How Drata Empowers Katalon with Real-Time Visibility on Its Way to SOC 2 Compliance

A case of how the path to SOC 2 is just as important as receiving the attestation report
ABOUT Katalon
Katalon is a continuous testing platform helping teams of all sizes build better software faster through practical, cohesive, and innovative test tools.
Enterprise Software & Solution

The Challenge

Katalon had the benefit of going through the ISO 27001 and SOC 2 audit experience while under its former parent company, and this helped us to be aware of some potential opportunities for improvement from a strictly manual approach. With security and compliance as a critical component to Katalon’s success, we wanted to be efficient in our pursuit to do it all over again while operating as an independent company.

Some areas of focus for us included meeting customer third-party risk assurance needs, improving brand protection, building stakeholder trust, and accelerating the sales process and onboarding. Other opportunities included support and scalability for Katalon’s fast-paced growth, globally distributed workforce, and an increasing mix of small and large customers globally who, in turn, have wide regulatory risk profiles.

We wanted to quickly demonstrate progress, enable ease of use for the team, and work from a single source of truth with our external auditors. We knew that selecting the right fit for an automation tool would be vital to help us towards the SOC 2 compliance journey.

Why Drata

From our research, it was clear to see Drata is the most current, automation-focused compliance platform out there. The platform’s usability as well as easy-to-read dashboards gave us an instant look into what other building blocks of our security posture we needed to complete.

Immediate Benefits

We’re still on our way to SOC 2, but as we prepare for the audit, Drata has already shown us valuable insight that’s impacted our growth. The categorization of controls allows us to easily assign owners and understand workflow, while the integrations with Github, AWS, and other applications fit seamlessly into our tech stack. Features like the risk assessment were incredibly easy to use, and having it already built-in to the platform makes it that much more accessible. Drata’s partnerships with auditors also gives us peace of mind as we progress along the compliance journey.

What’s Next?

Once we achieve SOC 2 Type 1 compliance, it will be important for us to maintain compliance through Drata’s continuous security monitoring. In the meantime, we’ll continue using Drata to onboard our employees with the best security measures and ensure a smooth path to a clean report. We’ll look to expand to other frameworks like HIPAA or ISO 27001 in the year ahead.

Drata gives us dynamic, real-time visibility into our security program, which is crucial for us as a distributed workforce. They’ve made the journey to SOC 2 compliance uncomplicated and easy to integrate into our tech stack. We feel confident navigating the SOC 2 compliance process journey thus far because of Drata.

Adil Karam - CISO, Katalon

Subscribe & receive the latest content.

Subscribe & receive the latest content.


Get Started Today

Close more sales and build trust faster while eliminating the hundreds of hours of manual work that used to go into maintaining your SOC 2 report and ISO 27001 certification.

Trusted by the best: