Week of Sept 16

Learn about the latest and newest features and updates every week. You can also visit the Roadmaps and Ideas page on our app to view upcoming releases or request new ideas.

Most Requested Features

Introducing Vulnerability Monitoring and 8 new vulnerability scanning provider

Now, you can conveniently track SLA due dates for vulnerabilities, proactively remediate important ones, and get notified about upcoming or past-due critical and high vulnerabilities, all without leaving Drata! Head over to the new Vulnerabilities page for a centralized hub to manage all this information. To learn more, go to our Vulnerability Monitoring help article.

We also added 8 new vulnerability scanning providers: 

• AWS Inspector

• Snyk

• Nessus Tenable

• Qualys

• Semgrep

• CrowdStrike VMS

• SentinelOne Vulnerability Management

• Microsoft Defender Vulnerability Management

• Rapid7 InsightVM

Ensure to connect to one of these providers to utilize our new Vulnerability Monitoring feature.

Security Questionnaire Automation (SQA)

Note: This feature is available to those who are on the Foundation or Advanced packages, Trust Center Pro purchasers, and those outside of the EU.

Introducing our Security Questionnaire Automation (SQA) feature! Security questionnaires can be time-consuming and repetitive, so we've automated the process to save you valuable time and effort. Here's how our SQA can help you:

• AI generated responses: SQA quickly analyzes and generates responses based on company data, past responses, policies, and uploaded files.

• Full Control: You always remain in control. After the AI generated responses, you can review, approve, edit, or reject them.

• Continuous Improvement: SQA continuously improves based on your edits, making future questionnaires even easier to handle.

To learn more, go to Security Questionnaire Automation.

Mobile device management (MDM) and Drata agent syncs enhancement

The devices synced from the Drata agent and MDM now reflect the correct device name which comes from the direct source (such as MDM), rather than defaulting to the model. If no device name is available, Drata will fall back on the model details.

NIS 2 compliance framework

Drata now supports NIS 2, the EU's new cybersecurity law, enabling you to fully use Drata's automation tools for compliance. NIS 2 is mandatory for medium and large companies that provide essential or important services to the EU economy and society, including companies and suppliers. This update helps EU-based organizations stay ahead of industry trends while expanding opportunities and building strong relationships across EMEA.

Latest Improvements

Control notification

You can now filter your control notifications for Slack and Microsoft by framework. Navigate to your Company Settings under Notifications to add or update existing settings to add or update existing configurations to utilize this functionality.

Link accounts for former personnel

You can now link and manage accounts for former personnel in the manage accounts page, allowing accurate tracking of accounts tied to both current and former individuals for monitoring purposes.

Help article updates

• Vulnerability Monitoring

• Connecting Okta to Drata

• User Access Reviews for Okta

• Manually connect GCP to Drata

• Rapid7 InsightVM (On-prem, reports-only)