The past 12 months marked a defining chapter for Drata. We crossed the five-year milestone as a company, grew even faster than our previous year, and made a long-term decision to establish our new headquarters in San Francisco. Each of these moments matters on its own, but together they signal something bigger: Drata’s evolution from a compliance automation product to becoming the platform companies rely on to establish, monitor, and prove trust continuously.
Why We Started Drata—and Why This Moment Matters More Than Ever
Five years ago, Daniel Marashlian, Troy Markowitz, and I started Drata to solve a problem we saw everywhere, and personally experienced when we were growing our first startup, Portfolium. Companies were scaling faster than ever: expanding globally and partnering across increasingly complex ecosystems. Yet, the way trust was proven hadn’t kept up. Risk lived in spreadsheets. Assurance happened once a year. And trust lived in point-in-time artifacts—audits, questionnaires, screenshots—manually pulled together only when someone asked for proof.
From a Belief to a System: Making Trust Continuous
From the beginning, we believed trust should work differently. It should be continuous rather than point-in-time, operational rather than theoretical, and embedded into day-to-day workflows, not manually scraped together for every audit or deal. That belief remains true. What’s changed is the environment around us. AI is reshaping how decisions are made, risk is moving faster than regulation, and trust has become foundational to how companies build, scale, partner, and win.
Over the past year, we saw rising demand for trust management that unifies governance, risk, compliance, and assurance into a single, integrated platform, amplified by our acquisition of SafeBase. That demand translated into 60% year-over-year revenue growth, 190% year-over-year enterprise growth, with 8,000+ customers now relying on Drata, including Fortune 100 leaders and a third of the Cloud 100. Our growth has become increasingly global as well, with customers operating across 80+ countries.
At the same time, we continued to invest deeply in the platform, launching over 400 new features in the last year, including AI-powered capabilities that reduce security review cycles, surface risk as it emerges, and keep compliance signals current. To top it off, we’ve seen $20 billion in security influenced revenue from security teams using SafeBase Trust Center and processed two million questions via AI Questionnaire Assistance—so trust doesn’t lag behind the business.
Putting Down Roots in San Francisco
This momentum has led to a pivotal decision: opening our new San Francisco headquarters. San Francisco is the tech hub where hard infrastructure gets built, categories are defined, and the future of AI, security, and governance is actively shaped. For us, being here not only accelerates innovation, but also reflects a long-term commitment to our customers, our team, and the broader trust ecosystem we’re helping to build.
This space also represents our continued commitment to in-person collaboration, innovation, and execution. Some of our best ideas, strongest execution, and most enduring bonds come from working face-to-face. This office gives our teams a place to do exactly that—to strategize, connect, and build the future together.
Drata began as a remote-first company in the middle of a global pandemic. We’re proud of what that culture enabled over the last five years, and we’ll continue to honor the flexibility and autonomy that helped us move fast. At the same time, we’ve leaned into a more intentional hybrid approach as we recognized the demand for a different level of in-person collaboration, focus, and speed. Along the way, we’ve expanded our team globally and opened offices in San Diego, New York, London, and Sydney, with our biggest yet now in San Francisco.
Moving into 2026 and Beyond
As we look ahead, our accelerated growth reflects a broader shift in how organizations approach governance, risk, compliance, and assurance. Security leaders are no longer satisfied with checking boxes. They want always-on readiness instead of audit fire drills, continuous visibility into internal and third-party risk, and systems that scale trust alongside the business. That’s why organizations across industries—from high-growth technology companies to Fortune 100 leaders—are choosing the Drata Agentic Trust Management Platform to power their trust program.
At Drata, our vision is to be the trust layer between great companies. That language is intentional. A trust layer is a shared infrastructure that both sides of a business relationship rely on. It connects governance, risk, compliance, and assurance into a living system that reflects how businesses actually operate. Our focus on an integrated, agentic platform is about bringing these signals together in one place, reducing fragmentation, and giving both internal teams and external partners a shared source of truth they can rely on.
As we enter this next chapter, we’re investing in initiatives that reflect where trust is headed. We’re introducing a redesigned GRC platform experience that makes trust evidence, risk signals, and assurance outcomes clearer and more actionable, because trust only works when teams can see it clearly, act on it quickly, and share it confidently with others. We’re also launching When Trust Meets AI, a new podcast that creates space for real conversations with builders, operators, and security leaders as we dive into how AI is reshaping GRC and assurance.
Five years ago, we set out to build something enduring. To deliver continuous trust in every business interaction. The companies that get this right early will define the next era of growth. We’re proud of what we’ve built so far, but even more clear-eyed about what comes next. Trust doesn’t stand still, and neither does Drata.
If you're passionate about helping Drata realize our vision, come work with us or request a demo to see how we can support your organization on its path to trust.
