Drata, a company focused on streamlining SOC 2 compliance for businesses, has announced the completion of a $3.2 million seed funding round. The investment was spearheaded by Cowboy Ventures, with additional participation from Leaders Fund, SV Angel, and a collection of individual angel investors. Simultaneously, the company is publicly launching after a period operating in stealth mode.

Similar to other platforms in this space, Drata simplifies the evidence-gathering process required when preparing for a SOC 2 audit. The service centers around executing tests aligned with the SOC 2 framework, assisting businesses in audit preparation and ensuring they have the necessary documentation for auditors. It achieves this through integrations with commonly used business applications and cloud-based services, enabling regular data collection. A particularly useful feature allows users to systematically review each section of the SOC 2 criteria to assess their current audit preparedness.

While the primary goal of tools like Drata is to facilitate successful audits, the platform also aims to provide a clearer understanding of a company’s overall security standing. To this end, Drata provides ongoing control monitoring, along with features to verify that employees have implemented appropriate security controls on their devices. Recognizing that SOC 2 certification requires periodic renewal, Drata also supports continuous data collection for these renewals, automating tasks that were previously often tedious and prone to being overlooked, such as monthly screenshot archiving of settings.

Drata’s co-founder and Chief Executive Officer, Adam Markowitz, began his career working on space shuttle engines before founding his previous startup, Portfolium. Portfolium, a platform for students to display their work, was acquired by Instructure in 2019, and Markowitz remained with the company until launching Drata last June, alongside other former Portfolium team members. The co-founding team also includes CTO Daniel Marashlian and CRO Troy Markowitz. The team’s firsthand experience with the traditionally lengthy and manual audit process motivated them to develop their own solution.

Prior to its official launch, Drata had already secured a number of clients, including Spot by NetApp, Accel Robotics, Abnormal Security, Chameleon, and Vareto. According to Markowitz, the team deliberately remained in stealth until they had successfully utilized their own tool to complete their own SOC 2 audit. Having achieved SOC 2 certification for Drata itself, the company is now prepared for public release.

With an increasing number of organizations requiring these types of audits, it’s logical to see a rise in companies focused on automating the process. Consequently, venture capital investment in this sector is also growing. Recent examples include funding rounds for Secureframe and Strike Graph.