Connect with us

Hi, what are you looking for?


Drata nabs $25M to automate security compliance processes

Elevate your enterprise data technology and strategy at Transform 2021.

Compliance and security automation startup Wire today announced that it closed a $25 million series A round led by GGV capital, with participation from Okta Ventures and Silicon Valley CISO Investors. The capital, which comes six months after the company’s initial seed round and launch out of stealth, will be put toward hiring across key go-to-market functions and the expansion of Drata’s into new security frameworks.

Even before the pandemic, security compliance was expensive. In 2018, businesses spent $1.3 million on average to meet compliance requirements and were expected to put in an additional $1.8 million, the International Association of Administrative Professionals reports. But that’s increasing the concern for companies making digital transformations. According to CSO Online, 66% of companies see compliance mandates driving spending in the future.

San Diego, California-based Drata’s platform aims to help companies attain compliance through security control monitoring and evidence collection. With it, users gain visibility into their security programs and can kick off compliance processes including personnel onboarding, policy creation, vendor management, risk assessment, and more.

Founded in 2020, Drata is the brainchild of Daniel Marashlian and brothers Adam and Troy Markowitz. The three saw their first venture together, the social networking platform Portfolium, acquired by Instructure for $43 million in 2019. As Portfolium grew, so did customer requests for proof of the company’s security posture, Adam Markowitz says, taking hundreds of hours and distracting the team from its day-to-day.

“Many software-as-a-service companies are still using Excel with multiple workbooks and complex formulas to capture and retain crucial information about cybersecurity compliance controls. This dumps hoards of Excel workbooks into file shares, email archives, and hard-drives — all with critical information about their company’s cybersecurity posture sitting in disconnected silos — a recipe for disaster,” Adam Markowitz told VentureBeat via email. “The shift to the cloud, explosive growth in the number of software-as-a-service companies over the last decade, along with increased frequency of data breaches, has placed a magnifying glass over the cybersecurity and compliance world.”

Process automation

In compliance, evidence collection is the act of documenting an organization’s compliance processes and outcomes. Examples of evidence include testing and certifications, risk assessment, and personal trading.

Advertisement. Scroll to continue reading.

Drata offers what Adam Markowitz calls an “autopilot system” — a layer of communication between siloed tech stacks and compliance controls designed to eliminate the need to check dozens of systems to provide evidence to auditors. Drata stores evidence automatically on a single-tenant database architecture, ensuring one customer’s data doesn’t touch another’s, and tracks physical and digital assets as well as personnel and records.


Above: Drata’s online dashboard.

Image Credit: Drata

With Drata, customers can start building a solid security posture from day one and prepare an audit when they’re ready. Adam Markowitz says that to date, Drata has has tracked 550,000 assets, tested 5 million access controls, and onboarded 15,000 personnel.

“Data breaches are expensive and big companies are not immune, costing them tens of millions per year. Proof of compliance has become a requirement for doing business and building trust,” Adam Markowitz said. “There is no ‘easy button’ or clear roadmap to the finish line — trying to determine the most efficient path to compliance is nearly impossible without outside assistance or prior experience.”

Drata has a number of competitors in a security compliance market estimated to be worth over $162.5 million. There’s and Safeguard Cyber, as well as DefenseStorm, which consolidates security data from multiple sources and uncovers anomalies with AI. Cybersecurity rating and risk-monitoring platform SecurityScorecard recently announced it has raised $180 million. And Vanta, a San Francisco, California-based automated security and compliance startup, closed a $50 million funding round in March.

But according to Adam Markowitz, Drata’s current customer base already includes “hundreds of companies” across various industries, including SmartRecruiters, The Good Face Project, and 360 Insights.

Clearco security engineering lead Christine Smoley said that integrating Drata only took “a matter of minutes.”

“We’re now able to see our audit-readiness in real time, and receive tailored insights outlining exactly what needs to be done to remediate gaps. The Drata team has removed the headache from the compliance experience and allowed us to engage our people in the process of establishing a ‘security-first’ mindset,” Smoley said.

Advertisement. Scroll to continue reading.

New investors Cowboy Ventures, and Leaders Fund also participated in the round, along with strategic investors and security practitioners. Drata, which has around 40 employees, has raised $28 million to date.


VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Source link

Click to comment

Leave a Reply



Top Stories

Former Goldman Sachs hedge fund manager and cryptocurrency bull Raoul Pal claimed in a tweet that he now only owns a single Bitcoin. As...

Technology has confirmed that a multi-million dollar cyber attack led to the compromise of around 400 of its customer accounts. Although, the company’s CEO stresses that customer...


Today, Apple announced that it has landed a live-action Godzilla and Titans original television series. The series, which will come from the material contained...


What just happened? AT&T is now activating C-Band 5G networks in limited parts of eight metro areas across the US after having followed a...

Top Stories

In a dramatic twist, one of this week’s Multichain hackers has returned 322 ETH ($974,000 at the time of writing) to the cross-chain router...


Microsoft has fixed a known issue causing search issues for Outlook users after installing Windows 10 security updates released since November 2021. As the company explained, searches on the...


Apple TV+ has released a first look at the third season of “Servant.” Season three of the haunting series is set to premiere on...


Editor’s take: I hate to say it, but advertising is a necessary evil. If you desire media content at a reasonable price (or free),...


You May Also Like

SEO Guide

There are all kinds of pictures of the world on the internet, but to find one of these specific pictures that you want to...

SEO Guide

How to index website on Google? Do you want to drive more organic traffic to your new website? I am sure your answer is...


In this post, I will discuss the top ten profitable blogging niches ideas for Adsense approval and high traffic. whether you use Blogger or...

SEO Guide

Want to rank in Google image search? Images that you use as a featured images when writing a post actually appear on Google Images...