DATE:: July 29, 2023
AUTHOR:: The Drata Team

July 2023

DATE: July 29, 2023

AUTHOR: The Drata Team

Learn about the latest and newest features and updates every week. You can also visit the Roadmaps and Ideas page on our app to view upcoming releases or request new ideas.

Latest updates

Control task

Create and manage tasks for specific controls to work towards control readiness. For more information, go to Task.

Cyber Essentials

Release of Drata's newest supported framework, Cyber Essentials. To learn more about Cyber Essentials, go to About Cyber Essentials.

27 new requirements, 6 new controls, 1 new policy (2 revised).

Personnel Exclusions (V1)

Create an exclusion for any personnel compliance check and enter the duration and the reason for the exclusion. For more information, go to Personnel Exclusion.

Vulnerability scanning integration, Rapid7 InsightVM

Sync vulnerability reports from a Rapid7 InsightVM console directly to Drata and attach reports to controls for evidence of Vulnerability scans (like DCF-18). For more information, go to Rapid7 InsightVM.

Workspace ticketing management

Create tickets in non-primary workspaces for tests and controls that have ticketing providers with write-access such as Jira, Asana, and ServiceNow. For more information, go to Workspaces - Ticketing Management.

Workspace event tracking

View events that are specific to a single workspace. For more information, go to Workspaces - Event Tracking.

Improvements

Audit Hub

View a banner that indicates what an auditor can access in an active audit. For more information, go to Audit Hub.
Receive email notification when Audit Hub request status changes. Admins in Drata can toggle this notification on or off.
Save or cancel your changes when editing a messages.

Control owner details

Updated experience for managing control owner information. You can update control owners under control info in the control drawers. For more information, go to Control Owners.

CSV download on Personnel page

Updated the compliance overview download to include job titles.

Internal notes section

Auditors with the Read_Only access will not be able to access internal notes for controls and events in Event Tracking. To learn more about controls, go to Controls: Set Up Required Approvals.

Risk Management

Delete one or multiple custom risks. For more information, go to Risk Management - Delete Custom Risks.
Filter by custom risks on Risk Management page.

Kandji connection

Updated Kandji connection to validate their new API URL format. For more information, go to Kandji.

Last test result in Monitoring page

Updated description of the last test result section in the Test Detail drawer to provide proper troubleshooting guidance.

SSL/TLS tests

Enhanced SSL/TLS tests to show history of the whole path a domain uses to successfully redirect from http to https. There is an added history object in the JSON response (raw evidence) to showcase how the results of the tests were found.

Test error email notification

Specifies the instance the test error relates, including the customer instance the test error is coming from.