Trusted, the Drata Blog

Your hub for the latest security and compliance resources, updates, and expert insights. A simplified journey to compliance starts here.

Our Editor's Picks

See the latest news, trends, and best-practices in GRC.

Trust at the Speed of AI Feature

BLOG

Trust at the Speed of AI: How Drata and its Customers Are Shaping the Future of Governance, Risk, and Compliance

Why GRC is Key Landscape Feature

BLOG

Beyond Compliance: How a F500 Global Restaurant Chain Unified Risk, Vendors & Audits with Drata

PCI Vulnerability Scan: A Complete Guide

BLOG

15 Frameworks. Zero Chaos. How a F500 Global Restaurant Transformed Multi-Framework Compliance with Drata

Proving the ROI of Your Trust Management Program

BLOG

From Spreadsheets to Strategic GRC: How a Fortune 500 Global Restaurant Chain Transformed Risk, Compliance & Vendor Management

AI Risk Assessment How to Identify and Address Emerging Threats

BLOG

AI Risk Assessment: How to Identify and Address Emerging Threats

AI

Trust & Privacy by Design Drata-s AI Philosophy (1)

Trust and Privacy by Design: Drata's AI Philosophy

Harnessing AI in Cybersecurity Compliance Auditing A Strategic Imperative

Harnessing AI in Cybersecurity Compliance Auditing: A Strategic Imperative

5 ways companies are incorporating AI ethics - List

5 Ways Companies are Incorporating AI Ethics

What is Responsible AI and Why Should You Care (1)

What is Responsible AI and Why Should You Care?

Compliance

View All
ISO 27001 checklist hero

ISO 27001 Checklist: 8 Easy Steps to Get Started

CCM 101 - Thumbnail

CCM 101: Introducing the Cloud Control Matrix

Illustraction depicting a GDPR compliance checklist

GDPR Compliance Checklist: How to Become Compliant

Cost of Not Being Compliant with Frameworks

The Cost of Non-Compliance

Risk Management

View All
Drataverse Digital Risk and Reward

Control Meets Confidence at Drataverse Digital: Risk and Reward

6 Types of Risk Assessment Methodologies + How to Choose

6 Types of Risk Assessment Methodologies + How to Choose

third-party-risk-management-hero

Beginner’s Guide to Third-Party Risk Management

Blog-Featured-Images-23

Penetration Testing vs. Vulnerability Scanning: What’s the Difference?

Security

View All
Demand for Cybersecurity Talent

Demand for Cybersecurity Analysts Is Growing Twice as Fast as the Workforce

Illustration of a scale showing different levels of risk and a clipboard.

Risk Register: How to Build One + Examples

CE Checklist Thumb

Cyber Essentials Checklist

Penetration testing hero

Penetration Testing: Why It’s Important + Common Types

News and Events

View All
G2 Spring 2025 Blog List (1)

Spring 2025: Drata Named a Leader in Latest G2 Reports for 14th Consecutive Quarter

4YR BLOG List

Drata Turns 4, Crosses $100M ARR, and Unveils New Look

Drata Hero Starbucks

Drata Acquires SafeBase, Accelerating its Vision for the Future of Trust Management

HGS List

Drata Partners with HGS to Elevate Enterprise Compliance Modernization

Product Updates

View All
ICYMI Drataverse Digital Header

Drata Launches Control Readiness Approval

ICYMI Drataverse Digital Header

Streamlining Security and Compliance with Drata's New Role-Based Access Control

ICYMI Drataverse Digital Header

Drata's Evidence Library: Revolutionizing Evidence Collection and Management

User Access Reviews | Drata

Drata's User Access Review: Empowering GRC Teams with Streamlined Efficiency

Looking For More?

Check Out the Latest GRC Resources

View All
User access review hero image

BLOG

User Access Reviews: A Step-by-Step Guide, Best Practices + Checklist

third-party-risk-management-hero

BLOG

Beginner’s Guide to Third-Party Risk Management

soc-2-hero

BLOG

What Is a SOC 2 Bridge Letter? [+ Template]