GGV Capital led a $25 million Series A round of funding for Drata, next-generation cybersecurity and compliance automation startup. The fresh funding comes six months after the company raised funds in its first seed round and launch out of stealth. Through automated security control monitoring and evidence gathering, Drata’s platform assists businesses in achieving and maintaining ongoing compliance. Along with many strategic investors and security practitioners, the round included new investors Okta Ventures and Silicon Valley CISO Investors (SVCI), as well as insiders Cowboy Ventures and Leaders Fund.

“Comprehensive proof of a company’s security and compliance posture has quickly become a requirement for doing business. Drata’s technology allows a company to streamline the audit preparation process, get immediate visibility into real-time security performance, and understand exactly how their controls map to various compliance frameworks. The company has proven to be a true industry disruptor with their continuous approach to compliance, and GGV looks forward to supporting the team as they rapidly scale.” says Oren Yunger of GGV Capital.

SVCI is an angel syndicate comprised of some of the world’s top CISOs, all of whom have firsthand experience with compliance difficulties. The organisation decided to back Drata as the category leader after seeing the new approach Drata brings to the table and reviewing available solutions in the industry.

Clearco, SmartRecruiters, The Good Face Project, 360 Insights, and Trust & Will are among Drata’s current customers, which span a wide range of industries. The funds will be used to hire for important go-to-market functions and to expand the Drata platform beyond SOC 2 to include ISO 27001, the European compliance counterpart, and other security frameworks.

“In a matter of minutes, we had Drata integrated with our environment and continuously monitoring our controls,” says Christine Smoley, Security Engineering Lead at Clearco. “We’re now able to see our audit-readiness in real time and receive tailored insights outlining exactly what needs to be done to remediate gaps. The Drata team has removed the headache from the compliance experience and allowed us to engage our people in the process of establishing a ‘security-first’ mindset.”

Drata stands apart in an increasingly competitive field by taking an automation-driven approach to ongoing compliance. Users can get immediate visibility into their security program and automate the compliance process from start to finish, including employee onboarding, policy generation, vendor management, risk assessment, and more. The company aims to give consumers the quickest time-to-value while minimising the number of additional tools needed. Drata is the first compliance automation solution based on a single-tenant database design, ensuring that no customer’s data ever comes into contact with another’s.

“We knew that there had to be a better way,” says Adam Markowitz, Drata’s CEO and Co-Founder. “We launched Drata to help customers automate compliance and build trust. We also developed our platform with customization and flexibility top-of-mind, allowing for the seamless addition of new security frameworks and use by companies from startup level to enterprise. The market response has been astounding. We onboarded our 100th customer 60 days after the initial launch and are growing at an average month-over-month rate of 100%. With the addition of ISO 27001 and more to come, we’re looking forward to helping more companies achieve and maintain continuous compliance.”