Drata Reviews

Name: Drata
Brand: Drata
Rating: 3.8 (9 reviews)

Vendor: Drata

3.8 out of 5

9 reviews
88% willing to recommend

What is Drata?

Drata is a powerful tool for automating compliance processes, effectively reducing audit preparation time and continuously monitoring security controls. It is highly valued for its ability to integrate seamlessly with existing tech stacks and manage security for remote teams, ensuring adherence to standards like SOC 2 and HIPAA. Drata enhances organizational efficiency, improves workflows, and supports real-time compliance monitoring, making compliance management less stressful and more accurate.

Get the Drata Buyer's Guide and find out what your peers are saying about Drata, Wiz, Microsoft Defender for Cloud and more!

Drata is the #4 ranked solution in top Compliance Management solutions. PeerSpot users give Drata an average rating of 7.6 out of 10. Drata is most commonly compared to Wiz: Drata vs Wiz. Drata is popular among the large enterprise segment, accounting for 47% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 22% of all views.

Helped 860,632 peers since 2012

Featured Drata reviews

Johnny Chen

SecOps Engineer III at FINIX PAYMENTS, INC

There is room for improvement in Drata. The core features are solid, but some new features are in a very MVP (Minimum Viable Product) stage. They work, but the user experience isn't always smooth. While the core features are well-developed compared to the market, the new features need more polish. They could benefit from more user feedback and iterations to make them more useful. Some of these new features look promising buthave flaws, so we can’t fully adopt them or justify paying extra for them now. The user interface is clean and intuitive. However, you'll need some specific knowledge if you're a security policy manager or need to set updifferent integrations.

Read full review

LindaBrown

Founder at Viridis Security

Drata helps eliminate evidence gathering and makes assigning different activities to different team members easier, simplifying compliance and audit processes. In Pennsylvania, we're putting in thousands of hours. Drata improves our security posture by reducing extra work, allowing us to focus on other security directives. I like the control editing and task management features the most. It's easy to use, but it's also easy for people to think they don't need security experts if they have it.

Read full review

Juan Esteves

Cyber Security Engineer at Rather Labs

Impact of the product on your company's security posture management has been great because we had a team of three people in the security part, and I was their technical leader. In our company, we have a CIO and an operations team. We have only three people on the team, and Drata helps us to increase and enhance the maturity of our controls and evidence for future auditing and other compliance assessments. With the automated evidence feature of the product, we connected all our platforms, like Amazon, and then we connected with GitHub Enterprise to get information about the outbound application. Data has a control panel for third parties so that they can read or know what controls are working and how, which is a breaking advantage for such a tool. The product is 100 percent friendly to use. I rate Drata's integration capabilities as an eight out of ten. If I have ten people with Excel and fully commit to write the controls, then maybe we won't require Drata. If you have a small team, and you want to hurry up with things in your company, Drata is the perfect solution. I rate the tool an eight out of ten.

Read full review

Drata mindshare

As of July 2025, the mindshare of Drata in the Compliance Management category stands at 6.7%, down from 17.4% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Compliance Management

PeerResearch reports based on Drata reviews

Type	Title	Date
Category	Compliance Management	Jul 5, 2025	Download
Product	Reviews, tips, and advice from real users	Jul 5, 2025	Download
Comparison	Drata vs SentinelOne Singularity Cloud Security	Jul 5, 2025	Download
Comparison	Drata vs Wiz	Jul 5, 2025	Download
Comparison	Drata vs Vanta	Jul 5, 2025	Download

Title	Rating	Mindshare	Recommending
Wiz	4.5	30.1%	95%	22 interviews Add to research
Microsoft Defender for Cloud	4.0	18.1%	94%	78 interviews Add to research

Valuable Features

Users have expressed high regard for several features of Drata with compliance automation being at the forefront. This functionality dramatically simplifies the complex and often cumbersome process of maintaining continuous compliance across various standards. Automation not only reduces manual oversight but also enhances accuracy. Another highly appreciated feature is the integration capabilities of Drata.

Users find that Drata seamlessly integrates with existing tech stacks, facilitating a more unified approach to security and compliance management. The audit trail features are noted for their efficiency, making audits less stressful and more manageable by providing clear, detailed logs and histories of compliance activities. Clients commend the real-time monitoring systems that immediately alert them to any compliance discrepancies or potential issues, enabling swift corrective action.

"My experience with customer support was good; they were responsive, but they didn't ever get us to a solution that worked."
"Drata offers APIs for every clause so that it can integrate into various platforms."
"Drata keeps adding new features, allowing us to build our entire InfoSec program within it. Adding new components and evidence for different audits is easy. Drata also integrates with various software, like ticketing systems, source code control, and cloud platforms, continuously pulling evidence from these integrations. Without a GRC tool with these integrations, we used to gather evidence from different software during audits manually.Drata has a significant impact on our security posture management. Previously, Drata had features for security posture management, primarily through integration with AWS. For example, it would scan AWS for specific security requirements, like ensuring all S3 buckets are private. It will be reported on the Drata platform if it finds a public bucket.Recently, Drata introduced a new feature that uses an infrastructure-as-code approach. This feature detects issues and provides AI-generated suggestions for fixing them. If an organization uses infrastructure-as-code solutions like Terraform, Drata will suggest changes to the Terraform code to address the issues. You can then review and apply these changes to fix the problems. This is particularly useful when dealing with many topics, as it helps automate and speed up the process of implementing fixes. However, this AI-generated code feature is part of Drata’s upsell options. The basic version of Drata offers limited capabilities compared to the advanced features available with a paid upgrade.Even without this new feature, Drata's security posture management is valuable, as it scans cloud environments for deviations from defined security baselines. Many tools offer similar capabilities, but Drata’s new feature that translates issues into actionable fixes is a notable advancement. This benefits teams with the capability and resources to use this tool effectively."

Room for Improvement

Drata could benefit from enhancing its user interface to make it more intuitive and user-friendly, as some users find navigation somewhat confusing. There are suggestions for broader integration capabilities with a wider range of third-party tools to streamline processes. Another area for advancement is in customer support; users have expressed a need for quicker response times and more detailed guidance through complex issues. Improving the customization options to allow users more flexibility in tailoring the platform to specific organizational needs could significantly boost user satisfaction.

"Drata has impacted our organization negatively, as it made the whole compliance process more complicated and cost me significant time."
"The existing features of Drata are already extensive and costly to integrate."
"There is room for improvement in Drata. The core features are solid, but some new features are in a very MVP (Minimum Viable Product) stage. They work, but the user experience isn't always smooth. While the core features are well-developed compared to the market, the new features need more polish. They could benefit from more user feedback and iterations to make them more useful. Some of these new features look promising buthave flaws, so we can’t fully adopt them or justify paying extra for them now. The user interface is clean and intuitive. However, you'll need some specific knowledge if you're a security policy manager or need to set updifferent integrations."

ROI

Users reported significant benefits from using Drata, noting particularly that it streamlined their compliance processes and significantly reduced the time and resources needed for audit preparations. This efficiency translated into substantial cost savings and enhanced team productivity, which users felt positively impacted their ROI. They appreciated Drata’s automation capabilities for continuous compliance monitoring, which further minimized manual workloads and allowed them to allocate resources to other critical areas of development.

Pricing

Drata's pricing is reasonable and competitive. The setup cost is noted to be low, with many appreciating a straightforward implementation process. Licensing is typically described as flexible, catering to different sizes and types of businesses, which many users find beneficial.

"Drata's pricing is quite reasonable. Compared to other tools in the market, including its biggest competitor, Vanta, Drata is much cheaper. Even compared to other tools like AuditBoard, which aren’t as good, Drata’s price remains competitive."
"I remember that my company used to pay 25,000 USD to use the product...The product's cost is really high, but it is a powerful tool."
"It's one of the more expensive options, but I think it's worth the money if you can afford it."

Popular Use Cases

Drata is primarily utilized for automating compliance processes, drastically reducing the time and effort needed for preparing audits. Organizations often use it for continuously monitoring security controls, ensuring that they consistently meet various compliance standards such as SOC 2, HIPAA, or ISO.

Another common application is managing the security of remote workforces, where Drata helps enforce and track adherence to security policies across distributed teams. Additionally, its capabilities in integrating with existing tech stacks make it a vital tool for streamlining security workflows and maintaining up-to-date documentation, critical for audit preparedness and operational transparency.

Service and Support

Drata's customer service and support are highly praised. Users find the support team to be incredibly helpful, responsive, and knowledgeable. There are frequent mentions of the staff's promptness in addressing issues and their ability to provide clear, effective solutions.

Deployment

Implementing Drata as a new tech solution is notably efficient and streamlined. Even users new to security, particularly those with a solid understanding of cloud services, find that they can swiftly grasp and utilize the entire system by following a straightforward step-by-step process. This ease of setup ensures quick deployment, enabling users to leverage the full capabilities of the infrastructure without extensive delays typically associated with new software integration.

Scalability

Users find the product capable of efficiently managing increased workloads and adapting to larger operations without sacrificing performance. The system is praised for its ability to integrate seamlessly with growing business needs, accommodating new regulations and compliance requirements as companies expand.

Stability

The stability of Drata has generally been considered reliable and robust. Users appreciate the consistent performance and minimal downtime, suggesting that the platform effectively manages compliance processes without major issues.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Drata Buyer's Guide for additional reliable information.