
John Minnix
January 21, 2025
AI-Powered Compliance: How Drata and Bright Defense Are Revolutionizing Risk Management
Video Transcript
Below is a transcript of a video conversation between Bright Defense’s Co-Founders, Tim Mektrakarn and John Minnix, and Drata’s Director of Product, Akanksha Nguyen.
Tim: “Can you tell us more about your AI tools and how they’re helping customers?”
Akanksha: “On the third-party risk management side, we use AI to help summarize documents that typically might take you a very long time to review. So, we have AI summaries for vendor questionnaires and SOC 2 reports.
Typically as part of a security review, you would receive back a vendor questionnaire and a SOC 2 report. You’d have to review everything and highlight anything that might be a potential risk. With our AI summaries, we help you do that a lot faster because we’ll give you an overview of the entire document, as well as note any observations or callouts that might need your attention. Instead of having to go through every question or every page of a report, you get that quick overview, and then you can move on quickly to the next important step, which is actually creating risks if you decide that they want to move forward or not move forward with that vendor more quickly.
Another area where we’re doing a lot of fun stuff with AI is security questionnaire automation, and this is a brand new feature. We’re in an early testing phase. This is meant to help you answer inbound security questionnaires a lot quicker. You build your knowledge base within Drata. You can even use past questionnaires as part of your knowledge base.
And so when you receive a new questionnaire, we’ll reference all of your evidence and all of yourires past questionna and automatically answer that questionnaire for you. And we’ve had several customers testing this out so far, and we’ve heard that this is literally taking a process that used to take days, sometimes weeks, down to minutes. And the accuracy is pretty reliable as well.
We’re really excited to keep innovating there and seeing how else we can help save our customers a lot more of that valuable time.”
Tim: “Here at Bright Defense, we use the AI features all the time, too. It helped us answer a 50-question questionnaire in 15 minutes or so, where it would normally take over 2 hours. So we love that feature.”
About Bright Defense
Bright Defense is defending the world from cybersecurity threats through continuous compliance.
We understand that compliance is more than just checking boxes. It’s about minimizing the financial risk and reputational harm from a data breach. It’s also about assuring your clients, stakeholders, and employees that you are conducting business with the greatest commitment to security and data integrity.
Bright Defense combines technology, expertise, and a customer-centric approach into a continuous compliance service that meets your unique business needs. Our monthly engagement model delivers a robust cybersecurity program that allows you to meet compliance frameworks, including SOC 2, ISO 27001, HIPAA, PCI, and CMMC.
Once compliance certification is achieved, we constantly enhance your security program to keep up with the evolving threat landscape and compliance standards. Our compliance automation toolset powered by Drata gives you complete visibility into your compliance status while saving you time and money.
About Drata
Drata is the world’s most advanced security and compliance automation platform with the mission to build trust across the cloud. With Drata, thousands of companies streamline over 20 compliance frameworks—such as SOC 2, ISO 27001, GDPR, and more—through continuous, automated control monitoring and evidence collection, resulting in a strong security posture, lower costs, and less time spent preparing for annual audits. The company is backed by ICONIQ Growth, Notable Capital, Alkeon Capital, Salesforce Ventures, Cowboy Ventures, S Ventures, Leaders Fund, Okta Ventures, SVCI, SV Angel, Intuit Ventures, and many key industry leaders. For more information, visit drata.com.