External reviews
External reviews are not included in the AWS star rating for the product.
Impressive automation for this new up and coming vendor
What do you like best about the product?
User interface is above and beyond the best of the 4 vendors we reviewed. Customer support is incredibly responsive, and they have actual auditors on hand from some of the big firms who can help answer compliance-related inquiries. Bravo to Erin and Ashley and Troy for helping us through our SOC 2 compliance effort.
What do you dislike about the product?
The Drata Agent definitely still needs some improvements. Each small hiccup/glitch becomes something that the person coordinating the effort has to answer for every single employee over and over. I know they are putting a ton of development resources into the agent and adding new features every month it seems, so I am sure this will improve over time. They are very open to customer feedback.
What problems is the product solving and how is that benefiting you?
We are going for SOC 2 compliance with the hopes of better protecting our data, our customers' data, and speeding up our sales cycle.
- Leave a Comment |
- Mark review as helpful
Drata has taken the effort out of obtaining SOC 2 and allows continuous compliance going forward.
What do you like best about the product?
The overview is excellent, giving you a percentage to completion and makes monitoring the whole SOC 2 compliance very easy. The help articles linked to each control that fails are brilliant and offer you semi-guided advice on what you need to do to get that control working. The support from the Drata is also second to none.
What do you dislike about the product?
Some checks are ran on a daily schedule not when the test on the control is ran, eg some GItlab checks, however my guess is this allows Drata to avoid being throttled by the GitLab.com API so it is something that can be lived with.
What problems is the product solving and how is that benefiting you?
We are able to up our baseline security along with obtaining SOC 2 compliance. Drata has flagged many things that we didn't do that we should have and makes doing them going forward much easier, things such as risk assessment, pen testing etc.
Drata is Awesome
What do you like best about the product?
Intuitive interface. A lot of automation. New features are released almost every week. CS people are amazing.
What do you dislike about the product?
Some support articles are missing. Some evidence still has to be added manually.
What problems is the product solving and how is that benefiting you?
SOC2 automation. Compliance monitoring.
Makes a Complex Certification a Breeze
What do you like best about the product?
Hundreds of integrations automate everything
What do you dislike about the product?
Nothing! We're big fans of everything they're building, and whenever an issue does arise, they fix it within hours.
What problems is the product solving and how is that benefiting you?
Drata took what is an inherently complicated certification and made it easy to follow and understand. We've improved our security significantly and fixed things we never even thought of as risks.
Dashboard that works for you paired with excellent customer service
What do you like best about the product?
There are quite a few compliance solutions that perform similar tasks. Drata's dashboard/checklist is easy to use and gives a solid overview of where you stand but where they really stand out is with their customer success team. Their team's frequent follow-ups help keep the project on track and they are extremely helpful in answering questions and navigating the compliance process.
What do you dislike about the product?
While they are growing the number of partnerships they have, growing this bench of integrations is something this can be improved.
What problems is the product solving and how is that benefiting you?
No problems. As far as benefits, having a dedicated customer success manager has helped us keep our project on track. Other offerings failed us in the past as we did not have the help navigating the process and answering all of the questions that come along with SOC 2 complaince.
Making SOC compliance easy
What do you like best about the product?
The Drata dashboard makes monitoring outstanding compliance items easy to identify and resolve. The policy editor is also much easier tool to create and edit compliance documents, especially compared to competing products. Finally, the chat support has been helpful in clarifying compliance questions.
What do you dislike about the product?
At this time, we haven't encountered anything we disklike. Having worked with the Vanta product previously our transition to Drata has been easy and has eliminated all the pain points we felt with the Vanta platform.
What problems is the product solving and how is that benefiting you?
Consolidating all our outstanding SOC compliance items in 1 place to ensure all items are accounted for as we move towards our Type 1 compliance and future Type 2 as well.
Recommendations to others considering the product:
The Drata tool is a must-have for any company looking to obtain SOC certification. In addition, Drata would be a tremendous resource for an organization just looking to follow best practices even if certification isn't the immediate goal. If you are considering a compliance management tool I couldn't recommend Drata enough.
Application is easy to use, and the onboarding experience is amazing
What do you like best about the product?
The user interface is intuitive, very easy to identify monitoring errors and quickly resolve them.
What do you dislike about the product?
SOC 2 is tedious and requires the preparation of a lot of documents. I wish that process was a bit smoother; perhaps they could use a service like useanvil.com to generate the documents with the relevant company information pre-populated automatically
What problems is the product solving and how is that benefiting you?
Achieving SOC2Type2 compliance has allowed us to work with many industries we previously had to avoid, such as Banking.
We loved our experience with Drata
What do you like best about the product?
Drata's team/customer service (especially Fox!) is responsive and knowledgeable. Auditors highly recommend the platform, and it walked us through everything we needed to do. I especially appreciated the Framework tool, where you could go through all of the required controls one by one and add evidence to Drata as needed. The Monitoring feature is also superb.
What do you dislike about the product?
The policy editing view was hard to use; there is no track changes feature. Also, the monitoring feature doesn't catch changes right away. It would also be nice to have more templates available for required evidence, such as an incident response test template.
What problems is the product solving and how is that benefiting you?
Drata helped us prepare for our SOC 2 Type 1 audit, and we will be using it to go through our Type 2 audit as well.
A comprehensive product and team that streamlines the journey of becoming SOC2 compliant
What do you like best about the product?
Intuitive and well designed product focused on exactly what you need it to do, thorough documentation, seamless ability to export reports that outline compliance standing along with a helpful and friendly support team that guides you along the way to best shape your policies and procedures.
What do you dislike about the product?
At the time we started using Drata, they provided support for SOC2 only. Right now, they are also offering ISO27001. Although specializing and being experts in one type of compliance is an asset, it would be helpful to leverage the same monitoring setup for other types of certifications as well. So, I'm glad to see they are actively expanding into other frameworks.
What problems is the product solving and how is that benefiting you?
Drata guided us through our journey of becoming SOC2 compliant
The easiest compliance tool I’ve ever used
What do you like best about the product?
To sum it up - Drata took us from not even knowing Soc2 was a thing, to being completely audit ready in a matter of weeks. Everything with Drata has been nothing but simple. Basically You just connect your integrations your using, wait for the data to be synced then literally just go through all the things that need fixing until it's all done. It's literally so simple and so clearly laid out with explanations for each controls as well as any additional steps you need. If I did get stuck somewhere then I'd just shoot a message to Ashley and the CS team and someone would have a detailed answer for me (usually) within the hour. More importantly, since they've released the auditor side, our auditor seems pretty happy with Drata and how easy it makes evidence gathering from their side.
What do you dislike about the product?
Sometimes if you're knew to Soc2 it can be unclear exactly how to solve a particular monitor, so a bit more in depth documentation/explanations for certain co trols would be great. However in saying that - I have seen it greatly improve since we've started using Drata.
What problems is the product solving and how is that benefiting you?
Literally what it says on the tin - Helping us get soc2 ready. Will definitely use them for iso27001 as wel.
Recommendations to others considering the product:
Honestly just pull the trigger - you won't regret it.
showing 931 - 940