Try our new research platform with insights from 80,000+ expert users

What is Drata?

Get the report
Helped 856,807 peers since 2012

Featured Drata reviews

Drata mindshare

As of June 2025, the mindshare of Drata in the Compliance Management category stands at 6.8%, down from 18.2% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Compliance Management

PeerResearch reports based on Drata reviews

TypeTitleDate
CategoryCompliance ManagementJun 13, 2025Download
ProductReviews, tips, and advice from real usersJun 13, 2025Download
ComparisonDrata vs VantaJun 13, 2025Download
ComparisonDrata vs SentinelOne Singularity Cloud SecurityJun 13, 2025Download
ComparisonDrata vs WizJun 13, 2025Download
Suggested products
TitleRatingMindshareRecommending
Wiz4.530.1%95%22 interviewsAdd to research
Microsoft Defender for Cloud4.018.0%94%78 interviewsAdd to research
 
 
Key learnings from peers

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Top industries

By visitors reading reviews
Computer Software Company
22%
Financial Services Firm
8%
University
7%
Manufacturing Company
6%
Educational Organization
5%
Retailer
5%
Real Estate/Law Firm
4%
Performing Arts
4%
Comms Service Provider
4%
Energy/Utilities Company
4%
Insurance Company
3%
Non Profit
3%
Healthcare Company
3%
Construction Company
3%
Wholesaler/Distributor
2%
Legal Firm
2%
Outsourcing Company
2%
Hospitality Company
2%
Government
2%
Media Company
2%
Transportation Company
2%
Consumer Goods Company
2%
Logistics Company
1%
 

Drata reviews

Sort by:
AS
Chief Information Security Officer at Northstar Security Consulting
Verified user of Drata
Sep 25, 2024
Manages documents and schedules with integrations and organizational efficiency
Johnny Chen - PeerSpot user
SecOps Engineer III at FINIX PAYMENTS, INC
Verified user of Drata
Sep 11, 2024
Collects and stores compliance evidence and documentation for you using native integrations with your tech stack.

Pros

"Drata keeps adding new features, allowing us to build our entire InfoSec program within it. Adding new components and evidence for different audits is easy. Drata also integrates with various software, like ticketing systems, source code control, and cloud platforms, continuously pulling evidence from these integrations. Without a GRC tool with these integrations, we used to gather evidence from different software during audits manually. Drata has a significant impact on our security posture management. Previously, Drata had features for security posture management, primarily through integration with AWS. For example, it would scan AWS for specific security requirements, like ensuring all S3 buckets are private. It will be reported on the Drata platform if it finds a public bucket. Recently, Drata introduced a new feature that uses an infrastructure-as-code approach. This feature detects issues and provides AI-generated suggestions for fixing them. If an organization uses infrastructure-as-code solutions like Terraform, Drata will suggest changes to the Terraform code to address the issues. You can then review and apply these changes to fix the problems. This is particularly useful when dealing with many topics, as it helps automate and speed up the process of implementing fixes. However, this AI-generated code feature is part of Drata’s upsell options. The basic version of Drata offers limited capabilities compared to the advanced features available with a paid upgrade. Even without this new feature, Drata's security posture management is valuable, as it scans cloud environments for deviations from defined security baselines. Many tools offer similar capabilities, but Drata’s new feature that translates issues into actionable fixes is a notable advancement. This benefits teams with the capability and resources to use this tool effectively."

Cons

"There is room for improvement in Drata. The core features are solid, but some new features are in a very MVP (Minimum Viable Product) stage. They work, but the user experience isn't always smooth. While the core features are well-developed compared to the market, the new features need more polish. They could benefit from more user feedback and iterations to make them more useful. Some of these new features look promising buthave flaws, so we can’t fully adopt them or justify paying extra for them now. The user interface is clean and intuitive. However, you'll need some specific knowledge if you're a security policy manager or need to set updifferent integrations. "
Find out what your peers are saying about Drata. Updated June 2025
856,807 professionals have used our research since 2012.
LindaBrown - PeerSpot user
Founder at Viridis Security
Verified user of Drata
Jul 30, 2024
Helps eliminate evidence gathering and makes assigning different activities easier, simplifying compliance and audit processes

Pros

"Drata helps eliminate evidence gathering and makes assigning different activities to different team members easier, simplifying compliance and audit processes. In Pennsylvania, we're putting in thousands of hours. Drata improves our security posture by reducing extra work, allowing us to focus on other security directives. I like the control editing and task management features the most. It's easy to use, but it's also easy for people to think they don't need security experts if they have it. "

Cons

"In terms of improvements, I'd suggest better marketing since the industry tends to market these tools as security experts, which isn't true. "
Juan Esteves - PeerSpot user
Cyber Security Engineer at Rather Labs
Verified user of Drata
Aug 6, 2024
Friendly to use and offers powerful functionalities

Pros

"The product is 100 percent friendly to use."

Cons

"The product can improve in its API documentation area."
SC
Independent consultant at Independent
Verified user of Drata
Nov 26, 2024
Offers APIs for every clause so that it can integrate into various platforms

Pros

"Drata offers APIs for every clause so that it can integrate into various platforms. "

Cons

"The existing features of Drata are already extensive and costly to integrate. "
reviewer2509113 - PeerSpot user
Auditor at a tech vendor with 51-200 employees
Verified user of Drata
Jul 9, 2024
Achieves both SOC 2 and ISO 27001 compliance with improved security posture

Pros

"Drata helped us publish our ISO and SOC reports, which was essential for the acquisition. The challenge now is whether Drata can scale up to meet the needs of a larger company, which already has tools like Intune to enforce laptop encryption. Drata is excellent for startups and small—to medium-sized companies but may face challenges in larger organizations with multiple environments. "

Cons

"One of the challenges with Drata is that if you're paying for a subscription to ISO 27001, you must undergo a risk assessment. You should have access to all necessary modules on the platform to achieve your compliance posture and certification."
PeerSpot user
Senior Staff Auditor at a financial services firm with 51-200 employees
Verified user of Drata
Aug 6, 2024
User-friendly and supports SAST and HIPAA frameworks

Pros

"The way the tool's controls are linked to the framework, specifically with SAST and HIPAA frameworks or any other frameworks, is really good."

Cons

"The thing with Drata is you cannot open multiple tabs on the same interface or the same desktop,"
BhupendraSharma - PeerSpot user
Cloud and DevOps Engineer at Betaque
Verified user of Drata
Nov 19, 2023
A comprehensive solution to reduce vulnerabilities and address loopholes in the infrastructure

Cons

"The solution is quite costly."