Drata Trust Center a smart way to share your company security posture
What do you like best about the product?
Apart from the main use of the Drata solution focused on compliance monitoring, the platform also provides an easy way to share with customers your company security posture thanks to the Drata Trust Center. Trust Center enablement is very easy and takes little time, moreover, the integration with Docusign is an added value.
What do you dislike about the product?
The Trust Center should have more customization capabilities, especially for the UX look and feel and the contents that may be published
What problems is the product solving and how is that benefiting you?
Once Drata is properly configured for cloud/security compliance the Trust center can be enabled with few clicks.
Solid product, helpful support
What do you like best about the product?
- Most important integrations are available and easy to setup
- Drata Agent as lightweight MDM solution
- Simple UI which gets the job done
- REST API to build custom workflows
- OOTB policy templates with guidance
- Customer support is friendly, helpful and usually quick to respond
- Trust page
What do you dislike about the product?
- While SOC 2 is well documented in the help center, ISO 27001 is not always mentioned as well.
- More integrations that could be helpful
What problems is the product solving and how is that benefiting you?
Drata is helping us building and improving processes around compliance and security. It has helped us preparing us for ISO 27001:2022.
Fairly intuitive product
What do you like best about the product?
Really helpful complimentary documentation, especially for the policies. I did need to reach out to ask for help in order to find the right sections of this documentation but now that I know where it is, super helpful (could be useful to link out in the comments at the top of each policy). The UI is simple to use and has easy link outs ot more details.
What do you dislike about the product?
I expected a formal onboarding, which was never setup or suggested. This may be because I was familiar with similar tools and had already started asking questions, indicating I was already using the platform but it felt like I just suddenly had this tool and needed to find my way from day 1.
What problems is the product solving and how is that benefiting you?
Getting our SOC2 and ensuring constant monitoring as we work to get there.
A comprehensive solution to reduce vulnerabilities and address loopholes in the infrastructure
What is our primary use case?
I was working on a project that required using ROC tools and SOC 2 compliance. To address this, we integrated with the Drata tool to reduce vulnerabilities in the infrastructure and address other loopholes. Additionally, Drata seamlessly integrated with our cloud services, including SysTrack S3 and other key creation and GuardDuty services.
Drata can identify loopholes and provide solutions for improved security. Drata secures the organisation's infrastructure, achieve SOC 2 compliance, and address HIPAA requirements. It can identify and close security loopholes proactively.
What is most valuable?
Drata is a comprehensive and informative tool that provides in-depth guidance on how to protect your infrastructure. However, it is also quite expensive and requires restarting if any loopholes are available.
What needs improvement?
The solution has a latency of three to five minutes. Also, the solution is quite costly.
For how long have I used the solution?
I have been using Drata as a customer for eight to nine months.
What do I think about the stability of the solution?
The product is stable.
I rate the solution’s stability a nine-point five out of ten.
What do I think about the scalability of the solution?
We were six guys using this product.
I rate the solution’s scalability a nine-point five out of ten.
Which solution did I use previously and why did I switch?
We used Drata only because it is popular. Also, the organization supports the use of Drata for SOC 2 compliance.
How was the initial setup?
The initial setup is straightforward and user-friendly, making it accessible to anyone. If a guy starts the journey in security, this tool will help. He can quickly pick up the entire information if he has extensive knowledge about cloud services. He needs to follow the steps to use the whole infrastructure.
What other advice do I have?
It would be helpful if the solution could provide screenshots to illustrate the steps outlined. Additionally, provide a day-by-day breakdown of the tasks, addressing potential loopholes that users may encounter. For instance, if we need to address three buckets, we could tackle each bucket one day at a time. This approach would make the process less overwhelming and more manageable. Drata provides steps on how to handle low falls. To do this, you need to turn certain options on or off. You can also edit or track these points. Additionally, you can include screenshots and highlight specific areas of interest.
Overall, I rate the solution a nine-point five out of ten.
Great Tool and Support!
What do you like best about the product?
Drata helped us to stay organized and aware of deliverables for continuous compliance.
- The platform is easy to use
- Interface is friendly
- Compliance Monitoring
- Ease of Implematation
- Customer Support
What do you dislike about the product?
There isn't much to complain about.
Even though there were a minor issues with integrations, the team was still able to provide soultions to help with automated contols.
What problems is the product solving and how is that benefiting you?
SOC 2 compliance
Great at reducing work across multiple audit frameworks.
What do you like best about the product?
I like the automated monitoring to be confident that we're compliant year-round. It's also really good at providing templates for commonly needed policies, risk reviews, and more. When you start with one framework like SOC 2 and add a second in the future like ISO 27001, you won't need to gather all-new evidence; each control is mapped to all applicable standards.
What do you dislike about the product?
It's difficult to exclude some out-of-scope resources in an environment that's always changing, as exceptions are done on an individual resource basis. For example, if your AWS account has applications in scope for GDPR plus many others, they'll all get pulled into Drata and it's not easy to stay on top of the exceptions.
What problems is the product solving and how is that benefiting you?
It helps us get ready for security compliance audits. Saves hours of prep and saves time on calls with auditors by giving them a portal where they can see live status. However, it doesn't cover nearly all of what a thorough auditor will ask for, so it's not a magic bullet.
Drata has been great for our start-up.
What do you like best about the product?
The project team assigned to our account, as well as the Drata platform itself, have both been top notch. Great experience.
What do you dislike about the product?
Not much to report here! We haven't come across any negatives yet.
What problems is the product solving and how is that benefiting you?
In our SaaS product, start-up environment, Drata is helping us remain aligned on our "security first" approach to our product and security posture. The platform is also helping us remain on track towards our SOC2 certification goals.
Great platform and outstanding customer success team!
What do you like best about the product?
The navigation and user interface are well organized and easy to use. The Customer Success Team is outstanding! Jessica has been a fantastic resource to us.
What do you dislike about the product?
Sometimes the integrations don't enable accurate updates.
What problems is the product solving and how is that benefiting you?
Drata allows us to project manage our SOC-2 and GDPR requirements and evaluations.
Good customer experience despite a rocky start
What do you like best about the product?
Knowledgeable customer success managers to help guiding our team through SOC2. Comprehensive software product, easy to integrate with our infrastructure.
What do you dislike about the product?
Some lost momentum in our SOC2 implementation, especially when it came to writing our policies. The template experience is overwhelming, and the Drata team took too long to identify that we needed help and an external partnership to succeed at writing our policies.
What problems is the product solving and how is that benefiting you?
Guiding our team through SOC2 compliance, starting with 0 knowledge.
A simple method for monitoring assets, staying compliant with various frameworks and controls.
What do you like best about the product?
The "Help Center", ease of use for the portal, tracking employee compliance and my customer success manager.
What do you dislike about the product?
I wish I was able to search policies for key words.
What problems is the product solving and how is that benefiting you?
Tracking everything in one dashboard and focusing on tasks that need to be completed.
