Filter By

Drataverse Digital Risk and Reward

Control Meets Confidence at Drataverse Digital: Risk and Reward


Business Continuity and Resilience 101


What Is a Data Retention Policy? Best Practices + Template

Deploy Drata in Minutes With Quick Launch

Drata Enables Quick Launch Feature for Faster Procurement in AWS Marketplace

ICYMI Drataverse Digital Header

Drata's Evidence Library: Revolutionizing Evidence Collection and Management

CCM 101 - Thumbnail

CCM 101: Introducing the Cloud Control Matrix

User Access Reviews | Drata

Drata's User Access Review: Empowering GRC Teams with Streamlined Efficiency

Can’t-Miss Booths at AWS re Invent

7 Booths to Visit at AWS re:Invent for Secure Clouds, Code, and Compliance

ICYMI Drataverse Digital Header

Streamlining Security and Compliance with Drata's New Role-Based Access Control

ICYMI Drataverse Digital Header

Drata Launches Control Readiness Approval

AWS re invent - Everything You Need to Know

Going to AWS re:Invent 2023? Here’s Everything You Need to Know

Illustraction depicting a GDPR compliance checklist

GDPR Compliance Checklist: How to Become Compliant

Drata at AWS re:Invent

Empowering Security and Compliance Automation in the Cloud at AWS re:Invent 2023

ICYMI Drataverse Digital Thumb

ICYMI at Drataverse: Enhanced Access and Control

What's New in Drata Thumb

Drataverse Digital: Access & Control [+] What’s New in Drata

ICYMI Drataverse Digital Header

October 24, 2023

Drata Introduces Role-Based Access Control and User Access Reviews to Further Automate GRC Processes, at Drataverse Digital

Illustration of a scale showing different levels of risk and a clipboard.

Risk Register: How to Build One + Examples


Beginner’s Guide to Third-Party Risk Management

What to Expect Thumbnail

What to Expect at Drataverse Digital: Access and Control

SOC 2 Compliance Checklist hero image

SOC 2 Compliance Checklist: 9 Key Steps To Take


What Is a PCI ROC + When Do You Need One?

PCI Audits hero

PCI DSS Audit: What It Is + How to Prepare

G2 Fall Reports Thumb

Drata Shines in G2 Fall Reports

Cyberattacks on Local Govs Hero

Cyberattacks on Local Governments on the Rise, Highlighting a Need for Enhanced Security

Cyber Essentials Thumb

September 06, 2023

Drata Launches Support for Cyber Essentials

CE Checklist Thumb

Cyber Essentials Checklist

Cyber Essentials Thumb

Cyber Essentials Now Available in Drata

Asset - Schneider Downs

Why Drata Is the Preferred Compliance Automation Platform for Schneider Downs

CCM and ISO Blog Thumb Image

CCM, ISO 27017, and ISO 27018 Now Available in Drata

Asset - Podcast Episode 12 Drataverse Live

Compliance Uncomplicated Episode 12: Transparency and Continuous Compliance Live From Drataverse

Cofounders group shot

August 24, 2023

The 19 Most Promising Cybersecurity Startups of 2023, According to VCs

Evidence Library Blog Header

Streamline Evidence Collection with Our New Evidence Library

Informationweek article image

August 18, 2023

5 Questions Organizations Should Ask Themselves Before Collecting Data

Penetration testing hero

Penetration Testing: Why It’s Important + Common Types

Recovery point objective hero image

Recovery Point Objective (RPO): What It Is + Why It Matters

Drata KnowBe4 Partnership

KnowBe4 Chooses Drata as Their Exclusive GRC Partner

Drata KnowBe4 Partnership

August 01, 2023

Drata Selected as KnowBe4's Exclusive GRC Partner and Preferred Compliance Automation Platform for KnowBe4 customers

New CCPA Enforcement Delays - Thumbnail

New CCPA Regulation Enforcement Delayed Until March 2024

Asset - Image - Uncomplicated Podcast Pinwheel Episode 11

Compliance Uncomplicated Episode 11: Securing the Future of Financial Innovation With Pinwheel’s CISO

HIPAA vs HITRUST hero image

HIPAA vs. HITRUST: Key Differences Explained

HIPAA Compliance Checklist Hero

HIPAA Compliance Checklist: Essential Steps for Compliance [2023]

Healthcare Breach States - Thumnbnail

States Most Impacted by Healthcare Data Breaches in 2022

Compliace Statistcs Hero

85 Compliance Statistics You Need To Know in 2023

Asset - Uncomplicated Podcast - Labelbox

Compliance Uncomplicated Episode 10: The Power of Secure AI Solutions With Labelbox

Drata New CMO

Introducing Drata's Chief Marketing Officer, Sydney Sloan

User access review hero image

How to Perform User Access Reviews

Drata New CMO

July 11, 2023

Sydney Sloan Joins Drata as Chief Marketing Officer

What You Need to Know About the New Cybersecurity Strategy - Thumbnail

What You Need to Know About the New National Cybersecurity Strategy

Demand for Cybersecurity Talent

Demand for Cybersecurity Analysts Is Growing Twice as Fast as the Workforce

Audit Your Auditor - Thumbnail

Audit Your Auditor: 5 Questions to Ask a Potential Auditor

Supply Chain Security - Thumbnail

Supply Chain Security + How to Solve 5 Most Common Risks

Trust Center Essential

Introducing Trust Center Essential: Your New Built-In Trust Center

Next Generation Automation Drata

Preview: Next Generation Automation Platform From Drata

Drataverse Recap

ICYMI: Drata’s Inaugural User Summit

ISO 27001 checklist hero

ISO 27001 Checklist: 8 Easy Steps to Get Started

Drataverse Sneak Peeks

Drata Shares Glimpse of Next Generation Automation and New Enhancements at Drataverse

SOC 2 Type 1 vs Type 2 hero

SOC 2 Type 1 vs. Type 2: How They Differ

Asset - Uncomplicated Podcast Polycon

Compliance Uncomplicated Episode 9: Empowering a Security-First Culture With Polygon

G2 Summer Blog Thumb

Drata Recognized as Momentum Leader for G2 Summer 2023 Report

Ask an Auditor Header ISO 27001

Ask an Auditor: Demystifying the ISO 27001 Certification Process With Steve Cullen From ARORA Solutions

SOC 2 Report Example hero

What Is a SOC 2 Report? [+ Example]

How to Evaluate Control Deficiencies - Thumbnail

How to Evaluate Internal Control Deficiencies in Your Audit

AI and New Technologies List

How Machine Learning and New AI Technologies Could Change the Cybersecurity Landscape

Media - Drataverse - Special Keynote

Drataverse Welcomes Coleen Coolidge and Jerry Rice as Guest Speakers

SOC 2 Audit Hero Image

SOC 2 Audits: What You Can Expect From Start to Finish

Asset - Compliance Uncomplicated Gather Voices - Thumbnail

Compliance Uncomplicated Episode 8: Storytelling and Founder Advice With Gather Voices

SOC 2 vs SOC 3 hero image

SOC 2 vs. SOC 3: How Are They Different?

Cybersecurity Memes

15 Cybersecurity Memes That Will Make You Laugh Then Cry

New CISO and CCO

Drata Welcomes New Chief Information Security Officer and Chief Customer Officer

New CISO and CCO

May 23, 2023

Drata Broadens Leadership Team with New Chief Information Security Officer and Chief Customer Officer

ISO 27001 controls hero

Understanding ISO 27001 Controls: A Guide to Annex A

How to Apply Automation in DevOps Practices - Thumbnail

DevOps Automation: How to Apply Automation in DevOps Practices

4 Myths You Should Know About Access Reviews

3 Myths You Should Know About Access Reviews

SOC 2 Type 2 Hero

SOC 2 Type 2: A Beginner’s Guide

Asset - Compliance Uncomplicated Episode 7 Thumbnail

Compliance Uncomplicated Episode 7: Building a Secure Future With Vercel’s CISO

How To Review A Vendor's SOC Report Thumbnail

How to Review a Vendor’s SOC Report

Lily Hsiao

Drata Brings on Lily Hsiao, VPE, Application Development


What Is a SOC 2 Bridge Letter? [+ Template]

Media - Blog Drataverse

Full Drataverse Lineup Released

Feature Roundup (1)

What’s New in Drata: April Feature Roundup

Introduction to Orchestration

What is Orchestration?

A Guide to Scaling Successfully for MSSPs

A Guide to Scaling Successfully for MSSPs

Data Privacy Stats (1)

Ask an Auditor: Navigating Your First SOC 2 Audit With Jeffrey Filler From Boulay Group

Drataverse Schedule Featured Image

Drataverse Initial Lineup Announced

Cost of Not Being Compliant with Frameworks

The Cost of Non-Compliance

Health Information Breach

4 of the Most Common Ways Private Health Information Was Breached in 2022

Cybersecurity Talent Shortage

What You Need to Know About the Cybersecurity Workforce Gap

Technology Partner Directory Blog Image @3x

How Drata’s Partner and Auditor Networks Simplify Your Compliance Process

History of Cybersecurity (2)

A Short History of Cybersecurity and the Data Breaches That Forced the World to Pay Attention to Data Privacy

Asset - Compliance Uncomplicated - Episode 6 - Oyster

Compliance Uncomplicated Episode 6: Finding Auditor Fit and Compliance Buy-In With Oyster

Trust Services Criteria in SOC 2

Trust Services Criteria: What You Need to Know

Drata at RSA 2023

Drata Is Back in Action at RSA—and Bigger Than Ever Before

FDA Cybersecurity Check

FDA: Get Cybersecurity in Check or Don’t Bring a Medical Device to Market

HIPAA Compliance Healthtech

HIPAA Compliance: How Healthtech Companies Can Remain Compliant

Corporate Compliance Insights Alphabet Soup

April 05, 2023

Decoding the Alphabet Soup of Audits

Distology logo

April 04, 2023

Drata Expands Global Footprint with Distology Partnership

How to Score and Assess Your SOC 2 Readiness (1)

Preparing for Your Audit With a SOC 2 Readiness Assessment

Media - MiM Announcement

Scale Compliance With Ease: Introducing Multi-Instance Management

G2 Reports Social LinkedIn 1200x627@3x

Drata Named a Cloud Compliance Leader in G2 Spring 2023 Reports

4 States Cybersecurity Laws

4 States Passed Nearly Half of All New Cybersecurity Laws Enacted Across the US in 2022

Media - Drata's Continued Support of Auditor Alliance

Drata’s Declaration of Continued Audit Independence

SOC 2 policies

12 Commonly Recommended Security Policies for SOC 2

Drata + AssuranceLab

Why AssuranceLab Joined Drata’s Auditor Alliance

Asset - Compliance Uncomplicated - Nemean Services

Compliance Uncomplicated Episode 5: An InfoSec Perspective to Digital Security Success With Nemean Services

Orchestration vs. automation

IT Automation vs. Orchestration: What's the Difference?

Media - Blog Drataverse

Welcome to Drataverse, the Inaugural Summit Hosted by Drata

SOC 2 Type 1 From a CTO’s Perspective

Drata x Onboard: SOC 2 Type 1 From a CTO’s Perspective

Cloud Compliance (1)

What is Cloud Compliance? + Best Practices

SOC 2 System Description

A Quick-Start Guide of the SOC 2 System Description

Asset - Compliance Uncomplicated - PixieBrix

Compliance Uncomplicated Episode 4: Perfecting the User Experience With PixieBrix

Compliance Automation and Beyond

Compliance Automation and Beyond: A Data Journey With Drata

Common Employee Errors (1)

5 Human Errors in Cybersecurity That Put Your Organization at Risk

Fintech Risks

How to Address 6 Major Fintech Security and Compliance Risks

ISO 27005 2018 vs. ISO 27005 2022 (1)

Understanding the Differences Between ISO 27005:2018 and ISO 27005:2022

Cybersecurity Issues in Healthtech

5 Cybersecurity Challenges in Healthtech + How to Address Them

Asset - Podcast Episode 3 - Linear B

Compliance Uncomplicated Episode 3: The Common Language of Security With LinearB

ISO 27001 vs. ISO 27002 (1)

5 Critical Differences Between ISO 27001:2022 and ISO 27002:2022


February 20, 2023

Cybersecurity Risk Management – How And Where To Focus

How Much Time Should I Spend Doing SOC 2 (1)

How Long Does a SOC 2 Audit Take?

Feature Image - Open API 1200 x 628@2x

Introducing Drata’s Open API

Open API@2x

February 16, 2023

Drata Ushers A New Era of Trust with Open API

ISO 27002 Update

What’s New in ISO 27002:2022? + How to Prepare

2023 Compliance Trends Report 1

New Resource: 2023 Compliance Trends Report

Drata A Complete Guide to Cybersecurity Risk Management (1)

New Resource: Complete Guide to Risk Management

Asset - Compliance Uncomplicated Episode 2 - Client Giant

Compliance Uncomplicated Episode 2: The Art of Appreciation With Client Giant

Compliance Memes Header Image

27 Compliance Memes to Make the Process a Little More Enjoyable

Media - G2 2023 Award - Best Product

Drata Featured in G2’s Best Software Awards of 2023

SOC 2 Compliance Guide

New Resource: Start-to-Finish Guide on SOC 2 Compliance

George Bonser Drata Update@3x

February 07, 2023

George Bonser Joins Drata as VP of Sales in EMEA

George Bonser Drata Update@3x

Going Global: Drata Welcomes George Bonser as the VP of Sales in EMEA

What Is Continuous Compliance

What Is Continuous Compliance? + How To Achieve It

Audit Hub Blog

Introducing the Drata Audit Hub: Your Communication and Collaboration Command Center

What is fintech compliance

What is Fintech Compliance? + Its Major Risks

CRN Cloud 100 logo

January 30, 2023

The 20 Coolest Cloud Software Companies Of The 2023 Cloud 100

ISO 27001 2022 update

What’s New in ISO 27001:2022? Here's Everything You Need to Know

Asset - Compliance Uncomplicated Episode 1

Introducing Drata’s New Podcast, Compliance Uncomplicated

MJD + Drata

An Auditor’s Perspective: Why MJD Recommends Drata

SOC 1 vs SOC 2

SOC 1 vs. SOC 2: What Are the Differences Between These Reports?

Open API Security Checklist

Checklist: How to Evaluate a Compliance Open API

Rise of Continuous Compliance Header 936 x 540@3x

Moving to a Proactive State of Compliance

How to Conduct a HIPAA Risk Assessment (1)

How to Conduct a HIPAA Risk Assessment

2 Year Anniversary Blog Header 936 x 540@3x (1)

Key Takeaways From Two Years Since Launch

A Guide to SOC 2 Controls

SOC 2 Controls: What You Need to Satisfy Trust Services Criteria

Container Security

Container Security: Build a Program That Meets Your Objectives

HIPAA Business Associate Agreement

HIPAA Business Associate Agreement Explained

Comparison Guide Audit Process Before and After Automation

Compliance Automation: Your Audit Experience Before and After

Cybersecurity ROI (1)

Calculating and Communicating Cybersecurity ROI

Media - 2022 year in review

Drata’s 2022 Year in Review