---
title: Strike Graph Reviews
meta_title: 'Strike Graph Reviews 2026: Details, Pricing, & Features | G2'
meta_description: Filter 190 reviews by the users' company size, role or industry
  to find out how Strike Graph works for a business like yours.
aggregate_rating:
  rating_value: 4.7
  review_count: 190
  scale: '5'
date_modified: '2026-07-13'
parent_category:
  name: Cloud Security
  url: https://www.g2.com/categories/cloud-security
---

# Strike Graph Reviews
**Vendor:** Strike Graph  
**Category:** [Cloud Compliance Software](https://www.g2.com/categories/cloud-compliance)  
**Average Rating:** 4.7/5.0  
**Total Reviews:** 190
## About Strike Graph
Strike Graph is an AI-native compliance management software designed to revolutionize how businesses achieve and maintain security certifications, including CMMC, NIST, ISO 27001, HIPAA, SOC 2, PCI DSS, TISAX, and more. With a mission to help companies efficiently and effectively prove compliance and build trust, Strike Graph transforms compliance from a burdensome expense into a strategic advantage. Traditional security compliance processes are often slow, opaque, and costly, requiring reliance on outdated methods. Strike Graph eliminates these inefficiencies by providing companies with a transparent, objective solution to design, operate, and measure their security programs. Strike Graph’s innovative tools simplify every stage of compliance. It enables users to create customized security programs tailored to their specific risks and operational needs, streamlines evidence collection and testing, and offers in-platform certification options that reduce reliance on third-party auditors. This comprehensive approach not only saves time and money but also ensures continuous compliance monitoring to protect businesses against evolving threats. The platform caters to security leaders in all industries, including SaaS, FinTech, HealthTech, EdTech, and beyond, offering a knowledgeable and approachable partner in compliance management. Strike Graph’s AI-powered features, like Verify AI, enhance accuracy and efficiency while ensuring data security through self-hosted models. By turning compliance into a revenue enabler, Strike Graph helps companies build trust with their customers, partners, and stakeholders, paving the way for sustainable growth and innovation.



## Strike Graph Pros & Cons
**What users like:**

- Users value the **ease of use** of Strike Graph, appreciating its intuitive document management and supportive assistance. (77 reviews)
- Users praise the **intuitive interface and automation** of Strike Graph, enhancing efficiency in managing compliance and documentation. (76 reviews)
- Users value the **excellent customer support** from Strike Graph, appreciating quick responses and dedicated assistance. (60 reviews)
- Users appreciate the **intuitive design** of Strike Graph, simplifying SOC 2 compliance management with ease and efficiency. (51 reviews)
- Users value the **incredibly helpful team** of StrikeGraph, known for their quick response and professional support. (47 reviews)
- Compliance (40 reviews)
- Evidence Management (39 reviews)
- Useful (39 reviews)
- Guidance (37 reviews)
- Document Management (33 reviews)

**What users dislike:**

- Users feel the **navigation and automation features need improvement** to enhance usability and efficiency in operations. (24 reviews)
- Users find the **evidence collection process cumbersome** due to excessive initial requirements and limited automation features. (20 reviews)
- Users find **integration issues** with Strike Graph, facing challenges with limited third-party tool connections and confusing workflows. (15 reviews)
- Users find a **lack of guidance** during onboarding, making the initial experience overwhelming for newcomers to compliance. (14 reviews)
- Users find the **navigation between controls and evidence challenging** , leading to a complicated user experience and customization needs. (13 reviews)
- Improvements Needed (11 reviews)
- Learning Curve (11 reviews)
- Learning Difficulty (9 reviews)
- Limited Integrations (9 reviews)
- UX Improvement (9 reviews)

## Strike Graph Reviews
  ### 1. Exceptional Tool for SOC II Compliance

**Rating:** 5.0/5.0 stars

**Reviewed by:** Emily G. | Operations Manager, Small-Business (50 or fewer emp.)

**Reviewed Date:** April 01, 2025

**What do you like best about Strike Graph?**

I appreciate the way Strike Graph tracks progress and shows what items need the most attention. This feature helps me see how practical completion is and understand where we stand, especially since there are so many items involved in an audit. The initial setup was good, and I find it valuable for obtaining a SOC II certification.

**What do you dislike about Strike Graph?**

I find it challenging to better see which outstanding items are applied to multiple controls. It only shows it as outstanding for one control instead of both, which makes it look like there’s more than one evidence needed when it’s really the same evidence for more than one control.

**What problems is Strike Graph solving and how is that benefiting you?**

I use Strike Graph for security audits to obtain a SOC II certification. I like how it tracks progress and highlights what needs attention, helping us see practical completion and the status of many audit items.

  ### 2. Struggles with Communication and AI Overreliance

**Rating:** 0.5/5.0 stars

**Reviewed by:** Verified User in Manufacturing | Small-Business (50 or fewer emp.)

**Reviewed Date:** March 18, 2026

**What do you like best about Strike Graph?**

I used to like their tooling before they cut human contact and pushed AI.

**What do you dislike about Strike Graph?**

It's supposed to solve having a single place to provide evidence to auditors, but it falls short in many ways. They are pushing more and more to take the human out of the process. Our Customer Success rep, our only contact at Strike Graph, was MIA right as our audit was starting, and we were pushed to use AI Chat bots instead of speaking with a human about issues and concerns before, during, and after our audit. They are terrible at communication and have caused delays and issues with our pen tests and audits because of these communication breakdowns that seem intentional. For something compliance-based and mission critical, I should have a single point of contact and shouldn’t be pushed to use an AI bot. If I wanted to go that route, I’d use an LLM, not pay for a service. Stop gaslighting customers that this is a good experience. It's not and misses the actual value SG (Strike Graph) should be providing. Remove the popup chat bot from the tool.. asking me to review your product over and over when I can't even get basic support is very frustrating. It used to be easy before they added all the AI slop to the product and stopped responding to support messages.

**What problems is Strike Graph solving and how is that benefiting you?**

Strike Graph is supposed to provide a single place to submit evidence to auditors, but it falls short.

**Official Response from Katie Burgess:**

> We noticed you updated your review and wanted to make sure we responded to your most recent experience. Thank you for sharing your feedback, and we're sorry to hear about your frustrations.

We know compliance is high-stakes work, and our goal is never to remove the human element. Our AI features are built to complement and strengthen the process.

We apologize for any gap in your account coverage during this critical time, and we understand how disruptive that can be. Please reach out to customersuccess@strikegraph.com, and we'll make sure you're taken care of.

  ### 3. Streamlined Compliance with Exceptional Support

**Rating:** 5.0/5.0 stars

**Reviewed by:** John Y. | Security Specialist, Mid-Market (51-1000 emp.)

**Reviewed Date:** August 26, 2024

**What do you like best about Strike Graph?**

I have been using Strike Graph for risk management and SOC2 Type1 and Type 2 Compliance for a couple of years, and it has been a great experience. I like the simplicity of the design and how compliance can be done effortlessly. The way document collection works is impressive, and I find it easy to track responsibility and timelines. It also provides a huge number of documents and all kinds of templates for our use. The support is awesome, with our account manager always being responsive and patient. Additionally, the initial setup was super easy, which was a big plus for our team.

**What do you dislike about Strike Graph?**

There are small things on the document automatic collection. We have it integrated with our SharePoint / OneDrive, but it could be more helpful if the function can be enhanced. I am hoping it can automatically collect all documents under one folder, not just limited to one file.

**What problems is Strike Graph solving and how is that benefiting you?**

I use Strike Graph for risk management and SOC2 compliance. It solves issues like tracking expiry, review, and approval dates, and eliminates manual spreadsheet tracking. The simplicity of compliance design and document management is impressive, saving us time and simplifying processes.

**Official Response from Katie Burgess:**

> Thank you for your positive feedback. We're happy to hear you find value in our dashboards, documentation, and support. Congratulations on your successful SOC 2 audit!

  ### 4. Excellent SOC 2 Compliance Assistance

**Rating:** 5.0/5.0 stars

**Reviewed by:** Melissa S. | Security Officer, Small-Business (50 or fewer emp.)

**Reviewed Date:** September 12, 2023

**What do you like best about Strike Graph?**

The platform makes it easy to organize evidence items across a variety of certifications and frameworks. The examples and descriptions for each evidence item are clear, and most items include a link to a help page that explains what kinds of materials will satisfy the requirements for the control(s) that item is linked to. Being able to link a single evidence item to multiple controls also really helps reduce the overall workload.

Their example policies helped us take information that had been stored in a wide variety of places (and in people’s heads) and pare it down into a manageable set of documents that are easy for our employees to find and use.

Caroline did an excellent job helping us get set up in the beginning. She made what felt like a daunting process manageable, and her attitude was consistently bright.

Edit (1/29/26): The folks I’ve worked with over the last couple of years have all been great, and we really appreciate the insight they provide. Access to support is immediate: you can get solid answers from the browser help, and when you email them you receive a response quickly. The flexibility to organize evidence items according to controls that may span multiple frameworks makes things much easier to respond to client requests. The whole crew has made the audit process as easy and painless as they can.

I've been experimenting with the Security Questionnaire AI tool and it is surprisingly good.  You still have a bit of work to do to double-check that the answers really do apply to the question, sometimes it will pull in a control that isn't exactly what the client question is about, but it has been able to identify a good number of solid answers to the questions.

**What do you dislike about Strike Graph?**

Nothing.  The tool has been great and I can't say I ran into any trouble using it.  Caroline took down some notes here and there about questions I had while entering information in, but none were show-stoppers and I honestly can't even remember most of what they were.

It would be nice to have an integration for Bitbucket through Atlassian since JIRA is available.  I was also a bit bummed that the AWS integrations had to go through Cumulus, which we don't have.

**What problems is Strike Graph solving and how is that benefiting you?**

They helped us attain a SOC 2 Type 1 audit so far.  This benefitted our company by helping organize security information in a way that is easy to visualize and present to stakeholders.  Our clients will be able to request our SOC 2 information for their auditors and compliance requirements.  Our employees have a set of policies that can be referred to easily for questions and the policies can grow and change we we head into our future.

  ### 5. Easy Evidence Management & Assignment

**Rating:** 4.0/5.0 stars

**Reviewed by:** Stuart H. | Lead BA/IT Specialist, Small-Business (50 or fewer emp.)

**Reviewed Date:** December 13, 2024

**What do you like best about Strike Graph?**

Periodic reminders about expiring evidence is very helpful for staying on top of what evidence needs to be refreshed, when, and how often.

Control- and evidence-assignment makes it simple for different users to look up what has been assigned to them, which controls have been fully/partially satisfied.

The web portal makes it easy to access things from multiple locations.

They've recently improved the interactivity of the website, which makes navigation and multi-tab management easier than it was previously.

**What do you dislike about Strike Graph?**

A lot of the documentation & examples are focused on AWS and particular products/services, which can make things difficult inexperienced users from organizations that use other options.

The difference between evidence owners & control owners can sometimes cause some confusion, since control owners aren't warned about linked evidence that's expiring - that would be a nice option, since control owners are the ones considered responsible for associated evidence, even if a particular evidence item is assigned to someone different.

**What problems is Strike Graph solving and how is that benefiting you?**

Managing SOC2 and PCI compliance from a single location.

Knowing which evidence items are soon-to-expire, and who's assigned to them.

Evidence management - all available from the website (provided the user has permission to view/download them)

  ### 6. Exceptional and intuitive product supporting various frameworks

**Rating:** 5.0/5.0 stars

**Reviewed by:** Verified User in Manufacturing | Enterprise (> 1000 emp.)

**Reviewed Date:** June 03, 2026

**What do you like best about Strike Graph?**

All of it. The Compliance Dashboard provide all the necessary summarized information upfront (including the Control Monitoring dashboard). Navigating through the Control Library is very intuitive and intelligently designed to outline related security controls and artifacts uploaded in the Evidence Repository. Furthermore the Evidence Repository and it's built-in Verify AI feature helps you understand where a provided policy/procedure document may be missing required elements of the security control. Lastly, the various integrations along with the new Vendor Trust Center provides exceptional value. Overall this product is very effective and efficient.

**What do you dislike about Strike Graph?**

There isn't anything I dislike about StrikeGraph.

**What problems is Strike Graph solving and how is that benefiting you?**

CMMC Certification and support for other frameworks. Also, the new Vendor Trust Center helps interrelate specific questionnaires or requirements from third parties.

  ### 7. Simple and Effective Compliance Guidance

**Rating:** 4.5/5.0 stars

**Reviewed by:** Verified User in Information Technology and Services | Small-Business (50 or fewer emp.)

**Reviewed Date:** November 18, 2024

**What do you like best about Strike Graph?**

I found the compliance document templates extremely helpful in establishing a framework and creating policies that address the necessary controls.  The system itself is very helpful in understanding what needs to be done to meet the compliance needs of various frameworks, and where there is potential overlap.  Support is always prompt and helpful as well.

**What do you dislike about Strike Graph?**

These frameworks are still complex and while Strikegraph does a great job brining things together and making them consumable, support is still needed to unravel the complexities.  I would appreciate a mechanism to prompt for updates to templates, new best practices, etc. for already established frameworks.

**What problems is Strike Graph solving and how is that benefiting you?**

Establishing policies, controls, etc. and ensuring we are compliant with various frameworks.  We are currently using Strike Graph for HIPAA and SOC 2 Type 2 compliance, as well as PEN testing.

  ### 8. Patient, Fantastic Customer Success Support for Setting Up Our Compliance Plan

**Rating:** 5.0/5.0 stars

**Reviewed by:** Benjamin J. | Director of IT and Security, Small-Business (50 or fewer emp.)

**Reviewed Date:** January 30, 2026

**What do you like best about Strike Graph?**

The StrikeGraph customer success team was patient and integral in helping me get my compliance plan set up in the system. They were also great to talk through specific compliance challenges with, and they helped me figure out how to meet those requirements in a way that worked for our needs. Overall, the customer support and communication were fantastic.

**What do you dislike about Strike Graph?**

Like most other compliance platforms, it lacks tools to automate many of the tasks required for on-prem environments. It would be especially helpful to have better integration tools for System Center or VMware.

**What problems is Strike Graph solving and how is that benefiting you?**

StrikeGraph is helping us simplify the management of compliance tasks and dates for our SOC 2. With our relatively small team, that’s really important, and they’re doing a much better job than the previous platform we were using.

**Official Response from Cayla Marshall:**

> Ben, thank you very much for your kind words! It's been wonderful working with you and your team, and we're looking forward to another year of compliance success!

  ### 9. Making SOC 2 Type II Achievable for First-Timers

**Rating:** 5.0/5.0 stars

**Reviewed by:** Arniel d. | Information Technology Security Specialist, Mid-Market (51-1000 emp.)

**Reviewed Date:** February 01, 2024

**What do you like best about Strike Graph?**

They are very proactive and helpful with our team. Strike Graph is always there with us when we are having hard times regarding our evidence and controls.

**What do you dislike about Strike Graph?**

None that I can think of. Strike Graph is always active in helping us.

**What problems is Strike Graph solving and how is that benefiting you?**

Strike Graph is helping us solve the complexity and uncertainty that comes with compliance, especially since this is my first time pursuing SOC 2 Type II. Before using it, the process felt overwhelming: managing evidence, tracking controls, and ensuring everything aligns with audit requirements can quickly become disorganized and time-consuming.

  ### 10. Seamless SOC2 Compliance with Top-Notch Support

**Rating:** 4.5/5.0 stars

**Reviewed by:** Stefan P. | Business Analytics / Sales Administrator, Mid-Market (51-1000 emp.)

**Reviewed Date:** February 02, 2026

**What do you like best about Strike Graph?**

I found Strike Graph simplifies the SOC2 compliance process, which is something we can't manage on our own. It definitely speeds up the process for us. I appreciate the quick, useful, and straightforward support their team provides, and their website is very good. I recommend Strike Graph for startups and growing companies needing SOC2 compliance, as having an internal compliance team can be too expensive and time-consuming. Everything worked smoothly for our compliance needs, and I'd rate the initial setup a 9 out of 10. I'm also likely to recommend Strike Graph to others, as I rate it a 9 on the recommendation scale.

**What do you dislike about Strike Graph?**

Some of the templates and forms could be slightly more customizable to fit unique workflows

**What problems is Strike Graph solving and how is that benefiting you?**

Strike Graph simplified the SOC2 compliance process, speeding it up and making it manageable without needing an expensive internal team. The support is quick, useful, and the website is very good.

**Official Response from Stephanie Lorraine:**

> Stefan, thank you for this thoughtful review! We're thrilled to hear our platform helped streamline compliance for your team and accelerate your path to readiness! 

It's especially rewarding to hear how our support team and onboarding experience is one of the highlights. We work hard to provide fast, straightforward guidance so you can stay focused on your priorities. 

We truly appreciate the recommendation to enhance our policy templates and will absolutely do that moving forward! Thank you again for sharing your experience and we look forward to continuing to support you and your team! 


## Strike Graph Discussions
  - [What is Strike Graph used for?](https://www.g2.com/discussions/what-is-strike-graph-used-for)

- [View Strike Graph pricing details and edition comparison](https://www.g2.com/products/strike-graph/reviews/strike-graph-review-13049957?section=pricing&secure%5Bexpires_at%5D=2026-07-14+14%3A35%3A30+-0500&secure%5Bsession_id%5D=e105cc37-55bd-4561-8d98-b9d2809c2abf&secure%5Btoken%5D=fb7f727e62ea20ee730672325c1f655bd368e9cb5dd9868e0496dd0b47657ed6&format=llm_user)
## Strike Graph Integrations
  - [Achieve](https://www.g2.com/products/macmillan-learning-achieve/reviews)
  - [ADP Workforce Now](https://www.g2.com/products/adp-workforce-now/reviews)
  - [AlexisHR](https://www.g2.com/products/alexishr/reviews)
  - [Altera](https://www.g2.com/products/altera/reviews)
  - [AWS App Mesh](https://www.g2.com/products/aws-app-mesh/reviews)
  - [AWS Backup](https://www.g2.com/products/aws-backup/reviews)
  - [AWS Batch](https://www.g2.com/products/aws-batch/reviews)
  - [AWS Certificate Manager](https://www.g2.com/products/aws-certificate-manager/reviews)
  - [AWS CloudFormation](https://www.g2.com/products/aws-aws-cloudformation/reviews)
  - [AWS CloudHSM](https://www.g2.com/products/aws-cloudhsm/reviews)
  - [AWS Cloud Map](https://www.g2.com/products/aws-cloud-map/reviews)
  - [AWS CloudTrail](https://www.g2.com/products/aws-cloudtrail/reviews)
  - [AWS Cost and Usage Report](https://www.g2.com/products/aws-cost-and-usage-report/reviews)
  - [AWS Cost Explorer](https://www.g2.com/products/aws-cost-explorer/reviews)
  - [AWS Data Pipeline](https://www.g2.com/products/aws-data-pipeline/reviews)
  - [AWS Direct Connect](https://www.g2.com/products/aws-direct-connect/reviews)
  - [AWS Directory Service](https://www.g2.com/products/aws-directory-service/reviews)
  - [AWS Elastic Beanstalk](https://www.g2.com/products/aws-elastic-beanstalk/reviews)
  - [AWS Glue](https://www.g2.com/products/aws-glue/reviews)
  - [AWS Identity and Access Management (IAM)](https://www.g2.com/products/aws-identity-and-access-management-iam/reviews)
  - [AWS IoT Core](https://www.g2.com/products/aws-iot-core/reviews)
  - [AWS Key Management Service (KMS)](https://www.g2.com/products/aws-key-management-service-kms/reviews)
  - [Azure](https://www.g2.com/products/hopem-azure/reviews)
  - [BambooHR](https://www.g2.com/products/bamboohr/reviews)
  - [Breathe](https://www.g2.com/products/centurion-management-systems-breathe/reviews)
  - [CharlieHR](https://www.g2.com/products/charliehr/reviews)
  - [ChartHop](https://www.g2.com/products/charthop/reviews)
  - [Cloudwatch Logs connector for AWS Glue](https://www.g2.com/products/cloudwatch-logs-connector-for-aws-glue/reviews)
  - [Confluence](https://www.g2.com/products/confluence/reviews)
  - [Freshteam by Freshworks](https://www.g2.com/products/freshteam-by-freshworks/reviews)
  - [GitHub](https://www.g2.com/products/github/reviews)
  - [GitLab](https://www.g2.com/products/gitlab/reviews)
  - [Grok](https://www.g2.com/products/xai-grok/reviews)
  - [Gusto](https://www.g2.com/products/gusto/reviews)
  - [HiBob HRIS](https://www.g2.com/products/hibob-hris/reviews)
  - [HR Cloud](https://www.g2.com/products/hr-cloud-hr-cloud/reviews)
  - [HR Partner](https://www.g2.com/products/hr-partner/reviews)
  - [Humaans](https://www.g2.com/products/humaans/reviews)
  - [Humanforce](https://www.g2.com/products/humanforce/reviews)
  - [Jira](https://www.g2.com/products/jira/reviews)
  - [Justworks](https://www.g2.com/products/justworks/reviews)
  - [Lano](https://www.g2.com/products/lano/reviews)
  - [Lucca](https://www.g2.com/products/lucca/reviews)
  - [Microsoft 365](https://www.g2.com/products/microsoft365/reviews)
  - [Namely](https://www.g2.com/products/namely/reviews)
  - [Nmbrs](https://www.g2.com/products/nmbrs/reviews)
  - [Officient](https://www.g2.com/products/officient/reviews)
  - [Paychex](https://www.g2.com/products/paychex/reviews)
  - [Paylocity](https://www.g2.com/products/paylocity/reviews)
  - [PeopleHR On-Premise](https://www.g2.com/products/peoplehr-on-premise/reviews)
  - [Personio](https://www.g2.com/products/personio/reviews)
  - [ProLiant](https://www.g2.com/products/proliant/reviews)
  - [Sage HR](https://www.g2.com/products/sage-hr/reviews)
  - [SAP SuccessFactors HCM](https://www.g2.com/products/sap-sap-successfactors-hcm/reviews)
  - [Sesame](https://www.g2.com/products/landytech-sesame/reviews)
  - [Square Payroll](https://www.g2.com/products/square-payroll/reviews)
  - [TriNet](https://www.g2.com/products/trinet/reviews)
  - [UKG Pro](https://www.g2.com/products/ukg-pro/reviews)
  - [Workday](https://www.g2.com/products/workday-workday/reviews)

## Strike Graph Features
**Security**
- Compliance Monitoring
- Anomoly Detection
- Data Loss Prevention
- Cloud Gap Analytics

**Generative AI**
- AI Text Summarization
- AI Text Generation

**Generative AI**
- AI Text Summarization

**Compliance**
- Governance
- Data Governance
- Sensitive Data Compliance

**Workflows - Audit Management**
- Audit Trail
- Recommendations
- Collaboration Tools
- Integrations
- Planning & Scheduling

**Generative AI - Security Compliance**
- Predictive Risk
- Automated Documentation

**Platform AI Features - Policy Management**
- Reports
- Workflow Management

**Agentic AI - Regulatory Change Management**
- Autonomous Task Execution
- Multi-step Planning
- Cross-system Integration
- Natural Language Interaction
- Proactive Assistance

**Security**
- Data Security
- Data loss Prevention
- Security Auditing

**Administration**
- Policy Enforcement
- Auditing
- Workflow Management

**Documentation - Audit Management**
- Templates & Forms
- Checklists

**Identity**
- SSO
- Governance
- User Analytics

**Reporting & Analytics - Audit Management**
- Dashboard
- Audit Performance
- Industry Compliance

## Top Strike Graph Alternatives
  - [Drata](https://www.g2.com/products/drata/reviews) - 4.7/5.0 (1,322 reviews)
  - [Vanta](https://www.g2.com/products/vanta/reviews) - 4.6/5.0 (2,600 reviews)
  - [Secureframe](https://www.g2.com/products/secureframe/reviews) - 4.7/5.0 (805 reviews)

