December 2025 Recap: Scaling Compliance and Trust with Flexibility

A roundup of Drata’s December releases,from TISAX and ISO 27018 support to smarter insights and faster security reviews, built to scale trust and streamline GRC.

Continuous Compliance

Stay audit-ready.Drata helps teams automate evidence collection, streamline control testing, and maintain real-time visibility into compliance health, so you're always one step ahead of your next audit.

Insights with MTTR

A new dashboard in Insights shows mean time to resolution (MTTR) for failed monitoring tests, helping teams spot trends and close issues faster with clearer ownership and accountability.

TISAX Framework

Support for TISAX enables automotive and manufacturing companies to meet critical EU security standards, with built-in mapping to ISO 27001 and SOC 2 to reduce duplication and simplify cross-framework compliance.

ISO/IEC 27018:2025 Framework

New support for ISO 27018:2025 adds dedicated coverage for cloud privacy controls, helping organizations that process PII align privacy and security requirements across ISO and SOC 2.

Security Assurance

Prove trust—faster and at scale.

Security isn’t a promise, it’s proof. Drata accelerates how teams demonstrate posture through automated evidence, Trust Center updates, and intelligent questionnaire workflows.

Questionnaire Parsing for PDF, Word, TXT

You can now upload, parse, edit and export security questionnaires, preserving original formatting while reducing time spent on manual entry and formatting fixes.

Search in Questionnaires

New search functionality lets you locate questions by number or keyword inside large questionnaires, making long security reviews faster and easier to navigate.

Chrome Extension + Drata Portal Support

Drata questionnaires are now supported in our latest Chrome extension, allowing teams to autofill responses from Trust Center directly into Drata forms, cutting manual work and accelerating questionnaire completion.

Automated Governance

Turn governance into a system, not a spreadsheet.

Drata automates governance—the backbone of compliance programs—from policy approvals to access reviews. Instead of chasing down tasks, teams enforce workflows across tools and teams, all continuously monitored and audit-ready.

Custom Workflows

Flexible, no-code workflows can now trigger actions across your compliance stack based on 26 event types, from failed controls to personnel changes,making follow-ups instant and traceable.

What’s Coming Next

January will bring expanded personalization in Trust Centers, more AI-powered summaries across GRC, and a whole new look!

From continuous compliance to automated governance, every update is built to scale trust. Explore what Drata has to offer with a demo today.

Lindsey Morando

Director of Product Marketing

Lindsey Morando is the Director of Product Marketing at Drata, where she leads go-to-market strategy, product storytelling, enablement, and competitive differentiation to help scale the business.

Since joining as Drata’s first product marketing hire, she has built foundational GTM programs and led launches across multiple product domains—driving pipeline, accelerating feature adoption, and supporting durable revenue growth. Prior to Drata, Lindsey led product marketing teams in high-growth SaaS and CPG, bringing a blend of strategic clarity and hands-on execution to every stage of growth.

category + topics

Product Updates

Compliance

Trust Management

Subscribe to the Trusted Newsletter

Get biweekly expert insights so you never miss what’s next.

Chart Your Course

Navigate to new worlds of trust with Drata.