Drata

Back from an energizing week at Black Hat! I had the chance to connect with and hear from so many incredible Drata customers and partners — including Procore Technologies, Abnormal AI, Anthropic, and Brex — and to showcase our agentic AI vision, starting with Drata's new AI Agent for Vendor Risk Management. The direct feedback on how Drata is helping elevate your GRC programs (and where we can continue to level up) is the fuel that keeps us building at breakneck speed. These conversations challenge and inspire us to keep pushing the boundaries of what’s possible — all in service of helping you earn and maintain trust, faster. It was also a privilege to speak alongside leaders like Brian Elmi, Al Yang, and Matt Hillary, Arun Singh, Lauren Lynch, and Yoav Shilon on the evolving intersection of AI, security, and trust in today’s dynamic threat landscape. A huge thanks to everyone who made this week so valuable. Can't wait for the next big moment… Drataverse 2025 — see you there!

Our next Ask an Auditor session on August 14 features experts from HITRUST and IS Partners, as they share practical guidance for navigating the HITRUST certification process with confidence. Whether you’re gearing up for your first HITRUST assessment or looking to strengthen a mature GRC program, hearing directly from those on the front lines makes all the difference. Register here: https://xmrrwallet.com/cmx.plnkd.in/g9tcUdgB Ryan Patrick Philip LaRocca, CISA, CRISC, HITRUST CCSFP CHQP, CC Brian Naji

🚢 ShipIt Friday is here! 🚢 Wrapping up an incredible week at #BlackHat2025 connecting with customers, prospects, and partners, where we unveiled our Agentic AI vision and our VRM Agent. The reception and feedback have been amazing so thank you for amazing conversations and continuous feedback! On top of everything we showcased at #BlackHat2025, the past month has brought major releases as we continue to level up Drata’s Trust Management Platform. Here’s what we’ve shipped in the last 30 days ⬇️ 📝 Configurable Policy Approvals - Define a tailored, multi-layered approval process for policies directly in Drata. Create groups with up to 25 approvers, decide if any or all must approve, and build up to six sequential stages—each with its own rules, deadlines, and reviewers. Automatic notifications, override options, and a redesigned tabbed UI make policy management smoother than ever. 📊 SafeBase Questionnaire Table Refresh - A cleaner, more intuitive UI makes it easier to manage questionnaire progress. A dedicated Status column improves visibility and sorting, while a pinned progress bar stays in view as you scroll for faster oversight. 💬 SafeBase Questionnaire Collaboration - Collaborate directly inside questionnaires with threaded discussions, @mentions, and email/Slack notifications. Blue message icons flag unread threads, and links take you straight to the relevant question for quick action. 🔐 OAuth Support for Google IdP + UAR - Connect Google Identity Provider and User Access Review integrations without a Super Admin. OAuth delivers faster setup, token-based security, and clear permissions, all aligned with Google’s latest privacy standards. ⚡ Salesforce CRM Permission Checker - Instantly confirm if your Salesforce integration permissions are correct. View a clear status, refresh for the latest data, and quickly resolve issues before they disrupt workflows. ✅ Auto-Approval for Colleague Invites - Enable domain-based auto-approvals so colleagues with matching email domains gain instant access. This speeds onboarding and reduces manual work while keeping security intact. 🔗 New Connections: Azure GCC High + Azure Management Groups GCC High - Now supporting secure Azure environments for regulated industries like government and defense, enabling continuous monitoring without compromising data protection. ☁ Amazon Web Services (AWS) Org Unit Cross-Managed Resources Support - Automatically detect compliance signals, alarms, and logs across multiple AWS accounts in an organization. This boosts monitoring accuracy and offers clearer guidance when additional access is required. And of course… we shipped 349+ fixes and performance improvements to make the platform faster, more stable, and even more delightful to use 💪 #dratashipitfriday #complianceautomation #drata #grc #trustmanagement #safebase #productupdates

If you’re at Black Hat this week, we gave you the first preview into our new AI Agent for Vendor Risk Management. 💥 Not in Vegas? Not to worry - join Drata SVP of Product Brian Elmi and VP of Product, AI Bhavin Shah virtually on August 13 as they discuss: 👉 The VRM Agent 👉 The power of Drata MCP 👉 Our AI vision roadmap for 2025 and beyond Register here: https://xmrrwallet.com/cmx.plnkd.in/gWr6EZti

GRC has long been reactive—slowed by manual processes, static audits, and fragmented tools. Through the power of AI, Drata is changing that. Drata envisions a future where specialized AI agents help GRC teams manage risk, validate controls, ensure compliance, and scale trust. And to get there, we’re transforming trust management into a continuous, autonomous system that adapts to new risks in real time, starting with our first AI agent for Vendor Risk Management. Dynamic, intelligent, always on… that's how businesses build trust. And trust is built on Drata.

🎩 A-LIGN was proud to be at #BlackHat, where we teamed up with our partners at Drata to host an unforgettable dinner for clients and prospects. Meaningful conversations, shared goals, and a strong focus on trust and compliance — thanks to everyone who joined us. Brian Naji Brian Elmi Brett Hughes Andrew Steioff Ryan Grace Nicholas Ludy

🚨We’re unveiling the FIRST LOOK at the Drata AI Agent for Vendor Risk Management! 🚨 Third-party risk management today is slow, manual, and inconsistent. Our VRM Agent is designed to change that—providing an autonomous, context-aware assistant that will transform how enterprises evaluate and manage vendor risk. Key capabilities include: ✔️ Automated Criteria Extraction and Mapping ✔️ AI-Powered Document Review and Risk Scoring ✔️ Dynamic Report Generation and Follow-Up Orchestration The launch of VRM Agent is the first step in our broader vision of shifting governance, risk, and compliance from manual, fragmented tools to autonomous, AI-powered Trust Management. Learn more: https://xmrrwallet.com/cmx.plnkd.in/gs2HFiqe

💥 Too many security reviews, not enough time? We’ve got you. Here’s what’s new in SafeBase to help you scale trust without scaling burnout: 🧠 Trust Library AI Search – Find the exact doc or detail you need in seconds 💬 In-line messaging – Chat with teammates right inside questionnaires ⚙️ Salesforce Permission Checker – No more integration guesswork 🔐 RBAC (Beta) – Role-based access controls for Enterprise customers 📩 /safebase-ask-ai – New Slack command that lets you ask SafeBase AI questions directly and get instant GenAI-powered answers ✨ And more UI, extension, and Chrome improvements Get a personalized walk-through: https://xmrrwallet.com/cmx.phubs.li/Q03B0tt60

We officially wrapped up Q2 yesterday at Drata, and I had the privilege of spending it in person with some of our incredible sales team in San Diego. The energy and pure adrenaline you feel in the office on the last day of the quarter is hard to describe! July was another record month to end another record quarter, fueling the momentum going into Black Hat next week 📈 Massive congratulations to all of the Dratanauts on everything you've already accomplished so far this year. Inspired and proud to be building alongside all of you as we charge into H2 together! Thank you Kevin Kriebel for the long arm selfie to capture the moment!

NEXT WEEK! Catch the Drata team at Black Hat for an exciting reveal in agentic AI and what's in store for the future of Trust Management. Stay tuned for more... 👀