External reviews
1,128 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Effortless Compliance Management and Auditing
What do you like best about the product?
I think one of Drata's key strengths is its ability to perform framework mapping across compliance frameworks, which greatly reduces redundant work and duplicate work. I also appreciate its monitoring capabilities. Drata provides timely system updates on governance risk and compliance processes, making them more efficient and significantly less burdensome.
What do you dislike about the product?
I would like to be able to manipulate their dashboards a little better, just so I could cater it specifically to what our company needs to see, especially for generating reports to leadership.
What problems is the product solving and how is that benefiting you?
Drata automates our compliance status for risk management and auditing, gives us a clear view of our security posture, identifies real-time risks, and excels in framework mapping across compliance frameworks, reducing redundant work.
User-Friendly Compliance Platform with Helpful Templates and Resources
What do you like best about the product?
Drata is very user-friendly and offers a great platform that provides all the necessary information and templates to get started with anything related to compliance, even for startups.
What do you dislike about the product?
At the beginning, it can feel a bit overwhelming, but they offer so many resources and onboarding calls that it quickly feels manageable again.
What problems is the product solving and how is that benefiting you?
Drata helps us keep everything related to compliance in one place, and it automatically reminds us to renew policies when needed.
Comprehensive Compliance Templates for Nearly Every Audit Type
What do you like best about the product?
Drata let's us control all of our compliance/audit related requirements in one system–simple as that. The UX is great–it's easy to understand, easy to navigate, easy to add evidence, etc. The automation workflows are great–being able to automatically import all of our employees, devices, 2FA rules, etc. directly from our SaaS/PaaS products (e.g., Azure) is fantastic. The TrustCenter is quite helpful as well as a way of sharing sensitive documents (e.g. audit reports) with third parties in a tracked manner. It's a great tool tbh.
What do you dislike about the product?
It's a big system so it can be quite confusing at first. It's hard to know what's actually required for your various audit types–Drata gives you a template for nearly everything, but do you actually need everything in the template? Probably not. That's not Drata's fault, it's just the nature of being a generalized compliance tool that works across every industry.
What problems is the product solving and how is that benefiting you?
What are our SOC 2 requirements? We can't go through a SOC 2 audit without knowing all of our requirements. Drata tells you your requirements and lets you manage them all in one place.
Easy-to-Use Interface, Reliable Security Solution
What do you like best about the product?
I like how easily and friendly the interface of Drata is. It's very clean, and everything is easy to find, which is important since we ask our employees to use this software once a year; having an easy-to-use interface is crucial. It ensures that they can complete courses and understand everything without spending a lot of time figuring out how the software works. The initial setup was easy too; we just needed to set some things, and it was working pretty well. Everyone can do the courses and make sure they're aware of the best practices, so it's easy-going software.
What do you dislike about the product?
I had some issues logging in, but the team was very helpful. They helped me, and I received a reply a few minutes after requesting some help. They can add an option to log in with social media to avoid issues, such as not receiving matching links because they end up in the spam folder.
What problems is the product solving and how is that benefiting you?
I use Drata to ensure my team understands secure best practices and that our computers run smoothly, free of viruses or breaches. It also helps prevent sensitive company data from being compromised.
Effortless Compliance, User-Friendly Interface
What do you like best about the product?
I find Drata to be a really effective tool for company compliance, and I don't see any reason to use another or change it. It's overall very easy to navigate, and the interface is not complicated, which is good for those using it for the first time.
What do you dislike about the product?
I wish there was an option where we didn't have to manually provide evidence if there's already a connection with our HR platform. The sync with Rippling isn't too much of an issue, but it could be improved.
What problems is the product solving and how is that benefiting you?
Drata is an effective tool for company compliance. I find it easy to navigate, with a simple interface suitable for first-time users, making it unnecessary to switch to another tool.
Effortless Compliance Gap Detection and Audit Readiness
What do you like best about the product?
The platform makes it very easy to identify compliance gaps and ensure you are audit-ready.
What do you dislike about the product?
The onboarding process can be quite involved depending on the existing compliance program.
What problems is the product solving and how is that benefiting you?
Drata makes audit readiness and control validation simple and centralized.
Smooth Onboarding, Budget-Friendly Compliance
What do you like best about the product?
I like the pricing point of Drata, which is important as we are mindful about our budget while trying to achieve SOC2 compliance. The onboarding process was smooth, and we were guided through a series of workshops and onboarding sessions that provided us the tools to start using the platform effectively. The initial setup of Drata was also easy.
What do you dislike about the product?
The UI is a little confusing sometimes. As someone who has already done a SOC2 audit with a competitor product, I sometimes find the Drata platform a little confusing. It's not straightforward to see what tasks are missing and what specific things we need to fix. I think UX could be improved.
What problems is the product solving and how is that benefiting you?
Drata simplifies compliance by having auditors use the same platform for audits, reducing the compliance burden. The reasonable pricing point helps us stay within budget while working toward SOC2 compliance. The onboarding process with workshops and sessions made it easy to start using the platform.
Robust Security with User-Centric Support
What do you like best about the product?
What I like most about Drata is its user-centric format, and when we need help, tech support is fast and reliable. The initial setup of Drata for our team was very easy. We had a resource from Drata available if we needed it, but it was very self-explanatory and user-centric.
What do you dislike about the product?
Sometimes logging on can be a challenge. Recently, a few of us had issues with our logins, but we did get that resolved.
What problems is the product solving and how is that benefiting you?
I use Drata for data security, ensuring everything is safe and there's no data leaks.
Centralizes Compliance Evidence, Needs Policy Sync
What do you like best about the product?
I like that Drata reminds us when to update and submit our evidence for the past 12 months. It's convenient to have one place to add all the evidence instead of having pieces stored in different locations. This organization makes it easier to refer back to the information submitted as evidence. The reminders are also helpful once the time to review the evidence is near. We have successfully integrated Drata with our other platforms like Office365, Jira, and Bitbucket.
What do you dislike about the product?
The audit option is a bit clunky as it's hard to differentiate who owns the control. In addition, we still need to double up on maintaining the policies. Once version in Drata and another soft copy we need to keep when it is required by our clients when we do proposals. Our Sales team will need access to the latest version. It took a while to fully understand what it did.
What problems is the product solving and how is that benefiting you?
I use Drata to assist with obtaining SOC2 Type 2 and HIPAA reports. Drata centralizes evidence submission, making it easier to refer back and providing reminders when updates are needed.
Efficient Compliance Management, Needs UI Enhancements
What do you like best about the product?
I appreciate Drata because it eases the management of our SOC2 (Type I) compliance. I like the control and evidence management features, which make it easy to track completed, pending, or in-process controls and tasks with related evidence. Additionally, the integration with our internal tools and applications for control monitoring and automation adds value to our workflow.
What do you dislike about the product?
Need more better user interface and evidence repository management. There's also scope for adding country or region specific cyber security and data privacy laws or rules as notified by respective governments.
What problems is the product solving and how is that benefiting you?
I use Drata for SOC2 compliance, easing compliance management by tracking controls and related evidence efficiently.
showing 1 - 10