Drata Reviews & Product Details

I really like the ease of use and the support that Drata provides, especially for a small team like ours. It's helpful to have a tool that works for us in terms of compliance. Drata gives us an overview of all necessary renewals for evidence, and the use of templates is really handy. It's nice that Drata offers many easy setup configurations. Review collected by and hosted on G2.com.

The platform is sometimes a little bit slow and minor bugs. Sometimes I have to wait for tech support to answer for bugs which slows me down, or wait for page loads longer than usual. Review collected by and hosted on G2.com.

What I like best is the Integration with MS365, CERTN, Defender, Meraki ect. the automation makes it easier to manage several endpoints and users. Review collected by and hosted on G2.com.

Clearly defined policy renewal steps should be given prior to renewal, simply renewing a policy without updates changes the version of the document eg: 1.1, 1.2 and the tables inside don't reflect the changes. there's no point in doing the renew without updates as the table below has not reflected the version change. Review collected by and hosted on G2.com.

Drata supports the most common compliance frameworks. It effectively translates compliance requirements into readable control items. Each control item consists of a set of tests that are defined with clear specifications. For example, if an organization wants to adhere to the compliance NIST CSF, personnel responsible for achieving compliance simply focus on the control items of target compliance that Drata organized. Some tests can be shared across multiple compliance frameworks! It is easier for them to implement other compliances more efficiently in the future. Secondly, the most impressive design is the capability of automated evidence collection. With easy configuration on integrations to popular platforms, it can save effort when collecting the evidence of control items. To manage the overall readiness of compliance continuously, Drata provides efficient monitoring of controls, the status of tests, and the integrity of essential evidence. It provides users with real-time status and benchmarks in the dashboard. That helps internal or external auditors to track progress, identify gaps, and demonstrate compliance to key stakeholders. Finally, when I was new to Drata in the beginning, the Drata support team consistently delivered effective solutions to customer issues. The experience of customer support really touched my heart. Review collected by and hosted on G2.com.

The automated evidence-collection feature is a very productive design. However, it has both pros and cons. The limitations on integrations may become a burden if the target platform is not on the support list. Another thing that needs to be improved is the instructions for fixing the failed/error tests. Sometimes, I can not directly understand the root cause of the failed test. I hope the error information or solution instructions become more transparent or readable. Review collected by and hosted on G2.com.

I like the graphical interface of Drata. It's fairly easy to use, and after using it for a while, it becomes very easy. You can quickly look at various areas, from monitoring to pass and fail metrics, and risk assessment and assets. It's just easy to move around and understand where you're at and what you're doing. It breaks everything down simply in front of me, so I can see what's been done and what needs to be done without getting overwhelmed. The initial setup was fairly easy, with the majority of everything going smoothly, and I needed minimal assistance to get set up and running. I'm very happy and impressed with the product overall. Review collected by and hosted on G2.com.

Sometimes scrolling is a bit of an issue for me if I have a smaller monitor. There can be up to three slide bars on the right-hand side, and I have to move the page to go through a longer list. Review collected by and hosted on G2.com.

I like that Drata is easy to use, and I feel confident that everything is safe and secure when I store my information. I appreciate that I can just click into it whenever I need to. The support I receive is fast and efficient. It's very fast and efficient overall. Installing Drata was extremely easy; the instructions were simple, and it was ready to go right after downloading. The customer service is exceptional. Review collected by and hosted on G2.com.

I can't think of anything that I dislike about Drata. I found it so simple to install based on the instructions that were sent to me from my IT team. Review collected by and hosted on G2.com.

I find Drata's UI easy to use, and their support team is sharp and quick to reply. They have incredible integration capabilities, and as a small, lean startup team, Drata has been an excellent investment to achieve compliance. I also appreciate that we don't need prior knowledge to onboard thanks to their great guides that help us focus on what matters most. The initial setup of Drata was very easy, offering a great onboarding experience. Review collected by and hosted on G2.com.

The policy review process is lengthy in terms of steps. We manage our policies outside in Notion to allow for collaboration. It would be great if they could have a 'change request' that's comment-driven, reducing the back and forth across different tools to support collaboration. Review collected by and hosted on G2.com.

I really like the automation and integrations that Drata provides. They help me manage information security and privacy much more easily, especially since we have limited resources. Drata significantly reduces manual effort and provides easy, actionable insights into areas that need fixing. The initial setup was pretty straightforward, and I also appreciate its seamless integration with tools like GitHub, Heroku, and Google Workspace. Review collected by and hosted on G2.com.

There's a few bits of clunky user flow - e.g. when a control is marked as 'not ready' it's not always clear why it's not ready. It would be better if there was a clear button that showed a step-by-step guide on how to fix something. Review collected by and hosted on G2.com.

I use Drata for my GRC program including ISO27001, SOC2, GDPR, and Cyberessentials. I appreciate having better visibility of my controls and risks all in a single console. I like the ability to integrate with my tech stack with automated evidence collection. I don't have to log into AWS and Google Workspace to check compliance as everything is visible from Drata connections. The automation of evidence collection for SOC2 is what made us switch from Rubiq. Review collected by and hosted on G2.com.

The asset management module could be improved to generate a consolidated report. It currently doesn’t display device serial numbers and make, which are useful identifiers for an asset list. The serial numbers can only be seen when downloading a report for an individual, not for the entire company. I’d prefer Drata to have out-of-the-box modules like incident management to avoid purchasing a separate solution. Having an incident management report and a business continuity flow would greatly enhance Drata. Also, the integrations with Zoho Desk have been buggy since last year, and the issue remains unresolved despite logging a ticket about it. Review collected by and hosted on G2.com.

The most valuable feature for us is the continuous monitoring and real-time alerts, which provide reassurance that our controls are consistently effective. Drata also simplifies evidence collection and audit preparation, helping us save time and reduce the risk of errors. As a result, we are able to maintain compliance proactively and dedicate more attention to strategic security improvements instead of getting bogged down by administrative work.

In terms of usability, the platform is highly intuitive and user-friendly, making it easy for even new team members to navigate and complete tasks. The implementation process was smooth and quick, thanks to clear instructions and minimal disruption to our existing workflows. Drata’s integration with our current tools and systems is seamless, which cuts down on manual work and keeps our data consistent across platforms. The customer support team is always responsive, knowledgeable, and eager to help, which greatly enhances our overall experience. We rely on Drata daily for monitoring and compliance activities, and it has become an essential part of our security operations. Review collected by and hosted on G2.com.

It would be great to have more available integrations, for example with popular observability tools such as Grafana. Review collected by and hosted on G2.com.

I appreciate how Drata keeps everything organized, from evidence and compliance to risk management, making it the key to everything. The interface is always improving, becoming smarter and easier to use, which is great since I am in it every day working on compliance. What I really like is how the interface actively guides me through compliance work by linking controls, policies, and integrations together. It lets me see what's wrong, what's missing, why it matters, and how to fix it. The setup process is very intuitive as well, allowing me to add and remove vendors, policies, and connections easily. Drata was essential in obtaining our first SOC2 certification and continues to be invaluable in maintaining it. I can't imagine how challenging it would be to organize everything without Drata. Review collected by and hosted on G2.com.

I always seem to struggle when it comes to the hardware. I feel that workstations could be reported on a little better. Same for people. When looking at people, and seeing their compliance tasks overdue, like policies, it feels a bit convoluted. Review collected by and hosted on G2.com.