External reviews
1,074 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Exceptional Compliance Support & Automation
What do you like best about the product?
Drata has been a game-changer for our compliance program. From seamless evidence collection to real-time monitoring of control effectiveness, it’s given us back hours each week. Integrations with Jira, AWS, and other tooling mean everything just “talks” to Drata without extra effort. Their dedicated compliance support team has been outstanding, providing tailored guidance, swift responses, and deep expertise at every turn. You also get a glimpse into what's coming and can submit suggestions for features in the portal.
What do you dislike about the product?
Its built-in control templates aren’t always flexible enough for fully bespoke workflows, and integrations with niche or legacy systems can require manual workarounds.
What problems is the product solving and how is that benefiting you?
Drata addresses the headache of scattered, manual evidence gathering by automatically pulling configuration snapshots, user access logs, and policy attestations from your tech stack; it eliminates the risk of compliance drift by continuously monitoring control health and flagging deviations in real time; and it streamlines audit preparation by organizing all artifacts and mapping them directly to relevant PCI DSS requirements. As a result, we spend far less time chasing down screenshots or spreadsheet entries, gain clear visibility into our compliance posture at any moment, and enter audits with confidence—knowing that our controls are both documented and functioning as intended.
Great way to get up and running
What do you like best about the product?
Great support, templates to help get things rolling. Easy for end users.
What do you dislike about the product?
Not as strong as a reference, fixed format and limited searchability for more advanced users.
What problems is the product solving and how is that benefiting you?
Helps us develop and maintain standardization and certification, giving us a better and clearer offering to present to customers.
Great tool for compliance automation
What do you like best about the product?
Continuous monitoring, Drata policy management templates, Trust center and AIQA
What do you dislike about the product?
Some integrations errors happen and those are difficult to debug
What problems is the product solving and how is that benefiting you?
We are using Drata as our GRC automation tool to help with annual certifications and audits. It is easy to keep track of monitoring, risk assessments and everything in one centralized place.
Compliance platform that facilitates certification
What do you like best about the product?
The automation of controls and integration with tools like GitHub, Microsoft 365, and Azure greatly facilitate the continuous monitoring of compliance with standards such as ISO 27001 and SOC 2. The platform also has intuitive dashboards and proactive alerts that help keep the requirements up-to-date and visible to all parties involved.
What do you dislike about the product?
Learning curve for non-technical users: For team members outside the security or compliance area, the platform can be challenging at first.
What problems is the product solving and how is that benefiting you?
Obtain ISO 27001 certification
Drata has really helped us centralise tech compliance.
What do you like best about the product?
One stop shop for early stage startups to automate compliance across multiple frameworks
What do you dislike about the product?
Once you need to demonstrate compliance out of scope of the integrations that Drata offers, you're back to screenshots and manual copy-pasting. Eventually you'll need a compliance automation team just to keep up.
What problems is the product solving and how is that benefiting you?
We're able to use Drata to automate device posture checks,
Comprehensive tool and excellent support for both technical and compliance questions
What do you like best about the product?
Out of the box compliant policy drafts, security controls and support for required practices like vendor management or user access reviews.
Easy to use and support is always there for you. Event the bot is pretty good and if it is not enough the professional and nice human is available too.
Easy to use and support is always there for you. Event the bot is pretty good and if it is not enough the professional and nice human is available too.
What do you dislike about the product?
Asset management could have more features and more useful manual asset management.
What problems is the product solving and how is that benefiting you?
Drata gives me a clear path towards compliance with ISO 27001. It spared me a lot of effort with integrations and ISMS procedures support.
Drata Support
What do you like best about the product?
Drata is great for monitoring compliance against the frameworks which Atlantis Health need to be compliant against.
The support staff are friendly and helpful.
Our assigned CSM is always willing to assist and answer any questions along with keeping us focus on achieving our goals.
The support staff are friendly and helpful.
Our assigned CSM is always willing to assist and answer any questions along with keeping us focus on achieving our goals.
What do you dislike about the product?
Ensuring policies & evidence is kept current.
What problems is the product solving and how is that benefiting you?
Compliance with GDPR, HIPAA, ISO27001 and SOC2 for start.
Focus efforts on what is required to achieve compliance.
Focus efforts on what is required to achieve compliance.
A wonderful tool to help accelerate compliance
What do you like best about the product?
We had an outstanding experience with Drata. The platform was incredibly easy to implement, with intuitive workflows and helpful guidance at every step. Thanks to Drata’s automation and clear compliance roadmap, we moved from onboarding to SOC 2 readiness in record time. Our audit went smoothly and was completed successfully with minimal friction. Drata has been a game-changer for our compliance process - we highly recommended!
What do you dislike about the product?
While Drata ultimately helped us achieve SOC 2 compliance, there were several challenges along the way. The platform wasn’t as intuitive as we had hoped, and we often found it difficult to understand what was included or required at each step. We relied heavily on support from a third-party implementation partner and our auditor to interpret and navigate the system effectively. Without that external guidance, getting through the process would have been significantly more difficult. We had a few technical issues along the way and their support wasn't always as responsive as we hoped.
What problems is the product solving and how is that benefiting you?
Automation and organization of our security program to achieve SOC2
Compliance Team is Amazing
What do you like best about the product?
The best part of Drata is the customer support. Seraphina has been incredibly helpful—clear, responsive, and always thoughtful in her guidance. During our audit, she provided practical advice that helped us move forward with confidence. Combined with Drata’s intuitive interface and ease of use, the platform makes managing compliance far less daunting. It’s more than just a tool—it’s a true compliance ally.
What do you dislike about the product?
I really do not have anything I dislike about the platform.
What problems is the product solving and how is that benefiting you?
Drata is solving the problem of fragmented and manual compliance workflows. It brings everything into one place—evidence collection, control tracking, vendor management—and automates what used to be a time-consuming process. The intuitive interface makes it easy to stay on top of tasks, and the integrations cut down on duplicate effort. It’s saving us time, reducing audit prep stress, and helping us maintain a stronger security posture year-round.
Strong Solution to help you with administrative load for your future audit
What do you like best about the product?
We’ve had a solid experience with the product so far. The interface is intuitive. Support response times have been generally good, and the onboarding process was smoother than expected.
What do you dislike about the product?
Nothing so far that I could dislike, however it seems we will need another tool for MDM
What problems is the product solving and how is that benefiting you?
It helps to collect all audit evidences
showing 21 - 30