How Drata Empowers Katalon with Real-Time Visibility on Its Way to SOC 2 Compliance

Katalon@3x
About

Katalon is a continuous testing platform helping teams of all sizes build better software faster through practical, cohesive, and innovative test tools.

LocationAtlanta, GA
IndustryEnterprise Software & Solutions
Socials
A case of how the path to SOC 2 is just as important as receiving the attestation report.

The Challenge

Katalon had the benefit of going through the ISO 27001 and SOC 2 audit experience while under its former parent company, and this helped us to be aware of some potential opportunities for improvement from a strictly manual approach. With security and compliance as a critical component to Katalon’s success, we wanted to be efficient in our pursuit to do it all over again while operating as an independent company.


Some areas of focus for us included meeting customer third-party risk assurance needs, improving brand protection, building stakeholder trust, and accelerating the sales process and onboarding. Other opportunities included support and scalability for Katalon’s fast-paced growth, globally distributed workforce, and an increasing mix of small and large customers globally who, in turn, have wide regulatory risk profiles.


We wanted to quickly demonstrate progress, enable ease of use for the team, and work from a single source of truth with our external auditors. We knew that selecting the right fit for an automation tool would be vital to help us towards the SOC 2 compliance journey.


Why Drata

From our research, it was clear to see Drata is the most current, automation-focused compliance platform out there. The platform’s usability as well as easy-to-read dashboards gave us an instant look into what other building blocks of our security posture we needed to complete.


Immediate Benefits

We’re still on our way to SOC 2, but as we prepare for the audit, Drata has already shown us valuable insight that’s impacted our growth. The categorization of controls allows us to easily assign owners and understand workflow, while the integrations with Github, AWS, and other applications fit seamlessly into our tech stack. Features like the risk assessment were incredibly easy to use, and having it already built-in to the platform makes it that much more accessible. Drata’s partnerships with auditors also gives us peace of mind as we progress along the compliance journey.


What’s Next?

Once we achieve SOC 2 Type 1 compliance, it will be important for us to maintain compliance through Drata’s continuous security monitoring. In the meantime, we’ll continue using Drata to onboard our employees with the best security measures and ensure a smooth path to a clean report. We’ll look to expand to other frameworks like HIPAA or ISO 27001 in the year ahead.


Drata gives us dynamic, real-time visibility into our security program, which is crucial for us as a distributed workforce. They’ve made the journey to SOC 2 compliance uncomplicated and easy to integrate into our tech stack. We feel confident navigating the SOC 2 compliance process journey thus far because of Drata.

Adil Karam

CISO, Katalon

Resources for you
PCI Compliance Cost What It Takes to Become Certified

PCI DSS Compliance Cost: What It Takes to Become Certified

Cybersecurity Asset Management

Why Cybersecurity Asset Management Matters and How to Prioritize It

Drata Leadership Update

Drata Brings On New CRO and First-Ever COO to Fuel Hyper Growth

Be a Part of the Best

Join the thousands of companies who trust Drata with their evolving compliance needs.