External reviews
1,074 reviews
from
and
External reviews are not included in the AWS star rating for the product.
A useful solution
What do you like best about the product?
Nice UI, nice cloud vendor tooling tie ins to AWS & GCP.
Easily see your IT assets and allocated users.
Useful top down view of compliance checklists all in one place.
Handy lightweight MDM solution with agents for all OSes and a web dashboard / onboarding flow for users.
Out of the box SSO/SAML IdP integrations like Google auth.
Easily see your IT assets and allocated users.
Useful top down view of compliance checklists all in one place.
Handy lightweight MDM solution with agents for all OSes and a web dashboard / onboarding flow for users.
Out of the box SSO/SAML IdP integrations like Google auth.
What do you dislike about the product?
Very limited custimization options. Because there is no way to customize user IT asset compliance rules, if you don't do things 100% the Drata way, 100% of yours users will show as non-compliant all the time, becaus there is no way to customize the ruleset Drata uses. This makes the compliance dashboard of limited value.
This is an overall theme in Drata. It's highly opinionated, so if you do things 100% their way, it works well, but if not you'll never see a complete compliance picture due to continuous false positives. This can also be seen in the cloud asset compliance checks and VCS checks. If you have no existing SOC2 apparatus, and want to use the Drata way hook line and sinker, this can work well, but if you have an existing compliance process, you'll possibly feel constrained in your ability to tailor Drata to fit.
Finally custom API integrations are rudimentary. The fact that you must open a support engineer directly to get an API key speaks to this currently being a rudimentary feature, rather than a rich API layer. We had to reverse engineer APIs and use UI tokens/sessions to automate processes, rather than the official Drata APIs to get things automated.
This is an overall theme in Drata. It's highly opinionated, so if you do things 100% their way, it works well, but if not you'll never see a complete compliance picture due to continuous false positives. This can also be seen in the cloud asset compliance checks and VCS checks. If you have no existing SOC2 apparatus, and want to use the Drata way hook line and sinker, this can work well, but if you have an existing compliance process, you'll possibly feel constrained in your ability to tailor Drata to fit.
Finally custom API integrations are rudimentary. The fact that you must open a support engineer directly to get an API key speaks to this currently being a rudimentary feature, rather than a rich API layer. We had to reverse engineer APIs and use UI tokens/sessions to automate processes, rather than the official Drata APIs to get things automated.
What problems is the product solving and how is that benefiting you?
Top down single source of compliance state and information.
An easy to use compliance management software
What do you like best about the product?
Drata monitors our systems daily and raises alerts whenever something is amiss. Integrations are also seamless with many of the systems we use. It also makes audits like SOC2 easy by automating a lot of controls.
What do you dislike about the product?
Although the evidence management flow has been simplified, it can be improved further.
What problems is the product solving and how is that benefiting you?
Automated compliance checks for our systems and helping with audits.
Good system which is easy to use.
What do you like best about the product?
Automated task manager. Audit sync ability. Integrated with our HR system, need to explore other integrations to get the best out of it.
Customer support team are quick at responding and supporting the process.
Customer support team are quick at responding and supporting the process.
What do you dislike about the product?
No export option on any pages. This would make a lot easier when tracking and sharing updates with c-suite staff.
Ability to change the view, for example - tasks outstanding are in a view of by month, would be useful to have this interchangeable into a monthly calendar view (which can also be exported) so you can quickly see tasks needing focus for the month ahead.
Ability to change the view, for example - tasks outstanding are in a view of by month, would be useful to have this interchangeable into a monthly calendar view (which can also be exported) so you can quickly see tasks needing focus for the month ahead.
What problems is the product solving and how is that benefiting you?
Ensuring that we have got all policies in order and making sure these are reviewed regularly. Creating one source of the truth which is easy to share with team members for 1 quick check.
Helps me keep compliance up to date and under control.
What do you like best about the product?
The way it notifies about things that need to be improved, and the control tracking it performs on an ongoing basis along with integrations.
What do you dislike about the product?
In previous versions, the platform did not correctly perform the verification tests.
What problems is the product solving and how is that benefiting you?
The correct mapping of controls both from different frameworks and from the assigned endpoints.
Drata - easy to use and track progress
What do you like best about the product?
Drata is extremely easy to implement and more importantly, track company progress against SOC2 compliance in order to drive adoption of compliant processes & controls.
What do you dislike about the product?
Drata has been extremely valuable in our push towards compliance best practices and SOC2 compliance. While there were some employee hesitations about downloading Drata and its activity tracking capabilities, we were able to clearly explain what Drata will and will not do in terms of employee activity tracking to assuage any concerns and drive adoption across our employee base.
What problems is the product solving and how is that benefiting you?
Drata is helping us identify gaps and drive towards SOC2 compliance certification
Drata was able to get our SOC audit completed on-time with easy management and integrations.
What do you like best about the product?
We really liked the automated compliance monitoring of our hosted cloud environments for potentials threats and misconfigurations. With threats and their resolutions highlighted, it was easy to resolve security configurations.
Overall everything was easy to setup and go through on frequent basis.
Overall everything was easy to setup and go through on frequent basis.
What do you dislike about the product?
A couple features such as employees and their respective accounts were not in sync in the cloud environments due to little difficult way of configuring that option. Was able to get help from their support though.
What problems is the product solving and how is that benefiting you?
Drata makes it very easy to manage all controls of the SOC framework (in our case). Multiple integrations allow users to quickly identify loopholes in different environments. Drata also provides instructions on how to solve those issues.
Lead Engineer
What do you like best about the product?
The security and assurance it provides to our valuable data
What do you dislike about the product?
Not a lot,but the number of accept policy requests
What problems is the product solving and how is that benefiting you?
Customer assurance and client compliance
Awesome product
What do you like best about the product?
The DRATA application is very easy to use and provides adequate help to ensure that all compliance requirements are covered while preparing for a compliance audit.
What do you dislike about the product?
Nothing in particular although at times even when the evidences are uploaded, the control does not show up as green. I think this has been fixed through the Evidence Library which surely makes things easier.
What problems is the product solving and how is that benefiting you?
It is helping us prepare for the SOC 2 and HIPAA compliance audit. The tool and the team at DRATA have been awesome and supported us throughout our compliance journey,
Drata
What do you like best about the product?
The advantage of using Drata is having all security compliances and certification audits in one single platform.
What do you dislike about the product?
Nothing for now. Since we started using its all good.
What problems is the product solving and how is that benefiting you?
We would like to active SOC2 compliance and this Tool is help on the same.
Drata - a leader in compliance automation segment
What do you like best about the product?
Drata's core compliance automation capabilities and out of the box integrations are probably the most comprehensive. Being able to run risk Management program and turst center fetures only make it must have product!
What do you dislike about the product?
For tools/ SaaS for which currently there is no out of the box integration, it is still heavy lift to try to monitor them via Drata.
What problems is the product solving and how is that benefiting you?
Makes managing compliance program much more efficient and meaninful exercise due to variety of ways to report on continuous compliance.
showing 81 - 90