What it does
An enterprise compliance automation platform providing continuous evidence collection, trust centres, and AI-assisted questionnaire completion. Acquired SafeBase to expand trust centre capabilities. Supports SOC2, ISO 27001, and emerging AI governance frameworks.
Security relevance
Drata's compliance automation is increasingly relevant as AI governance frameworks (ISO 42001, EU AI Act) require auditable evidence. Automated evidence collection reduces the manual burden of demonstrating AI compliance, while the trust centre communicates your AI security posture to customers.
When to use it
Deploy when you need automated compliance evidence collection and trust centre capabilities. Enterprise platform requiring procurement, integration with 100+ tools, and organisation-wide adoption. Most valuable when pursuing AI-specific certifications.
OWASP coverage
Risks addressed — mapped to both OWASP Top 10 standards. 0 in LLM, 0 in Agentic.
The raw record
What Yuntona stores. Single source of truth — fork it on GitHub.
name: Drata slug: drata type: Generative category: Third-Party Risk url: https://drata.com reviewed: 2026-04 added: 2026-04 updated: 2026-04 risks: llm: [] asi: [] complexity: Enterprise Only pricing: — audience: Blue Team lifecycle: [govern] tags: [Automation, Compliance, SaaS]