is a place to share risk efforts with auditors, regulators, clients and leads.
The platform is complex, but it makes sense in it's role within risk management.
The platform is complex, but it makes sense in it's role within risk management.
What do you dislike about the product?
The interaction with auditors focuses around the DCF (Drata Control Framework) rather than a specific framework control (like SOC2, ISO, etc). I know that Drata is using that to increase coverage of more frameworks. However, forcing auditors to use DCF rather than an ISO control is a bit of a nuisance.
Despite that, auditors have figured it out. This is a small inconvenience and not a major stopper.
Despite that, auditors have figured it out. This is a small inconvenience and not a major stopper.
What problems is the product solving and how is that benefiting you?
GRC is an agnostic platform that becomes the single source of truth for risk management. If this is accepted, customers, leads, regulators, auditors and more, never have to go further than trusting the information displayed by Drata.
It becomes a place to shape the forward looking risk mission of an organization and then share that with others.
It has to be a trusted platform onto which controls, standards, policies, evidence and SOPs are published. It needs to be the definitive source of this information and this has to be trusted by all without question. Drata is critically used for clients acheiving and maintaining regulatory compliance and security certifications year over year. It has to be a credible and agnostic platform, trusted by external reviewers and auditors.
It excels at those requirements.
It becomes a place to shape the forward looking risk mission of an organization and then share that with others.
It has to be a trusted platform onto which controls, standards, policies, evidence and SOPs are published. It needs to be the definitive source of this information and this has to be trusted by all without question. Drata is critically used for clients acheiving and maintaining regulatory compliance and security certifications year over year. It has to be a credible and agnostic platform, trusted by external reviewers and auditors.
It excels at those requirements.
Moved from SecureFrame and loving this
What do you like best about the product?
So many great features and the ease of use
What do you dislike about the product?
I don't know of any real downsides from where I sit
What problems is the product solving and how is that benefiting you?
Drata is helping us with our SOC-II compliance. I love how it simplifies this complex process.
Streamlined the SOC2 requirements from Scratch
What do you like best about the product?
They really streamlined and automated alot of the tasks that require SOC 2 compliance. They also send reminders and have due dates around tasks needing to be completed, so for smaller companies with limited resources, it really helps to make sure we are continually staying compliant. We continue to login and use the system monthly and their customer support is extremely responsive and helpful when it is necesary.
What do you dislike about the product?
The main thing I have trouble with in Drata is the expansive set of different frameworks they support and me wanting to align to all of them, but with a small team I can not stay on top of it all, but for larger companies this would be a benefit.
What problems is the product solving and how is that benefiting you?
Unknown requirements when first starting out and understanding what the compliance standards are along with gathering of evidence to satisfy the auditors.
Game Changing
What do you like best about the product?
Drata has truly been a game-changer for our organization’s compliance and security processes.
Drata’s user-friendly interface is intuitive, and the platform’s ability to continuously monitor and track our compliance status in real-time is incredibly valuable.
What really stands out is the level of support Drata provides. They've even made changes to their product based on some of our feedback.
Overall, Drata has been an essential tool for our team. It has not only helped us stay compliant but also enhanced our overall security posture.
Drata’s user-friendly interface is intuitive, and the platform’s ability to continuously monitor and track our compliance status in real-time is incredibly valuable.
What really stands out is the level of support Drata provides. They've even made changes to their product based on some of our feedback.
Overall, Drata has been an essential tool for our team. It has not only helped us stay compliant but also enhanced our overall security posture.
What do you dislike about the product?
We encountered some complications integrating with Google Workspace due to our company’s organizational structure. We could only link one account, which required a complex consolidation of multiple Workspace accounts, that did add some additional costs when onboarding.
What problems is the product solving and how is that benefiting you?
Drata is helping us achieve our goal of SOC 2, ISO 27001, and HIPAA compliance
Drata usage
What do you like best about the product?
The Drata Control Framework enables the team to quickly build up our compliance program to meet multiple compliance frameworks. Drata has a significant number of integrations that are easy to set up and help us monitor our controls.
What do you dislike about the product?
We would like a simpler licensing model for companies that need to comply with many compliance frameworks (5+) with multiple scopes.
What problems is the product solving and how is that benefiting you?
Managing our compliance requirements, coordinating with external and internal stakeholders. Facilititing evidence collection for audits.
Rachel was super helpful and checking with me several times to make sure that my issues were solved.
What do you like best about the product?
User friendly and good support when needed.
What do you dislike about the product?
It might take some time before you chat to an agent but that is rarely.
What problems is the product solving and how is that benefiting you?
Remaining compliant for SOC 2
Hard Process made easy
What do you like best about the product?
For most companies compliance is a checkbox they need to get done for legal reasons or to enhance their standing in the market to be SOC2 certified. Without Drata to guide me thru the processs, I would just say our company is "not SOC2, sorry".
What do you dislike about the product?
Nothing comes to mind thus far. I think they have done a great job in making the UX and process easy.
What problems is the product solving and how is that benefiting you?
Allowing us to get thru the process of being certified without having any knowledge of how to do it.
The only way to manage audits. Period.
What do you like best about the product?
Ease of use and time saving efficiencies to meet our compliance objectives. Has changed how audits are conducted considerably so
What do you dislike about the product?
Hopefully they'll support automated onboarding of devices through integrations like MDM soon.
What problems is the product solving and how is that benefiting you?
Managing audits, ensuring device compliance, asset tracking, and access reviews.
showing 51 - 60