Drata unveils new agentic AI capabilities to automate risk assessments, streamline security workflows, and deliver continuous trust management.
Drata has unveiled a new set of agentic AI capabilities aimed at shifting trust management from reactive verification to continuous, automated execution. The release targets two core enterprise challenges: third-party risk management and customer assurance, with a focus on helping organizations assess vendors at scale and more efficiently demonstrate trust.
According to co-founder and CEO Adam Markowitz, businesses are increasingly expected to prove trust on an ongoing basis. He said the company’s latest capabilities move beyond task-based AI toward full workflow ownership, allowing organizations to autonomously assess third-party risk, respond to security questionnaires more quickly and dynamically deliver trust-related information.
Agentic TPRM Assessment Automates Vendor Reviews
A key component of the announcement is the launch of Agentic TPRM Assessment, now available to all Drata customers. The solution is designed to address inefficiencies in traditional third-party risk programs, which often rely on manual evidence collection and repetitive vendor communications.
The agent automates criteria configuration and conducts objective, criteria-driven security reviews. It evaluates controls, provides reasoning, and links directly to source evidence, while converting findings into follow-ups, tracked risks, and executive reports. It also accesses vendor data through Drata Trust Centers, requests access with consent, and ingests live artifacts to ensure assessments are based on current information.
Drata says the capability reduces back-and-forth with vendors and enables security teams to scale vendor assessments without increasing headcount.
Sheron Chakalakal, head of GRC at UiPath, said the tool will transform how third-party reviews are conducted by eliminating manual processes and allowing teams to focus on actual risk. Scott Roberts, chief information security officer at UiPath, added that the solution brings consistency and scalability, enabling faster assessments and a more accurate view of supply chain risk.
Agentic Questionnaire Response Targets Bottlenecks
Drata also announced Agentic Questionnaire Response, currently in beta, which expands on its existing AI Questionnaire Assistance. Security questionnaires are often a source of delays due to manual workflows and complex coordination among subject matter experts.
The new capability orchestrates the full lifecycle of questionnaire responses, including collaboration, reminders, review readiness, and final delivery. While the system automates much of the process, organizations can define how much autonomy the agent has and maintain human oversight for critical steps.
AI Trust Center Setup Reduces Deployment Time
Another addition is AI Trust Center Setup, which aims to streamline the creation of Trust Centers. Traditionally a time-intensive process, building a Trust Center requires assembling documentation, writing content, and securing approvals.
Drata’s new feature ingests existing artifacts and generates a complete Trust Center preview within minutes, including mapped documentation and links to supporting materials. Teams can then review and publish content, significantly reducing the time required to make trust information publicly available.
Leadership Appointment Supports Platform Expansion
Alongside the product announcements, Drata named Bharat Guruprakash as chief product and technology officer. He brings more than two decades of experience in product and engineering leadership, joining from Algolia where he served as chief product officer. His previous roles include leadership positions at Twilio, Bitcasa, Samsung, and Digit International.
At Drata, he will oversee global product and engineering teams as the company continues to expand its agentic trust management platform.