September Product Roundup
Let’s dive into this month’s product highlights with Drata where you can build customer trust faster through security questionnaire automation and streamlined NDAs, manage vulnerability risk holistically and automate more compliance frameworks seamlessly.
As we transition into fall, September brings exciting updates that help you build customer trust faster and accelerate revenue growth through your GRC program. Let’s dive into this month’s product highlights, including security questionnaire automation, streamlined NDAs through Salesforce, new tools to manage vulnerabilities, and enhanced support for compliance frameworks.
Build Customer Trust Faster & Accelerate Revenue Growth through GRC
Answer Security Questionnaires in Minutes
Security questionnaires are a notorious time drain, but critical for establishing trust with your prospects. Drata’s new Security Questionnaire Automation (SQA) feature—currently in beta—accelerates the process by leveraging Drata AI to pull data from past questionnaires and your compliance data. This automation accelerates questionnaire response times while giving you full control to review and approve answers. SQA is available for customers on the Trust Center Pro, Foundation, or Advanced packages.
With these updates, we’re committed to helping you stay secure, compliant, and ahead of the competition. To explore these new features and see how they can benefit your organization, schedule a demo.
Streamline Document Access through Salesforce
With the new Trust Center Salesforce integration, say goodbye to the friction caused by unnecessary NDA back and forth. Connect Trust Center to your CRM and we will identify if an NDA already exists and automatically provision access to security documents. You maintain control over access with admin approval, ensuring that sensitive information remains protected. For those managing NDAs externally, this process can also be automated via our public API.
Show GRC Influence Revenue with Trust Center Analytics Dashboard (Coming Soon)
We’re excited to roll out support for TrustCenter Analytics, empowering you with insights into the adoption and usage of your TrustCenter. The new dashboard allows you to track key metrics such as total document downloads, access requests, and page views over specified time periods. Additionally, you can download this data for easy sharing with external stakeholders, enhancing visibility and supporting your revenue organization’s sales goals.
Holistically Manage Risk & Regulatory Requirements
Monitor Vulnerabilities Holistically
Tracking and managing the risk of critical vulnerabilities is more efficient than ever. Our new Vulnerabilities Monitoring solution allows you to track and monitor security vulnerabilities across multiple tools like AWS Inspector, Snyk, and Qualys which helps to minimize risk across your organization. No longer jumping between multiple tools, you can easily monitor your vulnerabilities and risk in Drata’s centralized Solution. Ensure critical vulnerabilities are addressed in a timely manner, with the ability to configure service level agreements (SLAs) for additional oversight.
Manage Multiple Workspaces Seamlessly
Managing compliance across multiple workspaces just got easier. The All Workspaces Dashboard provides a real-time view of your compliance health metrics, including control readiness, framework progress, and passing/failing tests. This holistic view helps you stay prepared for audits and ensure all workspaces are aligned with compliance standards.
New and Updated Security Frameworks
Here's a quick look at some of our latest frameworks and updates: NIST CSF 2.0, NIS 2, and NIST 800-171r2.
NIST CSF 2.0
Stay ahead of the curve by updating to NIST CSF 2.0, which includes new and revised controls aligned with the latest version of the NIST Cybersecurity Framework. We’ve also added 24 related policy templates to support organizations in adhering to the latest cybersecurity best practices.
NIS 2 Cybersecurity Core
For EU-based organizations, the new NIS 2 Cybersecurity Core framework supports compliance with the upcoming NIS 2 directive, effective on October 17, 2024. This framework enhances your organization’s resilience and incident response capabilities, ensuring you’re prepared for the new regulatory landscape.
NIST 800-171r2 Control Mapping
For those working toward NIST 800-171r2 compliance, our platform now includes the control mappings and policy templates you need. These additions will help streamline the implementation of this framework, making compliance more manageable and less time-consuming.
New and Updated Integrations
We're always looking for new integrations to streamline your compliance processes from beginning to end.
Compliance as Code for BitBucket
Drata Compliance as Code now supports Bitbucket, enabling continuous monitoring, enforcement, and remediation of security and compliance gaps throughout the software development lifecycle. With this feature, you can connect to over 90 cloud technologies and DevOps tools, providing comprehensive coverage from code to production.
Drata helps identify common infrastructure misconfigurations that affect your controls with 33+ new tests, and automatically sends pull requests to your developers, offering full context, impacted code lines, and recommended fixes. This proactive approach lowers costs, boosts team productivity, and aims for seamless compliance and audits.
