October Product Roundup
October brings a set of exciting new capabilities to Drata that reinforce our commitment to automating compliance from code to cloud.
October brings a set of exciting new capabilities to Drata that reinforce our commitment to automating compliance from code to cloud. From broadening Compliance as Code support and adding BitBucket to expanding coverage for GitLab Self-Managed servers, these updates aim to drive efficiency at every stage of your risk and compliance journey.
Streamline Vendor SOC 2 Reviews with Drata AI
Reviewing SOC 2 reports for high-risk and prospective vendors is essential but time-intensive, often requiring frequent, thorough evaluations. Drata’s SOC 2 AI Summary (currently in beta) cuts down review time by automatically highlighting report overviews, key exceptions, and management responses, enabling faster, clearer insights into vendor security postures. With side-by-side report viewing, customers can easily compare and align security requirements, making SOC 2 evaluations faster and more insightful at any scale.
New Time Saving Automation from Code to Cloud
We’ve made some updates to our automation engine to improve visibility and increase coverage from code to cloud. Here’s a quick look:
Quickly Identify Codebase Misconfigurations with Bitbucket Support for Compliance as Code
For Bitbucket users, code to cloud visibility just became a whole lot smoother. Drata now integrates seamlessly with Bitbucket for Compliance as Code, allowing you to identify infrastructure misconfigurations directly in the codebase. Through automated pull requests, compliance issues can be addressed before they ever reach production, helping teams write secure, compliant code with ease. This new functionality enables a more proactive approach to risk management, ensuring you can identify and fix issues as part of your CI/CD workflows.
Enhanced Issue Tracking with Dynamic Ticketing for Compliance as Code
Every ticket generated for Compliance as Code tests now offers detailed, dynamic information on test failures, including contributing resources and issue specifics. Automatically organized by severity and styled for clear readability, these dynamic tickets work across all 14 supported providers, helping teams resolve compliance issues faster and more efficiently.
Automated Evidence Collection Across Key Environments with Drata's GitLab Self-Managed Support
With compliance and security extending across both cloud and on-prem environments, Drata now offers comprehensive support for GitLab Self-Managed servers, including GitLab Issues. This expansion enables on-premise GitLab users to automate compliance checks and monitor controls, giving organizations full visibility into their DevOps environments—whether in the cloud or on-site. Drata users can now maintain consistent compliance standards across all repositories, no matter where they reside.
Improve Evidence Accuracy with GitHub Issues Enterprise Support
We’re excited to announce new support for GitHub Issues on-prem environments! Drata’s integration with GitHub Issues on-prem enables automated compliance checks and evidence collection, empowering teams to address issues faster, reduce manual work, and improve evidence accuracy. This addition means GitHub users can now enjoy the benefits of compliance automation regardless of their hosting preferences, expanding coverage for compliance and audit readiness.
Updated Enterprise Risk Capabilities
Our teams have been working hard on bringing you more insight into your risk programs and security posture. Check out what they’ve been up to:
Effortless Risk Tracking with Drata’s Risk Library Enhancements
Managing risk has never been easier. Now, when you move a risk to your register, a copy remains in Drata’s risk library. This simple but powerful feature allows you to keep an accessible record for future reference while staying agile in your active risk management process. It’s all about making risk management adaptable and reusable, helping you stay proactive and informed as your risk landscape evolves.
Risk Status Tracking for Greater Insight and Control
Now, users can track and manage risks with greater flexibility by leveraging three statuses—Active, Closed, and Archived—across the risk register. This update, driven by user feedback, allows for seamless filtering on the insights dashboard, enabling users to focus on specific risk statuses and easily manage status updates directly within the table or drawer. This enhancement supports both Risk Assessment and Risk Management solutions, showcasing our commitment to scalable solutions that prioritize customer needs, even down to the details.
More Automation with CMMC Control Mapping
Drata is making your journey toward CMMC readiness faster. If you already use the CMMC framework in Drata, you now have access to built-in control mappings within your tenant. With default mappings from Drata’s DCF controls library, you can reduce the manual effort required for CMMC readiness and accelerate your path to being audit-ready. This new feature helps you automate control mapping and easily manage CMMC compliance tasks, allowing you to stay focused on core business objectives while remaining in compliance with CMMC.
Drata’s commitment to innovation and evolution is stronger than ever, and each product enhancement brings us one step closer to transforming the compliance process—and we’re just getting started.
Stay tuned for more exciting advancements as we push the boundaries of what compliance can do for your organization.
