PE Tech Report


Like this article?

Sign up to our free newsletter

GGV Capital leads USD25m Series A funding in Drata

Drata, a security and compliance automation company, has raised USD25 million in Series A funding led by GGV Capital. 

The new financing comes six months after the company’s initial seed round and launch out of stealth. Drata’s platform helps companies achieve and maintain continuous compliance through automated security control monitoring and evidence collection. New investors Okta Ventures and Silicon Valley CISO Investors (SVCI), as well as insiders Cowboy Ventures and Leaders Fund also participated in the round, along with several strategic investors and security practitioners.  
“Comprehensive proof of a company’s security and compliance posture has quickly become a requirement for doing business,” says Oren Yunger of GGV Capital. “Drata’s technology allows a company to streamline the audit preparation process, get immediate visibility into real-time security performance, and understand exactly how their controls map to various compliance frameworks. The company has proven to be a true industry disruptor with their continuous approach to compliance, and GGV looks forward to supporting the team as they rapidly scale.”
SVCI is an angel syndicate made up of some of the world’s leading CISOs, all of whom know first-hand about the challenges of compliance. Seeing the revolutionary approach Drata brings to the table and after evaluating available solutions in the market, the group decided to back Drata as the category leader.
Drata’s current customer base includes hundreds of companies across various industries, including Clearco, SmartRecruiters, The Good Face Project, 360 Insights, and Trust & Will. The funding will be used to hire across key go-to-market functions and expand the Drata platform beyond SOC 2 into ISO 27001, the European compliance counterpart, as well as additional security frameworks. 
“In a matter of minutes, we had Drata integrated with our environment and continuously monitoring our controls,” says Christine Smoley, Security Engineering Lead at Clearco. “We’re now able to see our audit-readiness in real time, and receive tailored insights outlining exactly what needs to be done to remediate gaps. The Drata team has removed the headache from the compliance experience and allowed us to engage our people in the process of establishing a ‘security-first’ mindset.”
In an increasingly competitive field, Drata differentiates by employing an automation-led approach to continuous compliance. Users are able to gain immediate visibility into their security program and streamline the compliance process end-to-end, including personnel onboarding, policy creation, vendor management, risk assessment, and more. The company strives to provide customers with the fastest time-to-value possible while reducing the amount of additional tools required. Drata is the only solution in the compliance automation space built on a single-tenant database architecture, ensuring any one customer’s data never touches another’s. 
Formed in 2020, Drata was originally conceived as a response to the experience the founders, Adam Markowitz, Daniel Marashlian, and Troy Markowitz, had with their first venture, Portfolium (acquired by Instructure in 2019). As Portfolium grew, so did customer requests for proof of the company’s security posture. The process in preparing for an annual SOC 2 audit was largely manual and took hundreds of hours, distracting the team from its day-to-day. 
“We knew that there had to be a better way”, says Adam Markowitz, Drata’s CEO and Co-Founder. “We launched Drata to help customers automate compliance and build trust. We also developed our platform with customization and flexibility top-of-mind, allowing for the seamless addition of new security frameworks and use by companies from startup level to enterprise. The market response has been astounding. We onboarded our 100th customer 60 days after initial launch, and are growing at an average month-over-month rate of 100 per cent. With the addition of ISO 27001 and more to come, we’re looking forward to helping more companies achieve and maintain continuous compliance.”

Like this article? Sign up to our free newsletter