Listing Thumbnail

    Secureframe Automated Security, Privacy & Compliance Platform

     Info
    Sold by: Secureframe 
    Deployed on AWS
    Vendor Insights
    Secureframe is the leading, all-in-one platform for security, privacy and compliance. Through our world-class governance, risk and compliance (GRC) solutions, Secureframe makes it fast, easy, and cost effective for organizations of all sizes to achieve and maintain security, privacy and compliance.
    4.7

    Overview

    Play video

    Secureframe's world-class governance, risk and compliance (GRC) solutions helps customers continuously uphold the most rigorous global standards, including SOC 2, ISO 27001, ISO 27701, HIPAA, GDPR, CCPA, NIST 800-53, NIST 800-171, NIST CSF, NIST Privacy Framework, CMMC, PCI DSS SAQ-A, PCI DSS SAQ-D for Merchants and Service Providers, Microsoft SSPA, and MVSP. Secureframe enables organizations to focus on what matters: serving their customers (securely) to grow their business.

    Secureframe delivers: -Continuous monitoring -Automated tests -Machine learning-powered RFP and security questionnaire completion with knowledge base management -Personnel and asset inventory management -Vendor access and risk management -Risk Register -Enterprise policy management -Data rooms -Readiness reporting

    We combine the power of technology and expert guidance to provide an end-to-end automated security, privacy and compliance solution. Every customer is assigned a dedicated compliance expert, an ex-auditor who can help answer complicated and specific questions that come up, especially during the audit process.

    Secureframe's modern, all-in-one security, privacy and compliance platform makes the compliance process fast and easy with:

    -Automated Evidence Collection. More than 100+ integrations with core services such as AWS, Asana, Azure, G Suite, Google Cloud, Github, Gusto, JAMF, Okta and Slack automatically and continuously collect audit evidence, monitor your cloud infrastructure for nonconformities, and more.

    -Prebuilt, Customizable Security Policies. We provide standard templates for policies that can be edited to meet your organization's specific needs. Our templates ensure your policies meet the high standards of an auditor or regulatory framework.

    -A Robust, Scalable Platform. Whether you're using multiple CSPs or have hundreds of AWS instances, we can support your unique setup and scale with your business.

    -Secureframe Questionnaires. Secureframe's machine learning-powered solution makes it fast and easy to respond to RFP's and security questionnaires. Our platform pulls the best answer for each question based on approved past responses so you can return completed answers back to your customers, in their original format, fast. Accelerate deals, unlock revenue and gain an edge on your competitors.

    Below pricing is valid for up to 100 employees. Secureframe Platform SKU must be purchased in order to purchase First Framework. Customers with less than 10 employees are eligible for additional discounts. Customers purchasing multiple frameworks can also receive special discounts. For custom pricing, EULA, or a private contract, please contact marketplace@secureframe.com , for a private offer.

    Highlights

    • Automated Evidence Collection: More than 100+ integrations with core services such as AWS, Asana, Azure, G Suite, Google Cloud, Github, Gusto, Jamf, Okta and Slack automatically and continuously collect audit evidence, monitor your cloud infrastructure for nonconformities, and more.
    • Prebuilt, Customizable Security Policies: We provide standard templates for policies that can be edited to meet your organization's specific needs. Our templates ensure your policies meet the high standards of an auditor.
    • A Robust, Scalable Platform: Whether you're using multiple CSPs or have hundreds of AWS instances, we can support your unique setup and scale with your business.

    Details

    Delivery method

    Deployed on AWS
    New

    Introducing multi-product solutions

    You can now purchase comprehensive solutions tailored to use cases and industries.

    Multi-product solutions

    Features and programs

    Vendor Insights

     Info
    Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Secureframe Automated Security, Privacy & Compliance Platform

     Info
    Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    12-month contract (2)

     Info
    Dimension
    Description
    Cost/12 months
    Platform
    Access the Secureframe Platform up to 100 Employees
    $7,500.00
    First Framework
    Choice of any Framework
    $7,500.00

    Vendor refund policy

    All fees are non-cancellable and non-refundable.

    How can we make this page better?

    Tell us how we can improve this page, or report an issue with this product.
    Tell us how we can improve this page, or report an issue with this product.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Software as a Service (SaaS)

    SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

    Resources

    Support

    Vendor support

    All Secureframe subscriptions include hands-on guidance with a dedicated customer success manager and access to our in-house compliance experts and former auditors. Our team operates standard hours 9am - 5pm across all US Time Zones. Select customers are also eligible for a dedicated Slack channel to provide easy communication and feedback. For additional details on our support offerings, please contact the email below: support@secureframe.com 

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Product comparison

     Info
    Updated weekly

    Accolades

     Info
    Top
    25
    In IT Business Management, Monitoring
    Top
    10
    In Centralized Risk Management, Compliance and Auditing, Security
    Top
    10
    In Centralized Risk Management, Compliance and Auditing, Security

    Customer reviews

     Info
    Sentiment is AI generated from actual customer reviews on AWS and G2
    Reviews
    Functionality
    Ease of use
    Customer service
    Cost effectiveness
    Positive reviews
    Mixed reviews
    Negative reviews

    Overview

     Info
    AI generated from product descriptions
    Automated Evidence Collection
    More than 100+ integrations with core services such as AWS, Asana, Azure, G Suite, Google Cloud, Github, Gusto, JAMF, Okta and Slack automatically and continuously collect audit evidence and monitor cloud infrastructure for nonconformities.
    Machine Learning-Powered Questionnaire Completion
    Machine learning-powered RFP and security questionnaire completion with knowledge base management that pulls best answers from approved past responses.
    Continuous Monitoring and Automated Testing
    Continuous monitoring and automated tests across cloud infrastructure to identify and track compliance violations and security issues.
    Prebuilt Customizable Security Policies
    Standard policy templates that can be customized to meet organizational requirements while maintaining alignment with auditor and regulatory framework standards.
    Multi-Framework Compliance Support
    Support for multiple compliance frameworks including SOC 2, ISO 27001, ISO 27701, HIPAA, GDPR, CCPA, NIST 800-53, NIST 800-171, NIST CSF, NIST Privacy Framework, CMMC, PCI DSS SAQ-A, PCI DSS SAQ-D, Microsoft SSPA, and MVSP.
    Compliance Framework Automation
    Automates evidence collection and monitoring across 35+ compliance frameworks including SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR, CMMC, CJIS, NIST 800-53/171, and FedRAMP
    Cloud Service Integration
    Provides deep integrations across 40+ AWS services with real-time visibility into cloud security and compliance posture in AWS-native environments
    AI-Powered Task Management
    Includes AI Agent functionality for intelligent task management, smart recommendations, audit-ready documentation generation, and real-time responses to audit requirements
    Centralized GRC Workflows
    Centralizes governance, risk, and compliance workflows including risk management, vendor management, centralized access reviews, and real-time audit trails
    Custom Automated Testing
    Supports custom automated tests built directly in-platform or via API for self-hosted and custom-built systems
    Multi-Framework Compliance Support
    Streamlines over 20 compliance frameworks, standards, and regulations including SOC 2, ISO 27001, HIPAA, PCI DSS, and GDPR
    Continuous Automated Monitoring
    Continuously monitors security controls across integrated applications and systems with automated alerts when controls are not operating effectively
    AWS Service Integration
    Integrates with 45+ AWS services and utilizes an AI engine built on AWS Bedrock
    Automated Evidence Collection
    Automatically collects evidence required for audit processes to streamline audit preparation
    Real-Time Compliance Posture Visibility
    Provides real-time compliance posture tracking and reporting capabilities for risk management and remediation

    Security credentials

     Info
    Validated by AWS Marketplace
    FedRAMP
    GDPR
    HIPAA
    ISO/IEC 27001
    PCI DSS
    SOC 2 Type 2
    No security profile
    -
    -
    -
    -
    No security profile

    Contract

     Info
    Standard contract
    No
    No

    Customer reviews

    Ratings and reviews

     Info
    4.7
    803 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    83%
    14%
    1%
    1%
    1%
    0 AWS reviews
    |
    803 external reviews
    External reviews are from G2 .
    Dave A.

    Streamlines Compliance with Clear Guidance and Excellent PCI & SOC2 Support

    Reviewed on Jun 30, 2026
    Review provided by G2
    What do you like best about the product?
    Secureframe does a great job of streamlining the process and even educating the user by guiding them through complex regulatory and compliance requirements in an organized manner.
    What do you dislike about the product?
    Secureframe has a learning curve, which is manageable thanks in part to their support team. Some compliance frameworks are better suited for a Secureframe experience than others, their PCI is great and SOC2 is still very useful.
    What problems is the product solving and how is that benefiting you?
    Secureframe turns an acronym into a step by step process. It also monitors your environment and can let you know when you have regressions. The guidance for SOC2 is also useful.
    Financial Services

    Secureframe helped us streamline soc2 readiness

    Reviewed on Jun 24, 2026
    Review provided by G2
    What do you like best about the product?
    I like using Secureframe because it helps streamline my workflow and makes compliance management much easier. The platform keeps everything organized in one place, automates many time-consuming tasks, and provides clear visibility into our security and compliance status. This allows me to spend less time on manual processes and more time focusing on higher-value work. Secureframe also helps our team stay on track with requirements and deadlines, making the overall compliance process more efficient and less stressful.
    What do you dislike about the product?
    While Secureframe is a valuable tool, there are some aspects that can be frustrating at times. Certain integrations can require additional setup or troubleshooting, and occasionally the platform may generate alerts or tasks that need manual review even when they are not immediately relevant.
    What problems is the product solving and how is that benefiting you?
    Helping us with soc2 compliance
    Information Technology and Services

    Seamless Integrations helps to stay compliant

    Reviewed on Jun 24, 2026
    Review provided by G2
    What do you like best about the product?
    The application has integrations with the main vendors for many of the applications that we use.
    What do you dislike about the product?
    Navigation sometimes doesn't feel that intuitive.
    What problems is the product solving and how is that benefiting you?
    Staying compliant with our SOC2 certification and 1 custom federal certification. This tool helps to keep all parties involved in this process.
    Viviana M.

    Friendly, Easy-to-Use Platform with Smooth Integrations and Great Support

    Reviewed on Jun 15, 2026
    Review provided by G2
    What do you like best about the product?
    It’s a very friendly platform and easy to use. It also integrates smoothly with other platforms, and the dashboard is especially helpful for tracking the project’s status. Pricing feels about average. On top of that, the support team is really good and helps keep the whole process smooth so the project can be completed without unnecessary friction.
    What do you dislike about the product?
    I don't have any complain, they are very structure
    What problems is the product solving and how is that benefiting you?
    To have all the documentation, and all the requirements for SOC 2 type 2
    Dalton W.

    A Useful Platform for Staying Organized and On Task During Audits

    Reviewed on Jun 10, 2026
    Review provided by G2
    What do you like best about the product?
    Useful platform for keeping me organized and making sure that I'm on task when completing an audit
    What do you dislike about the product?
    The specific auditor that we used did not use the ticket tracking in Secureframe and so it make some duplicative work
    What problems is the product solving and how is that benefiting you?
    Helping me to understand everything that is required through a SCO2 audit. Saves me a ton of time and helps me to know exactly what I need to do
    View all reviews