How Drata Helped Bramble Understand and Achieve SOC 2 Compliance


Bramble simplifies workforce management by providing a balanced, objective view of performance at all levels of your organization, allowing greater visibility and transparency across teams and individuals.

IndustryWorkforce Management
A case of a startup achieving compliance to ensure scalability.

Path to SOC 2 Type 1

Bramble is a young company, and we always knew security would be at the forefront of our growth. We decided to commit to building our security posture early on instead of pushing it back at a later stage. And once we landed a major client, that served as the catalyst for pursuing compliance. We wanted to implement the right measures in place now to ensure long-term scalability.

Why Drata

While we were brand new to SOC 2, we were aware that compliance required a general understanding of policies and controls, and that can be quite the lift with a sizable client on the horizon. We were looking for a platform that could execute quickly and guide us to learn the ins and outs of SOC 2 along the way. Drata not only recognized our growth stage but they also provided a cost-effective and flexible option to pursue SOC 2 Type 1 compliance.

The Experience

From our initial onboarding into the Drata platform, we immediately knew we made the right choice. The integration was incredibly easy, and having the Drata Agent along with policy templates helped smooth out the journey even more. For a startup, it was helpful to see Drata’s extensive library of integrations that support things like background checks and payroll platforms – this gave us an idea of what else we had to implement as we grow our company.


Right off the bat, using Drata to achieve SOC 2 compliance saves us from those long IT and security questionnaires as part of the sales process. Now we can present our SOC 2 report as immediate proof of compliance and data protection. It would easily have taken us quadruple the time to achieve compliance without Drata, and with continuous monitoring we have a lot more insight into where our security posture stands.

What’s Next?

Now that we have SOC 2 Type 1 compliance, we’re excited to continue scaling the business into the next year. We’ll look to expand to SOC 2 Type 2 while bolstering our security program in the meantime.

It’s important for startups to pursue compliance as early as they can, and the right platform can directly impact the journey. Drata helped us achieve SOC 2 compliance quickly and efficiently, and simultaneously empowered us to become experts around the framework. They also gave us an inside look at our security posture - that’s valuable insight that you just don’t get with every partner.

Dan Wain

Founder, Bramble

Resources for you
PCI Compliance Cost What It Takes to Become Certified

PCI DSS Compliance Cost: What It Takes to Become Certified

Cybersecurity Asset Management

Why Cybersecurity Asset Management Matters and How to Prioritize It

Drata Leadership Update

Drata Brings On New CRO and First-Ever COO to Fuel Hyper Growth

Be a Part of the Best

Join the thousands of companies who trust Drata with their evolving compliance needs.