External reviews
External reviews are not included in the AWS star rating for the product.
A top notch, total portal for SOC reviews
What do you like best about the product?
Drata was easy to implement and provided an accurate place to upload our evidence. It gave us frameworks so that our guidance in our SOC 2 review was quickly done - we received our audit results in practically no time thanks to Drata's system.
What do you dislike about the product?
The only real downside we experienced with Drata was the occasional glitch with internal testing. The help desk was able to resolve any of those issues quickly.
What problems is the product solving and how is that benefiting you?
Drata helped us with our SOC 2 certification - this benefits us as it gives our business a lift among our clients and provides us with the needed tool to get in the door with further clients.
- Leave a Comment |
- Mark review as helpful
Great product and support!
What do you like best about the product?
Drata's been a great solution partner for our firm, Bright Defense. We've been very happy with the technology, the pace of innovation, their intregrations, and their support.
What do you dislike about the product?
Drata is a fantastic product, but it is priced in the premium tier of compliance automation platforms. There are cheaper solutions, but they offer less functionality.
What problems is the product solving and how is that benefiting you?
Drata automates the compliance journey for our clients.
Great Compliance Software for Small to Medium Business
What do you like best about the product?
- Easy to use and understand.
- Support staff are quick and communicate well.
- Product is evolving with its clients.
- Support staff are quick and communicate well.
- Product is evolving with its clients.
What do you dislike about the product?
- Because the product is constantly improving, some features feel incomplete
What problems is the product solving and how is that benefiting you?
Drata provides us with a robust "Governance, Risk, and Compliance" toolset which makes internal and external auditing easier for our small team. By consolidating major trust and GRC functions into a single platform for a reasonable cost, it makes aligning with our security requirements and frameworks much more manageable. At a glance, we can review and monitor all the major GRC requirements, such as our alignment with security controls, our Risk Management program, our Vendor Management process, and our Policy management.
Reliable security management platform for SOC2
What do you like best about the product?
- User friendly interface and easy to setup for users
- Continuous monitoring of systems ensures our organization stays compliant in real time
- Seamless integrations with a wide varitey of other control tools
- Automates many compliance tasks, such as evidence collection and report generation, saving significant time and reducing manual work
- Able to review audits at all times
- Comprehensive security framework support
- Excellent customer support
- Centralized dashboard
- Customizable policies and controls
- Continuous monitoring of systems ensures our organization stays compliant in real time
- Seamless integrations with a wide varitey of other control tools
- Automates many compliance tasks, such as evidence collection and report generation, saving significant time and reducing manual work
- Able to review audits at all times
- Comprehensive security framework support
- Excellent customer support
- Centralized dashboard
- Customizable policies and controls
What do you dislike about the product?
- Potential overhead for smaller teams, there are many features and policies that we dont use since we are a smaller company
What problems is the product solving and how is that benefiting you?
SOC2 compliance
Wonderful Product and Amazing Staff
What do you like best about the product?
Drata's easy to use interface makes it easy to understand your audit readiness at all levels. Automated evidence collection though simple to implement connections to third-party systems is made easy, and integration with ticketing and messaging apps means that operationalizing your data is automatic. Drata staff is responsive Drata takes you from managing the processes of preparing for an audit to focusing on what really matters.
What do you dislike about the product?
Set up will require a full review of your control to requirement mapping, an investment in resources for complex environments.
What problems is the product solving and how is that benefiting you?
Drata allows us to prepare for multiple assessments simultaneously, through cross mapping and resuse of evidence.
Josie Beaudoin, Solution Architect - Integration Support
What do you like best about the product?
Drata makes a very complex process as simple as possible to understand and manage.
What do you dislike about the product?
It's more the nature of the compliance efforts themselves, rather than the product. There are many challenges that the product makes much easier than they could be.
What problems is the product solving and how is that benefiting you?
SOC2 Compliance Endeavors
Drata disappointed us, did not deliver, and refused to refund us.
What do you like best about the product?
Drata said it's a compliance automation platform that will automate-away the entire compliance processes. That's far from reality. You need a full time proffesional to operate Drata.
What do you dislike about the product?
Bad service. Dishonest business. It's not really making anything easy for you. You to (A) know what you're doing, and (B) do all the work. While (C) they keep trying to push their service-providers your way to get you to pay more.
What problems is the product solving and how is that benefiting you?
Drata were suppose to automate compliance - they do not do that at all.
1 person found this helpful
Nice user interface, extensive GRC automation features, responsive support team
What do you like best about the product?
Easy to use and was implemented smoothly across my organisation. Customer support is very responsive. I use it daily in my work as a GRC analyst due to its control monitoring features. It integrates well with my organisation's instance of Intune, Entra ID, and Azure, making control testing and monitoring a breeze.
What do you dislike about the product?
Still lacking some basic features which I have submitted feature requests for.
What problems is the product solving and how is that benefiting you?
Drata is helping my organisation attain ISO27001 certification faster by automating our evidence collection and streamlining our continuous control monitoring.
GRC platform for companies that take risk management seriously
What do you like best about the product?
It is a very complete package. My team and I do audits and risk management integration daily. It is straight forward to work with. Everything is there, and it is so convenient for us to work with. Risk Management within an organization is a discipline, a commitment within the organization that risk management is more important than internet access. GRC becomes the public face of the collective strategic risk initiatives. It is a place to share risk efforts with auditors, regulators, clients and leads.
The platform is complex, but it makes sense in it's role within risk management.
The platform is complex, but it makes sense in it's role within risk management.
What do you dislike about the product?
The interaction with auditors focuses around the DCF (Drata Control Framework) rather than a specific framework control (like SOC2, ISO, etc). I know that Drata is using that to increase coverage of more frameworks. However, forcing auditors to use DCF rather than an ISO control is a bit of a nuisance.
Despite that, auditors have figured it out. This is a small inconvenience and not a major stopper.
Despite that, auditors have figured it out. This is a small inconvenience and not a major stopper.
What problems is the product solving and how is that benefiting you?
GRC is an agnostic platform that becomes the single source of truth for risk management. If this is accepted, customers, leads, regulators, auditors and more, never have to go further than trusting the information displayed by Drata.
It becomes a place to shape the forward looking risk mission of an organization and then share that with others.
It has to be a trusted platform onto which controls, standards, policies, evidence and SOPs are published. It needs to be the definitive source of this information and this has to be trusted by all without question. Drata is critically used for clients acheiving and maintaining regulatory compliance and security certifications year over year. It has to be a credible and agnostic platform, trusted by external reviewers and auditors.
It excels at those requirements.
It becomes a place to shape the forward looking risk mission of an organization and then share that with others.
It has to be a trusted platform onto which controls, standards, policies, evidence and SOPs are published. It needs to be the definitive source of this information and this has to be trusted by all without question. Drata is critically used for clients acheiving and maintaining regulatory compliance and security certifications year over year. It has to be a credible and agnostic platform, trusted by external reviewers and auditors.
It excels at those requirements.
Moved from SecureFrame and loving this
What do you like best about the product?
So many great features and the ease of use
What do you dislike about the product?
I don't know of any real downsides from where I sit
What problems is the product solving and how is that benefiting you?
Drata is helping us with our SOC-II compliance. I love how it simplifies this complex process.
showing 81 - 90