Security and compliance automation startup Drata raises $200M at a $2B valuation

Drata Inc., a startup that helps businesses stay compliant with security standards, announced today that it raised $200 million in fresh funding co-led by Iconiq Growth and GGV Capital in a round that now values the company at $2 billion.

Additional investments for this Series C round came from Alkeon Capital, Cowboy Ventures, Salesforce Ventures, and Silicon Valley CISO Investors, who have followed on from previous rounds and new investors including S Ventures and FOG Ventures. Prior to this round, Drata raised $128 million, including $100 million in a Series B round in November last year.

When Drata initially launched it focused on assisting businesses with adhering to the SOC 2 cybersecurity standards. For the inexperienced, SOC 2 is a voluntary compliance standard for organizations that specifies best practices for how a company can secure sensitive customer data. Maintaining these guidelines is critical for doing business in a world where data breaches are increasingly common.

The task of hitting SOC 2 compliance manually can be onerous and an organization of scale could find itself buried in months of internal audits to reach it. With Drata’s platform, companies can automate large amounts of that process, using it to identify trouble areas and quickly resolve them using a visual dashboard.

In the year since the Series B round, Drata launched more than 14 other compliance frameworks in addition to SOC 2 including PCI DCSS and NIST 800-153, as well as GDPR, which is the European Union’s data protection and privacy regulation. The company also translated the platform into multiple languages in order to support more regional partners and launched a community portal to serve security professionals.

Drata now also boasts an end-to-end risk management and assessment platform that customers can integrate into their workflows that does all of the work, providing a single pane of glass for them to view their entire compliance framework needs in one place. Called Risk Management, it continuously monitors, identifies, assesses and treats risks.

“Since our inception, Drata has been designed to bridge the gap between compliance and trust through automation, and we’ve made significant progress in less than two years,” said Adam Markowitz, Drata co-founder and chief executive.

In the past two years, the company has grown to serve more than 2,000 customers including Fivetran, Lemonade, Notion and Bamboo HR.

According to a report from the International Data Corporation, the pandemic heightened the need for better security and compliance alongside the ever-increasing number of cybersecurity threats due to remote work. The same report forecast global revenues from risk management growing from $11.3 billion in 2020 to nearly $15.2 billion in 2025.

Markowitz said that the new funding would be used to accelerate the growth of the platform and continue to push more research and development into more compliance products to better serve customers.

“This next phase of growth will only further accelerate those efforts, introduce a new wave of open compliance, and help us realize our vision of being the trust layer between our incredible customers and those they do business with,” said Markowitz.

Source: Rawpixel