How Drata Empowers Katalon with Real-Time Visibility on Its Way to SOC 2 Compliance
Katalon is a continuous testing platform helping teams of all sizes build better software faster through practical, cohesive, and innovative test tools.
Katalon had the benefit of going through the ISO 27001 and SOC 2 audit experience while under its former parent company, and this helped us to be aware of some potential opportunities for improvement from a strictly manual approach. With security and compliance as a critical component to Katalon’s success, we wanted to be efficient in our pursuit to do it all over again while operating as an independent company.
Some areas of focus for us included meeting customer third-party risk assurance needs, improving brand protection, building stakeholder trust, and accelerating the sales process and onboarding. Other opportunities included support and scalability for Katalon’s fast-paced growth, globally distributed workforce, and an increasing mix of small and large customers globally who, in turn, have wide regulatory risk profiles.
We wanted to quickly demonstrate progress, enable ease of use for the team, and work from a single source of truth with our external auditors. We knew that selecting the right fit for an automation tool would be vital to help us towards the SOC 2 compliance journey.
From our research, it was clear to see Drata is the most current, automation-focused compliance platform out there. The platform’s usability as well as easy-to-read dashboards gave us an instant look into what other building blocks of our security posture we needed to complete.
We’re still on our way to SOC 2, but as we prepare for the audit, Drata has already shown us valuable insight that’s impacted our growth. The categorization of controls allows us to easily assign owners and understand workflow, while the integrations with Github, AWS, and other applications fit seamlessly into our tech stack. Features like the risk assessment were incredibly easy to use, and having it already built-in to the platform makes it that much more accessible. Drata’s partnerships with auditors also gives us peace of mind as we progress along the compliance journey.
Once we achieve SOC 2 Type 1 compliance, it will be important for us to maintain compliance through Drata’s continuous security monitoring. In the meantime, we’ll continue using Drata to onboard our employees with the best security measures and ensure a smooth path to a clean report. We’ll look to expand to other frameworks like HIPAA or ISO 27001 in the year ahead.