Name: February Drata Product Roadmap Reveal
Uploaded: 2026-02-26T18:30:56.363Z
Duration: 59 min 24 s
Description: February Drata Product Roadmap Reveal

Transcript for "February Drata Product Roadmap Reveal": Hi, everyone. I hope you are having a great day. We're gonna give people just a couple minutes to get logged in, and then we'll get started. We're really excited about this webinar and can't wait to tell you about everything that's that's coming in the next quarter. So like I said, we'll we'll get started in just a couple of minutes. Get a chance to grab coffee, whatever you need to do, and then we'll we'll jump in. Alright. Just a couple housekeeping items. This is being recorded, and we will send it out following the session. So if you leave early or you're coming in late, don't stress about it. You'll get access to the recording afterwards. We also have several members of our amazing team behind the scenes answering questions. So don't be shy. Use the q and a. Ask them what use just pressing for you and what you're excited to learn more about. And then we'll also aim to answer more questions at the end of the webinar as well. But let's go ahead and jump in. We have a jam packed agenda ranging from our new experience to security assurance and everything in between, and we will round out the time with your questions live. So like I said, toss your questions in the q and a. Our team will be answering in the background, and then we'll grab some of those to answer live at the end as well. Just to introduce myself, I'm Ashley Hyman. I'm the VP of Customer Experience here at Gerada. I am so thrilled to be here with you today. This is one of my favorite parts of every quarter is this webinar. And we're really excited to be here with you, our our most valued customers. We at Drata, our customers are the center of everything we do. And so we're excited to share with you what we have coming and and to get your feedback. We are also so lucky to have multiple product managers with us today. We have Bavin who leads our AI product management team, Dana, our senior director of product management. Nir, who leads our trust assurance team. And Rafael, one of our senior product designers. We've also got Akansha, our senior director of product management. So, really, the dream team is all here to share with you what they've been working with and what they've been creating for you. It's gonna be pretty exciting, to hear your feedback, and we can't wait to talk to you more. But before we jump into that, I think it's important that we really anchor on why Drada exists and and who we serve and why we're here. So we serve organizations that need to operate operationalize trust at scale. The goal is not just to pass audits. It's to continuously prove security compliance and and your resilience to your customers. We want to help you build trust with your customers, with regulators, and and with your board, frankly. And today, more than 8,000 companies across 60 countries rely on Drada as their system of record for governance, risk, compliance, and and don't forget assurance. They choose us because we provide one integrated AI native platform that replaces the fragmented tools and manual processes. And I'm sure you're all thinking spreadsheets. What really makes us different is continuous trust, real time evidence and always on assurance instead of point in time snapshots. That doesn't do the trick. That doesn't really tell people how you are protecting your customers' data. But the trust gap isn't just growing. It's it's frankly exploding. In the past five years, we've seen a 110 plus new regulations that have been introduced worldwide. That's more than the previous forty years combined. That's just overwhelming. It's really hard to think through, like, how do we keep up with that? And over 50% of breaches actually start with vendors. And, typically, that's only discovered once the damage has already been done. With AI accelerating procurement, buyers no longer wait days to get security questionnaires. They expect instant proof of your posture as a company. So the the stakes are really high right now, and there's a lot of pressure. And most companies are trying to manage with spreadsheets and siloed tools, and it just doesn't scale. You need to have be able to work on this, but also build your company. And the result in all of this is that companies are falling behind. Their GRC and assurance practices really just can't keep up, and that's why we're here. When we talk to customers, their needs are really falling into three key themes. Number one, having everything connected and automated, your controls, your risks, your policies, all the things in in in real time. Number two, a single view of risk. Internal vendor asset access risks, everything surfaced continually, not after the fact. We don't want you to find out in an audit that there was a risk. We want you to be aware of the risk, be able to attack the risk, and have a plan for the risk. Number three, instant assurance. So security questions answered in minutes with a live trust center to proactively show your posture. Really, this is becoming table stakes. This isn't just about automating compliance anymore. It's about creating a scalable, intelligent trust layer for your entire business. And really, Draw was purpose built for exactly that. It's it's it was built for today's reality. And we deliver through four foundational pillars. Like, when we talk internally about what we're going to build and how we are going to continue to iterate on our product, it's focused on these four foundational pillars. And that those pillars turn GRC and assurance from a burden, which we can all feel, into a business accelerator. We want this to help you increase your revenue. First is automated governance. That's centralized policies, automated access reviews, audit readiness. Second would be your integrated risk management. So bringing internal and third party risk into one system. Third, continuous compliance. This is our core strength. This is what we we built the system on from from day one. Test control daily. Like, where you're testing things every single day and surfacing those issues every single day. And fourth, accelerated assurance. You know, with the addition of SafeBase over a year ago now at this point and the trust center and AI to prove posture instantly, we want to help you to get responses in real time to to support your business. Now together, these pillars, make trust continuous, operational, and and fast enough. We know that speed is the name of the the game right now. Now, you've probably heard enough from me. You're like, Ashley, we get it. We know why we're here. So let's let's dive in. I want to really get to the good stuff and something we've been so excited about. I'm gonna pass it over to Rafael to kick us off with the new Drada experience. But, Rafael, I wanna know. Tell me, where did the motivation for this new experience come from? I'm I'm so excited to hear more. I would say is the, with ProLogo gonna start, like, we needed to build a foundation for, a modern GRC, the future of Drata and an AI driven GRC, at very large scales. So that was our our main motivation for this entire new experience that I'm about to show you. I love it. Let's see it. Alright. I'm gonna share my screen. Window. Alright. Fantastic. Now we've taken your feedback, and, we are I'm really excited to represent a team of, excellent designers, product managers, and engineer. And probably the the first thing that you can notice is the visual evolution. We've introduced a more legible type typography, clear iconography, making information easier to read, scans, and decisions are easier to make. The colors are brighter, and they really represent our brand now. Layouts are are cleaner. They, they're built with intentionality, and this, and this isn't only cosmetic. The visual updates supports usability and something that was really important to for, to us, the accessibility. So better hierarchy, better readability, and better focus for your teams. Now I want you to focus a little bit. I'm gonna zoom in, on your left side of the all new navigation. We rebuilt it around how teams are thinking. Navigation is organized around different in and, insight entry points that like here in dashboard or your risk insights or insights for your vendor. It's also workspace aware, adapting as your teams are evolving if you if you need this feature on. It's also very customizable. So if you need more real estate, you can collapse, or you can show and hide different sections of the menu. The goal was very simple, less hunting and more clarity in your journey. Let me zoom out. Now something I am particularly excited to show are tables. They're fully customizable. You can reorganize the order of the columns. You can show and hide columns. Let me hide a couple, maybe three of them, and you can save your changes. The changes are going to be saved, on on all major tables, so you don't have to re so we we we will remember exactly how you left them the last time. Something we are also excited to show you is that now you have inline data visualization, and we also have custom fields, and they also come with their own, filters. You can also pin columns with with whichever you want to, and you can also have different road density. Drawdown becomes your personalized system of record. Now let me go over to controls real quick, something I'm super excited to bring as well. And for me, one of the most impactful additions that we've made, over the over the last year are the action panels. So I'm just gonna click over here. Instead of treating table like a statistic list, we're gonna bring, sort of a command center, if you will. So if you have failing tests, overdue evidence, or pending approvals, we're bringing that information to you. You don't have to hunt, for what needs attention. This shifts rather from being a system you check to a system that guides you. It helps you move forward in your compliance journey. Now that we're here, if you wanna take a look at this specific object in DRATA, in this case, a control, you can open details over here or from the table. I'm gonna open the details. So focused in-depth experiences are so important right now. The layout is organized by clear tabs, so you have your evidence, monitoring, or your frameworks. You can easily navigate to one of them. There's more room to see your map linked objects, like your owners or review your approvals or the link workspace for this specific control. And we also have a structured header that gives you high level status and primary actions as you need them. This this is not only for controls. You will have also, different tests, detail pages, or risk overview, or your vendors, or your policies, and so forth. Let me go back to controls. So, like, I'm gonna go real quick into monitoring. Like, nothing works in isolation, Adrada. So you can also get some context preview. So I'm so open this, failed test. And from any detail page, you can peek into other linked or map object, whether it's evidence or test in this case. No more back and forth clicking, no losing your place, and your mental model stays intact, which was really important for us that you have that linear interaction at DRADA, that linear workflow from going broad in the table to a detailed page to now a peek. And if you want to navigate even further, you can also go and open that detailed page from here for this specific object that you're seeing. Now you can see over here over to your right kind of a new menu that we're introducing. This menu, in context of this specific control, you have your internal notes, you can have tickets or tasks among among other features as well. And in this menu, we are also going to have our agentic experiences. You can coordinate, take action, move work forward exactly where it's happening, less context switching, and faster execution. And last but not least, something I'm the probably one of the most exciting things today, in my opinion, is Droda comes in black now. It's fully integrated across the experience, designed with intentionality, readability, and focus, giving teams the environment that they prefer to work in, whether it's in a bright room or you're working late hours at night. Simple, configurable, transparent, agented by design, and build for what comes next. Thank you so much. Rafael, this looks so amazing, and I know how hard the team has worked on this. I know dark mode is really exciting. But beyond that, what are you most excited for customers to experience with this new look and feel? I would say I'm really excited to see how they're going to use our agentic experiences. That is going to give us so much information about how we can drive the future of DRC. I cannot wait to see to see them use all the exciting stuff that my my colleagues are gonna show you in a moment. Amazing. Amazing. Thank you so much. Well, continuing on the momentum of the new DRATA experience, I know Dana has several highly anticipated updates, especially with the usage of AI to increase efficiency. We want to give back time to those busy GRC teams. Dana, what do you and your team have coming? Oh, we've got lots and lots of good stuff coming, and, you know, it's really fun to follow Rafael and sharing the new Drata experience because everything that we're building out to, you know, provide more continuous automation, automated governance, all of the fantastic agentic and and actionable AI is gonna be driven off of that new experience. So the cool thing is that, you know, everything that we're gonna follow with here is gonna be featured in the new experience. So that is very exciting. So kicking things off, you know, again, focused on AI. We've got a lot of good stuff coming here that is going to leverage AI not just to have it to say we have it, but really to streamline your workflows. Kicking things off with AI policy comparison summary, This actually benefits you all in two ways. One, for the folks that are managing policies, creating, reviewing, approving, now you've got a policy summary driven by AI that can compare two versions, and it's just to the last version. So you have an idea of where were we, where are we going, how do I manage this more quickly, how do I approve it, see what the changes are, and continue on with my processes. And then on the flip side of that is for personnel. When they are in MyDRADA and they are acknowledging policies, you'll have the option to give them a summary view as well. So if someone says, I just want to know that I'm bringing this new policy or I need to acknowledge this new policy and it's 20 pages maybe. I just I wanna know what's different from the last version. And and this is such a great example of what we like to call a Drada drinking our own champagne. This is something that we knew we wanted to do. We got this feedback from customers, but even recently, we had a we had a a new policy that our entire team had to acknowledge, and our Slack was blowing up with folks on the team saying, can I just get a summary of what the last thing was? And and, you know, the the folks on on my team who were responsible for this kept saying, it's coming. It's coming. It's coming! So really excited to get that into everyone's hands because it speeds everything up so everyone can get back to the work they need to do on both sides of the house. That's amazing. I can just imagine how much easier that's gonna make policy renewals each year. Thank you. Absolutely. We've also got some exciting changes coming to our audit management, and I know that that's something everyone's got an audit. Whether you're using our audit hub and your auditors are using our audit portal or whether you're doing things kind of from from an internal stand standpoint, there's a lot that we wanna do to really beef up what we deliver with our audit management functionality. So so what we've got coming up too is unified what we're calling unified evidence management. So right now, you know, there's some restrictions and limitations with with tying the evidence to your evidence library. When you are in an audit and you get a request, you know, what you want to do is address the request and move on to the next one. We know how much of the entire GRC lifestyle is sort of checking boxes. So we want to make things easy. You get a request, you want to make sure that you're providing that evidence and making sure that that's a closed loop and it goes back tying that evidence to the control, you'll be able to attach evidence to a message and and add it to the evidence library at the same time. Conversely, if you know you have a piece of evidence in evidence library, you're like, oh, that just didn't you know, didn't realize it was gonna be needed for that control, let's say, comes in through a request from your auditor, you can easily pull it in. So it's just making everything a lot more connected, again, to speed up and make things more efficient in the audit process. Yeah. It feels like a game changer. Like, it's really gonna give our customers time back and I think reduce that panic that can come in audit season. 100%. And it's like and and and if if we think you know, if we if we go in the way back machine of doing everything on paper, it's like it's like having a piece of paper that you've left on your desk, and you're like, where was that? I know I have that. And now it's like, nope. It's in the right file. That's exactly what we're trying to achieve here. So awesome. We also have customizing our pre audit package. So another great one of, you know, we've heard you. We we wanna, you know, kind of address your needs here. And one of the goals is really make things flexible and configurable. So we'll be delivering the ability to customize your pre audit package. So currently, you know, what we deliver is what you get, but now you'll have the ability to decide which data you want to include in that package to auditors kind of from a category level. You can do everything, you can do one or two. It also helps that maybe if you've got, you know, sort of follow ups to audits or things that you're doing internally, you can really customize that to just focus on the data that you wanna provide. Customers are gonna be super excited about this. That more control and precision over the audit totally aligns with what we've been hearing from customers. And, again, just going back to that stress of the audit season. So having that control is gonna make such a difference. 100%. Totally agree. When we're looking kind of longer term and what we're going to be, you know, doing over the coming quarters, you know, it's really, again, all about maximizing AI in ways that provide a benefit, provide value as well as as well as, you know, speed things up, and then, again, the flexibility to do more in the application. So a couple of things that I just want to highlight here without getting too too deep is our upcoming GRC AI co pilot. We're going to have an early access. We're targeting the beginning of q two for that. So this is really leveraging a conversational AI to ask questions and and to move through your your tasks more quickly, specifically related to controls and monitoring tests. Those are the first two we're going to be tackling and that are going to be adding on as we go to risks, to policies across the board. So we're super excited to get that out. We're actually working on it right now, but as you all know, you know, it can take a little bit of time, but we're very excited there. More flexibility coming down the pipe too with personnel scoping for workspaces. This is a very, very highly requested item to be able to decide, you know, which personnel applies to your workspace depending on how you break out your workspace your workspaces. Open search with personnel so you can find who you're looking for and, you know, address questions or issues more quickly. And then custom roles and RBAC improvements also coming in FY twenty seven. Moving on. So now we're going to jump into our integrated risk management. I'm going to focus here on our internal risk. You know, one thing that we know for sure is that risk management is not one size fits all, and the one constant in all of the customers that we speak to is that you all do it differently. And so we're really focused on ways to again, flexibility and configurability. We don't want to make it so open that it becomes analysis paralysis with how many knobs you can turn and buttons you can press. We really want to make it focused to ensure that we address the use cases that are most pressing. But we also wanna make sure that you can, you know, bend it to your whim, so to speak. So we're gonna jump into oops. Sorry. Go ahead, I'm. so sorry, Dana. I was gonna interrupt because I was so excited about multiple risk registers. From what you've heard, how will the way that we've implemented multiple risk registries transform our customers' experience? That's a great question. So there's a there's a few different ways. One, from an organizational standpoint, so really thinking about, you know, how I can divide the registers to focus in specific areas that, again, really malleable depending on how I need to divide it up. Do I need to divide it up by business unit, by product line, by region, by department, by risk type? You can do it however you wanna do it. So, really, it gives people flexibility and focus from an organizational standpoint. The second piece on that too is that with this, we we've introduced a new role. It is a risk register manager. It's a little bit of a tongue twister. The risk register manager role, so then we can control access, which is so important not just across your entire program, but specifically in risk. Right? We really need to make sure that, you know, the right eyes are on it and the wrong eyes are not. So the ability to also have that additional access boundary. So I think organization and the access boundary are the two things that really are what I want would would say are gonna have meaningful impact for our customers to use here. And then the third there's actually three which is coming down the pipe, which we're working on right now, is also the overall support for workspaces with risk. Whether or not you use multiple risk registers, you will be able to support risk across your workspaces. This is coming. We'll dive deeper into that probably in next quarter's roadmap webinar, but it is being worked on right now. And then you will also be able to have multiple risk registers per workspace. But as I said, flexibility is key. We're not locking you into one workspace, one register. You can do it however you need to do it. And with that, I would love to do a quick little demo of what we've got with multiple risk registers. This is currently in an early access program, which is kind of the artist formerly known as beta. Our early access is being run right now. We are getting great responses, great adoption. We're going to then pull in our workspace work into that early access as well before we can sort of GA all of this to you. So very, very excited about that. So let me just dive into give me one second. Sorry. Give me one second. Quick demo. There we go. There we go. Awesome. Okay. So here we are. So now you're seeing Drata, and it's and it's a beautiful new experience. You'll notice here under risk, we have a new nav item for registers. So if you're utilizing multiple registers multiple risk registers, which I just do wanna make a note, this is available if you're in risk management pro. So at first, when you drop in, you will see the list of all of the registers that you have access to, again referring to that new risk register manager role. You'll be able to kind of get an idea of just sort of an overview of your assessment progress, the state of the risks within that register, who the owner is, etcetera. You can quickly create a new register, give it a title. You can add one or many owners. There we go. Oh, that's not good. It honestly works. I promise. Not sure what happened right there. But why don't we just dive into the enterprise register? Sorry about that. So here, you'll have each register again taking advantage of the new risk table. You can customize your columns, all that good stuff that Rafael showed. You can do, you know, all of your regular filtering. Again, you'll have access here if you have the access manager role. And then just like all of the other existing risk manager, risk owner roles and the restricted views, all of that is still going to apply. You'll have the risk library if you want to pull in the common risk scenarios that JADA offers. And then one of the really important things here too that I want to call out is that you will have risk insights that have roll up across your registers. So that's one of the key pieces of feedback that we saw. You wanna be able to see, you know, how are things breaking down by by, sorry, by individual register, but you also may wanna see across your entire your entire risk program. So, you know, you could say, okay. I wanna see it for my enterprise risk and my IT. So you can you can apply those filters and then get the information kind of as as focused or as broad as as you want it here. Let's hop back and let's see. There we go. And go back and kind of talk about a few more of the things that are coming down the pipe for internal risk. Awesome. Thank you. So we've got multiple work multiple risk registers. We talked about the workspace support. We have, again, more things for the configurability and really to support the needs of really mature organizations and mature risk programs. So descriptive risk scoring is a big one we've heard from folks. Maybe you don't use a one through five or a one through three scale, you use low, medium, high. We're going be getting that out to you as well. And then leveraging AI for risk insights and summaries, so not just getting the information, but leveraging AI on what to do with that information. So it's not just here's the info, but here's what you should do with it. And then ultimately, that would feed into our longer term plan of agentic workflows with AI that would actually, you know, help to mitigate the risks. We've got our risk assessment questionnaire, also AI driven, to identify risks and and across your organization. So for ongoing risk management. And then we've heard, you know, again, for that more mature organizations or organizations that have more complex structures, risk hierarchy. So there's a lot of exciting stuff coming down the pipe, and we can't wait to show you. If anything sounds of interest to you, we always encourage you to let your customer success manager know. And if there's early accesses that, you know, you wanna be a part of and you're the right fit, we're super happy to get get in touch. Amazing. Dana, so many important releases. I know I've been on so many calls where customers have been giving feedback on what they need for risk management, and it sounds like you and your team have really delivered here. But we have so much more to go. Akansha is joining us to dig into everyone's favorite topic, third party risk management. Akansha, what do we have coming? We have a lot coming for third party risk management. I'll go straight into it. So first off, we are going to be launching a completely separate standalone TPRM platform. This is gonna be entirely agentic and based in AI, and this is going to be a huge improvement upon our current TPRM tooling. I'm gonna go into a ton more details here on how the TPRM agent will actually work. But overall, the standalone platform is gonna help you accelerate assessments, maintain risk visibility through continuous monitoring, and a lot of AI powered inherent residual risk scoring, and then also really scale your program across your growing vendor ecosystems with integrations into your key tools. Let's talk a little bit more about the actual AgenTik TPRM assessment. So we're very excited about this. This is currently in early access, so a couple of our customers are using this already in their production environments. And this entire AgenTik experience is designed to really speed up the security review process. So we know that questionnaires can be quite painful, both on our customer side and vendor side to complete and get the correct information that you need, to make a decision on the vendor. So the agent is entirely designed to do away with those painful questionnaires. Only really use them if you need to, but really rely directly on vendor documentation, vendor evidence to give you the assessment information that you need to make a decision on that vendor. So it will automatically assess vendor documents and tell you very clearly if your requirements for those vendors have been met or not met. How this works is we're introducing a new concept called criteria. So criteria is essentially your requirements of your vendors. There's a couple of different ways that you can generate criteria in Drata. We do have default criteria that you can use, but you can also use AI generated criteria. So you can upload all of your requirements in the form of a questionnaire, and then we will create the criteria for you. You can map those criteria to different vendor impact levels and also let us know for each criteria what you're looking for in the vendor documentation. The agent will automatically apply all the criteria that are relevant to each of your vendors, and this can be dynamic based off of that impact level or inherent risk level. And this lets you really standardize all of the scoring across your vendors and fully supports customization so you can build the criteria to support your program however you have it. Once you've built your criteria, we will then do our best to automatically collect documents for you. So in the case that a vendor is using a Drata Trust Center, formerly known as a SafeBase Trust Center, we can actually automatically facilitate the access request and automatically collect documents. And you don't have to leave Drada to go and find the documents, download them, reupload them, and go through that slightly painful process. So we can automatically collect all of that. Once the documents are received, we'll assess all of those against the criteria. In the case where the vendor's not using a Drada Trust Center, we will actually, facilitate a request through Drada. The vendor receives a request through Drada, and they'll have a page where they can upload their documents directly. And then those documents, as soon as they're received, the agent will go and do its thing and do the full assessment from there. Once the documents are assessed, you'll get a clear outcome of how your criteria have been met or not met, or criteria could come back, as inconclusive. Inconclusive would be in the case of perhaps you found conflicting information in the documents or not enough high confidence information, in that case, you'll want to follow-up with the vendor, and you'll wanna address those gaps directly. So the agent will also automatically create a follow-up questionnaire, and you'll get to review those questions. The agent can send the the follow ups directly to the vendor. The vendor will respond. And as soon as the responses are received, the agent will rerun the assessment and give you an updated view. So you don't have to email the vendor separately. You don't have to go out of Drata to facilitate this process. The agent will do it all for you. And finally, once the assessment is done and you've done your entire review, you will then get an AI powered assessment report. So this report will have the entire summary of what the agent did to review the vendor. It'll have all the details of each criteria. It'll have potential risks that were identified, observations, notes, and all the agent activity. You can export this to share with internal stakeholders, external stakeholders for audit purposes with your leadership, and everything is nicely put together in one package. So that's the agent, the first of many that we're building here at Drata. We have a couple more things on the exciting road map for TPRM. So in addition to the agent doing the assessment, we're also gonna be introducing agentic risk scoring. So this will be scoring both pre assessment and post assessment, so inherent risk and residual risk so that you have, clear recommendations based off of the vendor's information and the assessment, to then move forward with your recommendation. We're also working on top requested integrations to vendor sources of truth. So these are things like procurement tools so that you can keep your vendors in sync throughout. And then, lastly, continuous monitoring. This is another exciting one. We are going to be proactively monitoring public information about your vendors. And then if there's any vulnerabilities or breaches that we feel are important for you to be aware of, we will proactively notify you of that and then recommend actions to take, such as creating risks, contacting the vendor, sending a vendor an ad hoc questionnaire, things like that so that in between review cycles, you can stay on top of your vendor security posture. And that's all we have coming up for TPRM. Ashley, I'm hand it back to you. like, that's all? You guys haven't been busy at all. Right? Not, at all. so exciting. Not at all. I'm really pumped to see how these enhancements are gonna streamline the work of GRC teams. Is there any one particular item that you're most excited about or that we've been hearing most from customers on what you just went through? Definitely the agentic experience. And this comes from and I and I hope this resonates with the customers on here with us today, but we know questionnaires are super painful, and we're really, really trying to solve that pain point for you with the agent. Absolutely. Yeah. We we hear that all the time. So really excited to see how this takes things to the next level. Now from day one at Drata, continuous compliance has been the name of the game. I hear all the time from customers that they actually love knowing every day exactly where they stand, that sometimes those failures are great to see because they at least help you to take action and not wait until you're in an audit to hear something's wrong. So, Bayvin, how will we continue to deliver on that promise? Good question, Ashley. As you said, the goal of the continuous compliance is to ensure the control environment reflects the real risk posture every day, not just at the audit time. The road map that I shared delivers on this promise. You'll see it strengthens control visibility, improves how findings are surfaced and acted upon, and embeds agentic AI to reduce the manual effort while increasing confidence. The first thing I wanted to highlight was the AI recommendation center. A key user challenge today is users need comprehensive gap analysis. They want intelligent recommendations and help streamlining their compliance across all the frameworks that they have enabled. We are going to solve this through an always on recommendation center that constantly finds optimization opportunities, provides insights, and actions across your GRC program. We're gonna start with enabling you to bring in your custom controls and use AI to recommend that recommend all the out of box data automations like test, risks, policies, evidence, and other objects. This will enable you to onboard into Drata within minutes instead of days that it takes today. You'll see all AI recommendations in a centralized place, So it's easier for you to act on them, but you'll always be in the loop to ensure everything is accurate, and then you make the final decision. This is gonna go out in q one with new features being added continuously throughout the following quarters, something that I'll talk about more on the road map. The next is the GRC Copilot, something Dana earlier touched upon. I want to just double click on that. Users spend time today navigating multiple pages, searching for information and manually completing routine tasks. We plan to provide a conversational interface in the product across two of the most used objects controls and monitoring and and add more objects in the future quarters as well. It's going to enable our users to easily identify key issues, take the next actions they're supposed to, and get answers to any questions that they might have about that GRC program. This is gonna save them a lot of time and make it much easier for them to manage the program. This is gonna start rolling out in q two, as Dana was mentioning, with new functionalities to be added thereafter. Next is the agentic compliance. This is something really excited about. One of the key challenges today our customers face or you face is having to spend a lot of time on collecting the evidence that cannot be either automated or it needs to be augmented. This involves you chasing the evidence owners, collecting documents, or taking screenshots, and then linking it to the right controls. With the compliance agent, we hope that this task is going to get fully automated for you. It will enable you to use this agent to do the collection, validate the evidence is what it's supposed to be, and then map it to the right controls you as well. This should save you hours of time, ensure the accuracy of evidence that is being collected, and you'll be auditory with confidence. So these were some of the key releases that I'm really excited about, but it's not all. We have a lot of stuff on our road map as well. We'll be adding new frameworks like ISO twenty seven seven zero one, twenty twenty six version. You can add CCPA and the EU Cyber Resilience Act as well. In the last quarter, if you remember, we released the test library. Building upon that, we can now release a control library as well that enables a centralized place for you to manage your controls and make it a lot more easier for you. We'll also be adding support for control hierarchy, which is one of the very frequent requests that all of you have provided to us. So that's coming soon. And then as I was mentioning earlier, once we have the recommendation center continuously, we're gonna add more insights and recommendations for you. So on that line, we're going to add control recommendations for risks so it's easier for you to figure out what controls mitigate the risks. We're gonna enable you to bring in your custom frameworks and also using AI, map it to any control that's in your tenant so it's much more easier to manage your custom frameworks in the product. And, also, for audit, when auditor requests auditor gives you a request list, it'll be much easier for you to map it to controls and and evidence in front of using AI. So all of these will be continuously available to you in the recommended six recommendation center, making much more easier to manage. We're gonna add more flexible reporting and dashboarding in the product as well, so it's easier for you to create executive reports, get a better insights about your compliance program as well. And lastly, we're gonna add ability for you to add control weights maturity as well, so it's easier for you to calculate effectiveness of your controls. These are some of the key things on our road map, but lot more is there as well. With that, Ashley handing it back to you. Yeah. Thank you so much. What an incredible roadmap you have coming. I love to see how we continue on that original Draw to Promise to automate and streamline. GRC teams will now have so much greater visibility and a great ability to really act on gaps. So thank you again, but we are still not done. Assurance is our next area of focus. As you all know, last year, we acquired SafeBase and have really doubled down on the ability to truly prove how, we are protecting customer data and how you are protecting customer data. Nir, what do you have for us? Oh, I got a lot. I appreciate you having me. I think we have probably the the most innovation aggressive road map in the next six months than pre pretty much since we started Savebase. So very excited about that. I'll touch on some of the areas, get you a sense of where we're going. Start with the first thing, think, agentic questionnaire servicing. This has been a long time on on my plate of innovation. We have moved from being able to manually work on questionnaires one by one, you know, 5,000 of those, into being able to use AI to manually process answers. But the problem is not solved yet completely because there's still the work of the life cycle of having to worry about all these unanswered questions, all the collaboration with the subject matter experts, the approval chains. So there's an entire flow life cycle that is still very, very much so manual. This is hopefully gonna put an end to all of this. Agenetic Questionnaire Servicing is our agent that will take care of questionnaire processing from all the way from the intake level into processing, triaging processing, getting the approvals, working with subject matter experts, doing all the stuff needed to get a fully completed questionnaire in, and then spitting it out to wherever is the most comfortable for the person consuming the questionnaire. So this is a holy grail, end to end questionnaire servicing, where you still have the guardrails and you still are able to protect yourselves in case the agent does something that you're not comfortable with. But in general, all of that headache of having to worry about that life cycle will go away. We'll automatically map your subject matter experts to specific domain areas, and you'll be able to collaborate with them automatically and and get the responses, put it back in, complete the questionnaire, get the approvals, and everything. This is gonna span over two quarters. First quarter in q one, we're gonna have all the stuff around the SME collaboration stuff, and we'll have the processing itself. And then we'll we'll be adding the intake and the triaging in q two. So I'm very, very excited about this. And if you look at the screenshot here, you can see some of the experience here. So a very agentic conversational type of experience similar to the TPRM agent. So very, very exciting stuff. I think it's going to cut the time to deliver all the questionnaire by a lot, and it's also going to save so much time for the people working on this on a day to day basis. So I'm very excited about this. Hope you guys as well. Oh, yeah. It feels like we're really meeting customers where they're at. Love it. Yeah. This is gonna be the theme strategically. There's a lot I can say about this. We don't have the time for it in this webinar, but the theme is finding those business workflows, meeting the people where they are, meeting all the users and all the involved stakeholders where they are, and just making their life easier, for sure. Amazing. Amazing. Okay. Multiproduct trust center. I talked about this a little bit in the webinar last time, but I want to reemphasize this because this is a critical, critical differentiator and very strong offering. So the ability to have a single pane of glass of all your product portals information under one roof rather than having to jump between different product portals, lose the context. We are reducing duplication, reducing confusion in general. We're cutting the review time. So multi product trust center has been one of the biggest asks for enterprises pretty much in the last couple of years. It's going to GA. It's already in beta. We're very excited. We're getting really great feedback about this. And anybody who has multiple business units or in general wants has a lot of products and wants to have a more simplified way of maintaining, viewing, and consuming information from multiple product, this is this is a game changer. So I encourage all of you, as soon as this is GA and even before, you can reach out, join the beta, but there's gonna be GA very soon, and this is gonna be available for all all companies out there. Alright. What's what's coming on top of this? There's so much. We talked about subject matter expert subject matter expert mapping. I won't touch that. Trust center localization, big ask coming from some of our biggest customers out there. Just being able to just see the Trust Center external view in different languages. It sounds simple on paper, but it has a lot of deep sort of veins into into this offering. And we're building all that across the next couple of quarters, being able to see the trust center in multiple languages, being able to see the content in multiple languages, so translation on the content as well. All these things are gonna be taken care of in the next few quarters. The first piece is just to be able to see the trust center descriptions and everything else in in an external view in in just a different language. So very excited about this one. Stay tuned. A big so a small ask, but but really frequently asked is just the the ability to return the completed questionnaire to Salesforce. So, again, it's the meeting the customers where they are part. So this is coming as well. I am very excited about this. I know that there there have been a lot of customers asking for this as well. So once the question is completed, you'll be able to consume it directly from Salesforce. So your sales team do not need to have access to the trust center to be able to consume those questionnaires. Different branding per trust center product portal. It kinda goes really nicely with all the other multiproduct stuff that we've done. Just the ability to brand each product portal differently. We know those companies, especially those enterprises that bought different companies, there are different brandings for some of these products, just give you the ability to have the flexibility to put put your brand on on each product differently. So a very big ask that we see quite often with all these enterprise customers. So this is coming as well. The next one is a full trust center generation powered by AI. So we we already launched the ability to generate a single trust center item description with AI. So that small piece is already out there, but this is much more robust. It will be able to generate your entire trust center, from scratch using AI. So you basically upload your documents. You upload everything that you want in terms of, like, KB and all that, stuff. And then you click a button, all that will be generating your trust center for you. You can still edit everything before you publish, so it doesn't auto publish for you. If you have existing information on your trust center, we are gonna be giving you the ability to override it if you wanna just have it completely generated by app as well. So very powerful, both for partners and customers. Gonna quick gonna increase the the the how quickly the onboarding to the product is happening as well. So, again, very, very powerful AI feature. Lastly, on this in this slide is the RBAC. We are already the most comprehensive RBAC capable trust center out there. We're going even deeper, bigger, like deeper granularity, just being able to build those custom roles, object level access, all these things that those missing pieces that really fine tune to each environment and each complexity of the environment for the customer. So stay tuned. RBAC is going even deeper. Very excited about this for especially for our enterprise customers. And lastly, those are killers, each one here. First thing is the trust center visitor experience, agentic. So today, the customers the the people consuming information from from trust centers still have to go and manually search for stuff, manually find the documents, manually find the answers they're looking for in the trust center. Yeah. There is search using AI. There are all kinds of ways that improve that, but the work to actually figure out where everything is and just bring it on is still heavily on on the user. We're gonna have an agentic experience where you basically can request a list of things that you need for your assessment, and that agent will go and find information, create a package for you, and send it over email or share it through the trust center or whatever you prefer. Super, super powerful. It will essentially make it so that you don't have to necessarily go through every detail of trust center, although you can still do that on top of it. So you can get the first package from the agent, and then you can still grind your way through the rest of the information if you want to, in the trust center itself. So very powerful. It will be a conversational bot experience likely. We're heavily in the in the planning and the development of this thing at the moment. Managing trust content is hard. It's the hardest problem in trust center in general and probably pretty much any content management system. We're bringing a Jentic trust center content management experience, identify conflicts, duplicates, stale content, solving all that, remediating that automatically for the customer. So, again, we are still flushing this out, but it's it's gonna be one of the most powerful agents that we will have, and this will free up so much time for our customers not having to worry about, just keeping the content up to date all the time. And lastly, because we don't have a lot of time, I'll just touch the insights. That's one of the I've been I've been buzzed about this for, like, the last two years, the the trust program insights. So the beauty about the SafeBase customer base is that we have so much data. We understand trust programs better than anybody, and we're gonna be leveraging this data and your data to be able to tell you how is your trust program looking in general, like, how mature are you? What can you do better to become more proactive with your trust program? But also how do you compare versus your industry peers? Now we don't expose any of that data, so you never know exactly who's doing what in the industry. That information is kept with us, but you are able to kind of bench your benchmark yourself against industry peers based on segmentation that we do for you. It just gives you a way to be able to really understand how's your trust program looking like, how are you doing compared to the other competitors or industry peers or whoever, in your industry, and also showcase your your value to the organization. So insights is a powerful tool. We'll have probably a combination eventually of of conversational and dashboarding. Super excited about this one. I could go on forever, but, Ashley, we just don't have the time. There's so many things I wanted to jump in and dig in on, but, like you said, we don't have the awesome thing is we have a second road map webinar coming up with Nir and I focused on Assurance. So if you wanna learn more, definitely sign up for that. Nir, thank you so much. I know customers are really excited to continue or start using SafeBase and to take their assurance to the next level. Assurance is really the foundation of trust, and we are so ready to go. Thank you to all of our speakers today, and thank you for the customer feedback that actually made this this road map possible. Drawd it is nothing without our customers and your feedback. Now not only do we have some amazing releases coming up, we also have several events that we wanna talk to you about and we hope to see you at. RSA is coming. We would love for you to visit us at our booth. We have some big announcements at RSA that you will want to come and see for yourself, Booth 934. You won't wanna miss it, so hope to see you there. Also at RSA, we are going to have our Women in Trust breakfast. If you didn't get to attend the Women in Trust Summit earlier this year, this is something that you'll want to be at, and that was December. So I guess that was last year. But you can join an amazing community of women to network, share real world insights, and and really grow together. So make sure to sign up, save yourself a seat at that breakfast. Finally, we will also be launching a new unified Drada brand in March. So stay tuned for details. One of the biggest changes to expect is that we'll be unifying the Safe Face brand and website under the new DRATA branding. So you'll start to see a consistent look and feel across both the products, the website, and more. Expect more communication to land there. Now we had so many amazing questions and so many amazing things to talk about. We don't have time for live q and a, but I know our team has done their best to answer every single question in the chat. If you didn't get your question answered, we will be reaching out to you to ensure you get the information you need. I think most of all, I just wanna thank you again for being a customer, for supporting us, for giving us your feedback. Whether it's positive or negative, that's what makes us stronger as a company. So thank you so much. Have a wonderful rest of your day, and reach out to us or or the team or the support line if we can do anything to help you. Thank you so much.