Drata

JSON twin: https://www.healthaidb.com/software/drata.json

Company Name

Drata

Product URL

https://drata.com

Company URL

https://drata.com

Categories

• governance Risk And Compliance
• compliance Automation
• risk Management
• security
• policy Management
• audit Management
• vendor Management
• data Privacy
• regulatory Compliance
• Governance, Risk, And Compliance (grc)
• Security Assurance
• Audit Readiness
• Security Monitoring

Summary

Drata is an AI-powered governance, risk, and compliance (GRC) platform that automates compliance processes, manages risks, and accelerates security reviews to help businesses grow faster.

Description

Drata offers a comprehensive suite of tools designed to streamline compliance with various frameworks, including HIPAA, SOC 2, CCPA, PCI DSS, HITRUST, and GDPR. Its platform automates control monitoring, evidence collection, policy management, and risk assessments, providing real-time visibility into security posture and facilitating continuous audit readiness. Drata's integrations with over 75 applications and its AI-driven workflows enable efficient management of internal and vendor risks, reducing manual tasks and enhancing operational resilience.

Api Available

yes

Certifications

• ISO 27001
• ISO 27701
• ISO 27017
• ISO 27018
• ISO 42001
• CIS v8.1
• HITRUST

Company Founding

2020

Company Offices

• United States
• United Kingdom
• Canada
• Australia
• India
• Singapore
• Germany
• France
• Netherlands
• Sweden

Compliance

• HIPAA
• GDPR
• SOC 2
• ISO 27001
• PCI DSS
• Cyber Essentials
• CCPA
• CMMC
• Microsoft SSAE 18
• NIST CSF
• ISO 27701
• FedRAMP
• ISO 27017
• ISO 27018
• NIS 2
• DORA
• ISO 42001
• CIS v8.1
• HITRUST

Customers

• Verified User in Hospital & Health Care
• Verified User in Financial Services

Data Residency

US/EU regions

Data Standards

• SOC 2
• ISO 27001
• HIPAA
• GDPR
• PCI DSS
• Cyber Essentials
• CCPA
• CMMC
• Microsoft SSAE 18
• NIST CSF

Deployment Model

• SaaS

Features

• Automated evidence collection
• Continuous control monitoring
• Policy and access management
• Automated risk assessments
• Vendor risk management
• Pre-mapped compliance frameworks
• Customizable controls and policies
• Real-time security reports
• Built-in training management
• Automated access reviews
• Audit readiness dashboard
• AI-powered risk analysis
• Automated testing workflows
• Centralized governance
• Automated monitoring of controls

Id

SW1246

Integration Partners

• AWS
• Microsoft 365
• Intune

Integrations

• Security training solutions
• Background check providers
• MDM systems
• CRM systems
• Productivity apps
• Tines
• Torq
• Tray.io

Languages Supported

• English
• Spanish
• French
• German
• Italian
• Portuguese
• Dutch
• Swedish
• Norwegian
• Danish
• Finnish
• Russian
• Chinese (Simplified)
• Chinese (Traditional)
• Japanese
• Korean
• Arabic
• Hebrew
• Turkish
• Hindi

Last Updated

2025-10-11

License

commercial

Market Segment

• enterprise
• smb

Optional Modules

• Custom frameworks
• Custom controls
• Customizable workflows
• Customizable risk register
• Customizable risk categories
• Customizable risk filters
• Customizable risk owners
• Customizable risk treatments
• Customizable risk scoring
• Customizable risk mapping

Os Platforms

• Web

Pricing Details

Contact vendor for pricing information.

Pricing Model

subscription

Privacy Features

• BAA available
• Consent management
• Anonymization
• Data minimization

Product Code

SW1246

Product Name

Drata

Ratings

• 4.8 out of 5 stars (1,092 reviews) - G2

Regions Available

• United States
• Canada
• European Union
• United Kingdom
• Australia
• India
• Singapore
• Japan
• South Korea
• Brazil
• Mexico
• South Africa
• New Zealand
• United Arab Emirates
• Saudi Arabia
• Israel
• Switzerland
• Norway
• Sweden
• Denmark

Related Urls

• https://www.forbes.com/companies/drata/
• https://www.prnewswire.com/news-releases/drata-celebrates-four-years-of-transforming-governance-risk-and-compliance-crossing-100-million-in-annual-recurring-revenue-302379885.html
• https://www.prnewswire.com/news-releases/drata-becomes-the-first-compliance-automation-platform-to-achieve-aws-security-competency-status-302108113.html
• https://www.linkedin.com/company/drata
• https://sp-edge.com/companies/1244751
• https://app.dealroom.co/companies/drata
• https://sdccoe.org/drata/
• https://elion.health/products/drata

Release Year

2020

Security Features

• Encryption
• RBAC
• SSO/SAML
• Audit logs
• 2FA
• DLP

Specialties

• Hipaa Compliance
• Soc 2 Compliance
• Ccpa Compliance
• Pci Dss Compliance
• Hitrust Compliance
• Gdpr Compliance
• Risk Management
• Security Assurance
• Policy Management
• Audit Readiness
• Vendor Management
• Data Privacy
• Regulatory Compliance
• Security Monitoring

Support Channels

• email
• phone
• chat
• ticketing
• community
• 24x7

System Requirements

Target Users

• compliance officers
• security teams
• IT administrators
• risk managers
• auditors
• legal teams
• executives

Training Options

• documentation
• webinars
• live_online
• onsite
• certification

Type

product

User Reviews

• Drata is very easy and intuitive to use, it saves a lot of intensive manual work, and we use it very frequently. The support is very responsive and fast, one of the best support teams we have dealt with. The implementation phase was also easy in terms of setting up the connections, integrations, and just kicking off the process. Drata supports a wide range of integrations too.
• Drata provides a clear dashboard view of the frameworks we work towards, clear connections to controls, the capabilities of ownership and maintenance of our ISMS and risk management. The supplier management section is also super helpful! Implementation was easy and using the connections and integrations we were set up and running within two weeks. The ability to be part of the roadmap and feedback to Drata using customer support really makes you feel part of a family. When I log on to our system, Drata is one of the first applications I open and it stays with me all day.
• Drata is proactive, timely, and professional — whenever there’s a problem, help is never far away; the team is friendly and professional, the AI and human help options save valuable time, the well-structured management software is easy to implement and easy to use, I use it daily multiple times, and Drata is the best solution we’ve ever tried.
• Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company's security controls, while streamlining compliance workflows end-to-end to ensure a strong security posture, lower costs, and less time spent preparing for audits.
• Drata is a security and compliance automation platform designed to streamline the process of achieving and maintaining various compliance standards. Drata helps thousands of companies streamline compliance for SOC 2, ISO 27001, HIPAA, GDPR, and many more through continuous, automated control monitoring and evidence collection.

Version

1.0

Alternatives

See related products

Canonical JSON

{
  "product_name": "Drata",
  "company_name": "Drata",
  "product_url": "https://drata.com",
  "company_url": "https://drata.com",
  "related_urls": [
    "https://www.forbes.com/companies/drata/",
    "https://www.prnewswire.com/news-releases/drata-celebrates-four-years-of-transforming-governance-risk-and-compliance-crossing-100-million-in-annual-recurring-revenue-302379885.html",
    "https://www.prnewswire.com/news-releases/drata-becomes-the-first-compliance-automation-platform-to-achieve-aws-security-competency-status-302108113.html",
    "https://www.linkedin.com/company/drata",
    "https://sp-edge.com/companies/1244751",
    "https://app.dealroom.co/companies/drata",
    "https://sdccoe.org/drata/",
    "https://elion.health/products/drata"
  ],
  "product_code": "SW1246",
  "summary": "Drata is an AI-powered governance, risk, and compliance (GRC) platform that automates compliance processes, manages risks, and accelerates security reviews to help businesses grow faster.",
  "description": "Drata offers a comprehensive suite of tools designed to streamline compliance with various frameworks, including HIPAA, SOC 2, CCPA, PCI DSS, HITRUST, and GDPR. Its platform automates control monitoring, evidence collection, policy management, and risk assessments, providing real-time visibility into security posture and facilitating continuous audit readiness. Drata's integrations with over 75 applications and its AI-driven workflows enable efficient management of internal and vendor risks, reducing manual tasks and enhancing operational resilience.",
  "categories": [
    "governance Risk And Compliance",
    "compliance Automation",
    "risk Management",
    "security",
    "policy Management",
    "audit Management",
    "vendor Management",
    "data Privacy",
    "regulatory Compliance",
    "Governance, Risk, And Compliance (grc)",
    "Compliance Automation",
    "Risk Management",
    "Security Assurance",
    "Policy Management",
    "Audit Readiness",
    "Vendor Management",
    "Data Privacy",
    "Regulatory Compliance",
    "Security Monitoring"
  ],
  "market_segment": [
    "enterprise",
    "smb"
  ],
  "target_users": [
    "compliance officers",
    "security teams",
    "IT administrators",
    "risk managers",
    "auditors",
    "legal teams",
    "executives"
  ],
  "specialties": [
    "Hipaa Compliance",
    "Soc 2 Compliance",
    "Ccpa Compliance",
    "Pci Dss Compliance",
    "Hitrust Compliance",
    "Gdpr Compliance",
    "Risk Management",
    "Security Assurance",
    "Policy Management",
    "Audit Readiness",
    "Vendor Management",
    "Data Privacy",
    "Regulatory Compliance",
    "Security Monitoring"
  ],
  "regions_available": [
    "United States",
    "Canada",
    "European Union",
    "United Kingdom",
    "Australia",
    "India",
    "Singapore",
    "Japan",
    "South Korea",
    "Brazil",
    "Mexico",
    "South Africa",
    "New Zealand",
    "United Arab Emirates",
    "Saudi Arabia",
    "Israel",
    "Switzerland",
    "Norway",
    "Sweden",
    "Denmark"
  ],
  "languages_supported": [
    "English",
    "Spanish",
    "French",
    "German",
    "Italian",
    "Portuguese",
    "Dutch",
    "Swedish",
    "Norwegian",
    "Danish",
    "Finnish",
    "Russian",
    "Chinese (Simplified)",
    "Chinese (Traditional)",
    "Japanese",
    "Korean",
    "Arabic",
    "Hebrew",
    "Turkish",
    "Hindi"
  ],
  "pricing_model": "subscription",
  "pricing_details": "Contact vendor for pricing information.",
  "license": "commercial",
  "company_offices": [
    "United States",
    "United Kingdom",
    "Canada",
    "Australia",
    "India",
    "Singapore",
    "Germany",
    "France",
    "Netherlands",
    "Sweden"
  ],
  "company_founding": "2020",
  "deployment_model": [
    "SaaS"
  ],
  "os_platforms": [
    "Web"
  ],
  "features": [
    "Automated evidence collection",
    "Continuous control monitoring",
    "Policy and access management",
    "Automated risk assessments",
    "Vendor risk management",
    "Pre-mapped compliance frameworks",
    "Customizable controls and policies",
    "Real-time security reports",
    "Built-in training management",
    "Automated access reviews",
    "Audit readiness dashboard",
    "AI-powered risk analysis",
    "Automated testing workflows",
    "Centralized governance",
    "Automated monitoring of controls"
  ],
  "optional_modules": [
    "Custom frameworks",
    "Custom controls",
    "Customizable workflows",
    "Customizable risk register",
    "Customizable risk categories",
    "Customizable risk filters",
    "Customizable risk owners",
    "Customizable risk treatments",
    "Customizable risk scoring",
    "Customizable risk mapping"
  ],
  "integrations": [
    "Security training solutions",
    "Background check providers",
    "MDM systems",
    "CRM systems",
    "Productivity apps",
    "Tines",
    "Torq",
    "Tray.io"
  ],
  "data_standards": [
    "SOC 2",
    "ISO 27001",
    "HIPAA",
    "GDPR",
    "PCI DSS",
    "Cyber Essentials",
    "CCPA",
    "CMMC",
    "Microsoft SSAE 18",
    "NIST CSF"
  ],
  "api_available": "yes",
  "system_requirements": "",
  "compliance": [
    "HIPAA",
    "GDPR",
    "SOC 2",
    "ISO 27001",
    "PCI DSS",
    "Cyber Essentials",
    "CCPA",
    "CMMC",
    "Microsoft SSAE 18",
    "NIST CSF",
    "ISO 27701",
    "FedRAMP",
    "ISO 27017",
    "ISO 27018",
    "NIS 2",
    "DORA",
    "ISO 42001",
    "CIS v8.1",
    "HITRUST"
  ],
  "certifications": [
    "ISO 27001",
    "ISO 27701",
    "ISO 27017",
    "ISO 27018",
    "ISO 42001",
    "CIS v8.1",
    "HITRUST"
  ],
  "security_features": [
    "Encryption",
    "RBAC",
    "SSO/SAML",
    "Audit logs",
    "2FA",
    "DLP"
  ],
  "privacy_features": [
    "BAA available",
    "Consent management",
    "Anonymization",
    "Data minimization"
  ],
  "data_residency": "US/EU regions",
  "customers": [
    "Verified User in Hospital & Health Care",
    "Verified User in Financial Services"
  ],
  "user_reviews": [
    "Drata is very easy and intuitive to use, it saves a lot of intensive manual work, and we use it very frequently. The support is very responsive and fast, one of the best support teams we have dealt with. The implementation phase was also easy in terms of setting up the connections, integrations, and just kicking off the process. Drata supports a wide range of integrations too.",
    "Drata provides a clear dashboard view of the frameworks we work towards, clear connections to controls, the capabilities of ownership and maintenance of our ISMS and risk management. The supplier management section is also super helpful! Implementation was easy and using the connections and integrations we were set up and running within two weeks. The ability to be part of the roadmap and feedback to Drata using customer support really makes you feel part of a family. When I log on to our system, Drata is one of the first applications I open and it stays with me all day.",
    "Drata is proactive, timely, and professional — whenever there’s a problem, help is never far away; the team is friendly and professional, the AI and human help options save valuable time, the well-structured management software is easy to implement and easy to use, I use it daily multiple times, and Drata is the best solution we’ve ever tried.",
    "Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company's security controls, while streamlining compliance workflows end-to-end to ensure a strong security posture, lower costs, and less time spent preparing for audits.",
    "Drata is a security and compliance automation platform designed to streamline the process of achieving and maintaining various compliance standards. Drata helps thousands of companies streamline compliance for SOC 2, ISO 27001, HIPAA, GDPR, and many more through continuous, automated control monitoring and evidence collection."
  ],
  "ratings": [
    "4.8 out of 5 stars (1,092 reviews) - G2"
  ],
  "support_channels": [
    "email",
    "phone",
    "chat",
    "ticketing",
    "community",
    "24x7"
  ],
  "training_options": [
    "documentation",
    "webinars",
    "live_online",
    "onsite",
    "certification"
  ],
  "release_year": "2020",
  "integration_partners": [
    "AWS",
    "Microsoft 365",
    "Intune"
  ],
  "id": "SW1246",
  "slug": "drata",
  "type": "product",
  "version": "1.0",
  "last_updated": "2025-10-11",
  "links_json": {
    "self": "https://www.healthaidb.com/software/drata.json"
  }
}