Filter By

SOC 2 policies

12 Commonly Recommended Security Policies for SOC 2

Drata + AssuranceLab

Why AssuranceLab Joined Drata’s Auditor Alliance

Asset - Compliance Uncomplicated - Nemean Services

Compliance Uncomplicated Episode 5: An InfoSec Perspective to Digital Security Success With Nemean Services

Media - Blog Drataverse

Welcome to Drataverse, the Inaugural Summit Hosted by Drata

SOC 2 Type 1 From a CTO’s Perspective

Drata x Onboard: SOC 2 Type 1 From a CTO’s Perspective

Cloud Compliance (1)

What is Cloud Compliance? + Best Practices

SOC 2 System Description

A Quick-Start Guide of the SOC 2 System Description

Asset - Compliance Uncomplicated - PixieBrix

Compliance Uncomplicated Episode 4: Perfecting the User Experience With PixieBrix

Compliance Automation and Beyond

Compliance Automation and Beyond: A Data Journey With Drata

Common Employee Errors (1)

5 Human Errors in Cybersecurity That Put Your Organization at Risk

Fintech Risks

How to Address 6 Major Fintech Security and Compliance Risks

ISO 27005 2018 vs. ISO 27005 2022 (1)

Understanding the Differences Between ISO 27005:2018 and ISO 27005:2022

Cybersecurity Issues in Healthtech

5 Cybersecurity Challenges in Healthtech + How to Address Them

Asset - Podcast Episode 3 - Linear B

Compliance Uncomplicated Episode 3: The Common Language of Security With LinearB

ISO 27001 vs. ISO 27002 (1)

5 Critical Differences Between ISO 27001:2022 and ISO 27002:2022


February 20, 2023

Cybersecurity Risk Management – How And Where To Focus

How Much Time Should I Spend Doing SOC 2 (1)

How Long Does a SOC 2 Audit Take?

Feature Image - Open API 1200 x 628@2x

Introducing Drata’s Open API

Open API@2x

February 16, 2023

Drata Ushers A New Era of Trust with Open API

ISO 27002 Update

What’s New in ISO 27002:2022? + How to Prepare

2023 Compliance Trends Report

New Resource: 2023 Compliance Trends Report

Drata A Complete Guide to Cybersecurity Risk Management (1)

New Resource: Complete Guide to Risk Management

Asset - Compliance Uncomplicated Episode 2 - Client Giant

Compliance Uncomplicated Episode 2: The Art of Appreciation With Client Giant

Compliance Memes Header Image

27 Compliance Memes to Make the Process a Little More Enjoyable

SOC 2 Compliance Guide

New Resource: Start-to-Finish Guide on SOC 2 Compliance

George Bonser Drata Update@3x

February 07, 2023

George Bonser Joins Drata as VP of Sales in EMEA

George Bonser Drata Update@3x

Going Global: Drata Welcomes George Bonser as the VP of Sales in EMEA

Audit Hub Blog

Introducing the Drata Audit Hub: Your Communication and Collaboration Command Center

Audit Hub Blog

February 02, 2023

Drata Launches Audit Hub for Enhanced Auditor Collaboration

What is fintech compliance

What is Fintech Compliance? + Its Major Risks

CRN Cloud 100 logo

January 30, 2023

The 20 Coolest Cloud Software Companies Of The 2023 Cloud 100

2023 Compliance Trends Report

January 30, 2023

IT and Security Professionals Spend an Average of 4,300 Hours Annually Achieving or Maintaining Compliance

ISO 27001 2022 update

What’s New in ISO 27001:2022? Here's Everything You Need to Know

Asset - Compliance Uncomplicated Episode 1

Introducing Drata’s New Podcast, Compliance Uncomplicated

MJD + Drata

An Auditor’s Perspective: Why MJD Recommends Drata

SOC 1 vs SOC 2

SOC 1 vs. SOC 2: What Are the Differences Between These Reports?

How to Conduct a HIPAA Risk Assessment (1)

How to Conduct a HIPAA Risk Assessment

Adam Markowitz headshot

January 11, 2023

Trailblazer: Adam Markowitz, CEO Of Security Platform Drata

Container Security

Container Security: Build a Program That Meets Your Objectives

HIPAA Business Associate Agreement

HIPAA Business Associate Agreement Explained

Comparison Guide Audit Process Before and After Automation

Compliance Automation: Your Audit Experience Before and After

Cybersecurity ROI (1)

Calculating and Communicating Cybersecurity ROI

Media - 2022 year in review

Drata’s 2022 Year in Review

Incident Response Plan Templates

5 Incident Response Plan Templates to Help Get You Started

Blog Featured Images (33)

An Introduction to Container Risks and Security Issues

Media - G2 Winter 2023

Drata Grabs Top Spots in Winter 2023 G2 Reports

Drata Building Secure, Compliant Containers

New Resource: Guide to Building Secure, Compliant Containers

14 Security Frameworks and Standards

14 Security Frameworks and Standards to Consider

How to Conduct a Business Impact Analysis

How to Conduct a Business Impact Analysis

Drata Series C Blog Hero Image

Announcing Drata’s Series C

VentureBeat Series C

December 07, 2022

Automating Governance, Risk And Compliance (GRC), Drata Announces Series C

Media - Series C Founders TechCrunch

December 07, 2022

Security Compliance And Automation Platform Drata Nabs $200M At $2B Valuation

Media - Series C Siliconangle

December 07, 2022

Security and compliance automation startup Drata raises $200M at a $2B valuation

Media - Series C Founders TechCrunch

December 07, 2022

San Diego software startup Drata lands $200M in venture capital despite investing headwinds

Media - Drata Series C announcement

December 07, 2022

Drata's Valuation Rises to $2 Billion with $200 Million Series C Funding

CCI TJ byline

December 07, 2022

For Cybersecurity Teams, ‘Audit’ Doesn’t Have To Be A Dirty Word.

Data Centre Dynamics image

December 05, 2022

If Data Is Oil, Who’s Protecting The Pipeline?

How to Become HIPAA Compliant

How to Become HIPAA Compliant: An Easy-to-Follow Guide


What Are Containers? + Why Should You Use Them

Drata + AWS Thumbnail

Drata Amplifies AWS Partnership With ISV Accelerate Program and Foundational Technical Review

AWS ISV program

November 28, 2022

Drata Joins AWS ISV Accelerate Program

PCI Compliance Cost What It Takes to Become Certified

PCI DSS Compliance Cost: What It Takes to Become Certified

Cybersecurity Asset Management

Why Cybersecurity Asset Management Matters and How to Prioritize It

Drata Leadership Update

Drata Brings On New CRO and First-Ever COO to Fuel Hyper Growth

Drata CRO and COO

November 21, 2022

Drata Welcomes Adam Aarons as CRO

Security Tools

14 Free Cybersecurity Tools for Startups

Brand Refresh Announcement (1)

The Next Phase of Drata

Red teaming with Talha Tariq

Red Teaming With Talha Tariq From HashiCorp

Help Net Security TJ Q&A

November 09, 2022

Busting Compliance Myths

FoundersPhoto Option2

November 06, 2022

Tech’s Unicorn Boom Has Slowed Down. Meet The Security Compliance Startup Bucking The Trend

Media - Drata Workspaces

Introducing Drata Workspaces for Complex Compliance Needs

Media - Drata Translation and Localization

Compliance Automation in French, Spanish, and German


How to Manage Bring Your Own Devices (BYOD) During an Audit


6 Popular SIEM Tools to Consider + How to Choose the Right Solution


How Pilot Used SOC 2 to Prove Their Commitment to Security


11 Popular Vulnerability Scanning Tools to Consider 


Drata’s CISO: The Business Perspective of Managing Risk

Security Magazine Q&A

October 05, 2022

Dispelling 4 Cybersecurity Compliance Myths

List Image - Hack Your Company EP 0

Hack Your Company, a Drata Podcast


October 03, 2022

The 13 Most Promising Cybersecurity Startups Of 2022, According To VCs

Media - Blog - Risk Register

Risk Register: How to Build One + Things to Keep in Mind


Data Protection Impact Assessment for GDPR: How To Do It Right


September: Asking Compliance and InfoSec Experts Almost Anything


September 28, 2022

LinkedIn Top Startups 2022: The 50 U.S. Companies On The Rise


What’s New In Product: Jira Integration, Slack Enhancement, And More


Drata Leads Fall 2022 G2 Reports

7 myths about SOC 2 compliance blog hero

7 Myths About SOC 2 Compliance


PCI DSS Compliance Checklist: Understanding the 12 Requirements


The No-nonsense CCPA Compliance Checklist


September 08, 2022

Security VS Compliance: Understanding The Difference


September 07, 2022

50 Best Small And Medium Workplaces in Technology

Creating + Maintaining a Vendor Management Policy

Creating + Maintaining a Vendor Management Policy


Risk Management Framework (RMF): Overview + Best Practices


August 18, 2022

Drata Adds Risk Management Solution to Further Integrate Security and Compliance Automation


SaaStr Annual 2022 – Fall Favorites are on the Horizon


July Product Releases: Custom Frameworks, Automated Tests to Any Control, and SOX ITGC


HIP, HIPAA, HOORAY! Drata is Now HIPAA Compliant


What is IT Risk Management? + Why It Matters


August 08, 2022

Fast-Growing Drata Provides Security And Compliance Automation Platform


August 08, 2022

100 Best Medium Workplaces


ISO 27001 Checklist: 6 Easy Steps to Get Started

Custom-Frameworks-Map-Controls-to-AP-tests-Graphics Customer-Frameworks-Map-Controls-to-AP-tests-Graphics-1200-x-628-Blog-Header-Alt-2048x1073

Introducing Custom Frameworks + Mapping Automated Tests to Any Control


Beginner’s Guide to Third-Party Risk Management


July 26, 2022

What You Don’t Know About Compliance Can Hurt You

4 Common Misconceptions About Auditors

4 Common Misconceptions About Auditors

6 Types of Risk Assessment Methodologies + How to Choose

6 Types of Risk Assessment Methodologies + How to Choose


Budgeting for ISO 27001: How Much Does Certification Cost?

Debunking the Top 5 GDPR Myths and Misconceptions

Debunking the Top 5 GDPR Myths and Misconceptions


July 05, 2022

Compliance in The Era of Big Data


What Does Trust Mean? Three Drata Customers Answer


26 Data Privacy Statistics to Keep in Mind When Updating Your Program

BLOG-ISO-27001 -A-Beginners-Guide

ISO 27001: A Beginner’s Guide


June 18, 2022

How to Implement a Cybersecurity-First Culture

SOC 2 Guide List Image

SOC 2 Compliance: A Beginner's Guide


May Product Releases: Policy Center 2.0 & AWS Virtual Assets


What is Vulnerability Scanning? + Frequently Asked Questions

SOC 2 automation software

SOC 2 Compliance Automation Software: Everything You Need to Know


June 02, 2022

Drata Launches Trust Center to Help Companies Prove Their Security and Compliance Posture


4 Things We’re Looking Forward to at RSA


Penetration Testing vs. Vulnerability Scanning: What’s the Difference?


New Frameworks: CCPA, ISO 27701, & More

Budgeting for SOC 2 How Much Does a SOC 2 Audit Cost

​​Budgeting for SOC 2: How Much Does a SOC 2 Audit Cost?


What is Red Teaming? + Why You May Need It

CCPA Compliance 101 Everything You Need to Know

CCPA Compliance 101: Everything You Need to Know


April Product Releases: A New Framework View & Multiple Personnel Devices


Breaking Down Security Controls: A Bite-Sized Guide


GDPR vs. CCPA: Key Differences and Similarities


Drata Welcomes VP of Business Development: Kevin Kriebel


April 13, 2022

Drata Achieves ISO 27001 Certification


March Product Releases: From Bulk Actions to Curricula Training

SOC 2 Compliance Checklist 9 Steps to Take Before Your Audit

SOC 2 Compliance Checklist: 9 Steps to Take Before Your Audit

What is Security Posture

What is Security Posture? How to Assess and Improve it Across Your Organization


Drata Welcomes New Director of Compliance: Alev Viggio


Drata Rated Leader in Spring 2022 G2 Reports


Ask an Auditor: February Recap


You’re GDPR Compliant: Now What? 6 Strategies to Maintain Compliance


March 11, 2022

The One Thing Competitors Can’t Copy

Enterprise Tech 30 2022@3x

March 10, 2022

Presenting the 4th Annual Enterprise Tech 30


Integration: SOC 2 Security Awareness Training with Curricula


March 01, 2022

Drata Adds GDPR to its Compliance Automation Platform

security and compliance hero image

Security and Compliance: Key Differences + How They Work Together


8+ Resources for Black Professionals in Security and Compliance


What is Data Classification?


Continuous Security Monitoring with Drata + Kandji


January 18, 2022

Drata Launches Automated PCI DSS Compliance


January 15, 2022

Drata’s CEO Adam Markowitz on creating a culture of cyber security

What is a HIPAA Violation + Common Mistakes and Fines

What is a HIPAA Violation? + Common Mistakes and Fines

3 Reasons Why You Need SOC 2 Hero Blog

3 Reasons Why Startups Need SOC 2


December 28, 2021

Over 340 US startups became unicorns in a record-breaking 2021


SOC 2 Audits: What Your Organization Can Expect From Start to Finish

Introducing Automated HIPAA Compliance

Introducing Automated HIPAA Compliance


December 15, 2021

Drata Launches Automated HIPAA Compliance

How to choose an audit firm

How to Choose the Right SOC 2 Audit Firm


December 09, 2021

Secret CSO: Ross Hosman, Drata

Cyberprotection Magazine Logo

December 07, 2021

Top 3 Mistakes Companies Make with Security & Compliance