External reviews
1,074 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Fantastic way to go through the overwhelming process of HIPAA and SOC II auditing
What do you like best about the product?
We were pretty overwhelmed when we started our HIPAA/SOC II TYPE II certification. Using Drata made that 100% easier and allowed us to focus on what needed to be done and quickly.
What do you dislike about the product?
Our auditing was different as we outsource a ton of our infrastructure so the app seemed a bit overwhelming but once we walked through the app with our rep, it was super easy to use and we dug right in!
What problems is the product solving and how is that benefiting you?
Compliance and auditing for our HIPAA and SOC II certifications
Simple and effective for people new to compliance
What do you like best about the product?
Drata presents all the tasks and requirements you need to do for your chosen compliance framework in a very clear way, with detailed descriptions to help you understand what the auditor will need from you. The support and advice from the team has also been high quality and responsive. The integrations also automate a huge amount of the evidence collection and monitoring.
What do you dislike about the product?
As a first time user of a fully fledged GRC platform, there is very little to dislike. The suggest controls and evidence do focus on what will suffice for the majority but there could be more built-in options for alternatives - however the support teams and chatbot are quick to suggest these when asked.
What problems is the product solving and how is that benefiting you?
Drata has helped centralise the compliance tasks and reporting as well as helped with employee onboarding. The interface it provides for the auditors makes the audit's much easier.
Drata User Experience
What do you like best about the product?
The automation and ease of use, implementation and integration
What do you dislike about the product?
Customer support can be very delayed at times depending on the issue. When organizations are tyring to meet audit deadlines it is not a good experience.
What problems is the product solving and how is that benefiting you?
It is a team of one at my organization so having things organized is setting me up for success. The automation is great although not as intuitive. I have to rely on support more than i would like to.
Review for Rachel's support
What do you like best about the product?
I like the support i get from Drata agents.
What do you dislike about the product?
connections can be improved, and sometimes policy editing is super slow.
What problems is the product solving and how is that benefiting you?
Having everything in a centralized platform really boosts effective collaboration.
Drata - Monitoring Platform
What do you like best about the product?
Proper Support on time
Easy Implementation
Easy Implementation
What do you dislike about the product?
Suggestion : can add more test cases
can improve documentation
can improve documentation
What problems is the product solving and how is that benefiting you?
Drata is integrated with our Cloud Platform. Help us to maintain Compliance
Compliance Made Easy with Drata
What do you like best about the product?
Drata's platform is incredibly user-friendly, and their customer support is top-notch. Out of our entire tech stack, only one system required manual input—everything else integrated seamlessly. Whenever we’ve had questions or needed assistance, the support team has been impressively fast and helpful. The platform gives us clear visibility into our compliance posture.
What do you dislike about the product?
This isn’t specific to Drata, but more of a general limitation across most compliance management systems. It would be great to see more AI-driven features that could automatically map and configure controls based on our environment, reducing the need for manual setup and rule-by-rule customization. The platform is strong, but as compliance becomes more complex, smarter automation would take it to the next level.
What problems is the product solving and how is that benefiting you?
Before Drata, we were managing our compliance efforts manually in spreadsheets, which was time-consuming and error-prone. Drata centralizes everything, automates evidence collection, and keeps us continuously audit-ready. As a result, we spend far less time on documentation and back-and-forth during audits, allowing us to focus more on actual security improvements and strategy.
Natural, lightweight, intuitive
What do you like best about the product?
Drata is an opinionated, lightweight, easy to understand repository for all our compliance information. It does everything we need (and more) which gives us a growth path with the tool, all-the-while aligning us with requirements and making them clear.
The automated tests are a bonus, on top of the very clear control management system.
Its integration with Slack is fast and efficient, and allows our tech team to keep an eye on control compliance and test status.
The automated tests are a bonus, on top of the very clear control management system.
Its integration with Slack is fast and efficient, and allows our tech team to keep an eye on control compliance and test status.
What do you dislike about the product?
I would wish for more native integrations with third-party vendors, since this really where such a tool shines, and more support for self-hosted versions, since we are big proponents of self-hosting.
What problems is the product solving and how is that benefiting you?
Our previous audits, carried out manually by an external consultancy, lacked a centralised, well-formed and opinionated data collection/repository, which required us (and the external consultant) to hunt for data and required a lot of back-and-forth to come to an agreement as to what is acceptable to be in-scope and not-in-scope without triggering exceptions. There was a lot less upfront clarity, and evidence could not be submitted much in advance, let alone as we go.
My Drata User Experience
What do you like best about the product?
The user interface is very easy to use. The functionality of Drata addressed many of our business needs and processes.
What do you dislike about the product?
So far, I have not encountered any downsides. I just started using the platform.
What problems is the product solving and how is that benefiting you?
The Drata tool is assisting my organization with Cybersecurity Risk Management and audit activities.
Issue Resolved Quickly
What do you like best about the product?
What I love most about Drata is its ease of use, effortless automation of compliance tasks, and user-friendly platform.
What do you dislike about the product?
While the platform is user-friendly, it could provide more guidance to help new users get started more easily
What problems is the product solving and how is that benefiting you?
Drata tackles key compliance and security challenges by automating security control tracking, offering real-time compliance updates, and reducing manual audit prep work.
Still feels newish, but works
What do you like best about the product?
I like being able to review which users have access to which apps. I like the concept behind being able to match controls for different frameworks based on the tests and connections they provide. Being able to match policy acknowledgements to users is also a plus.
What do you dislike about the product?
Their text editor for Policies is awful. Makes me feel like I have to write my own webpage. I was instructed to copy/paste policies in for easy version control, but the editor doesn't recognize table of contents blocks. It also doesn't have a tab system, so if you have to create things in columns, none of the data lines up.
They don't have Active Directory support beyond an agent that you would have to install to all systems. So if your company uses GPOs, it's difficult to get compliance data out of AD without using a third party tool.
It is difficult to see where some data is coming from once a connection is made. Most tests just say "Autopilot", which does not refer to Intune Autopilot. So if there's an issue with a connection or specific test, it's hard to fix.
Lastly, in order to get help with Drata you have to use their Chatbot system. The chatbot isn't bad per se, but the window/drawer that pops out for it, obscures half of the controls/buttons you need to use to allow access to your tenant for help and other actions for fixing issues. You have to actually close out of the window to get what an agent or the bot asks for, and then find a way to navigate back to that specific chat. A minimize button would be all it takes to fix this!
They don't have Active Directory support beyond an agent that you would have to install to all systems. So if your company uses GPOs, it's difficult to get compliance data out of AD without using a third party tool.
It is difficult to see where some data is coming from once a connection is made. Most tests just say "Autopilot", which does not refer to Intune Autopilot. So if there's an issue with a connection or specific test, it's hard to fix.
Lastly, in order to get help with Drata you have to use their Chatbot system. The chatbot isn't bad per se, but the window/drawer that pops out for it, obscures half of the controls/buttons you need to use to allow access to your tenant for help and other actions for fixing issues. You have to actually close out of the window to get what an agent or the bot asks for, and then find a way to navigate back to that specific chat. A minimize button would be all it takes to fix this!
What problems is the product solving and how is that benefiting you?
Having a single pane of glass to identify compliance issues and evidence requests makes auditing much easier.
showing 71 - 80