Reviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
790 reviews
from
External reviews are not included in the AWS star rating for the product.
Effortless Vendor Risk Management for Non-Technical Teams
What do you like best about the product?
Secureframe makes it very easy, especially for non-technical users, to manage vendor risk. I work in the accounting department and I am responsible for onboarding new vendors for our bookkeeping software and audit firms etc. We previously had Vanta but I found it too technical which made it tough to manage the financial risk of our vendors. Secureframe is easy to use. I can send a simple security questionnaire to a new vendor right from the platform, and check out their risk score in plain language. The integration with my QuickBooks online account is amazing as it flags any vendor that is overdue on their security review before I process a payment. It gives me and our finance team great peace of mind.
What do you dislike about the product?
Having to re-enter the information of all our active vendors switching from Vanta took a while. I would also love to see more pre-built questions around financial controls for bookkeeping software vendors.
What problems is the product solving and how is that benefiting you?
We do not know whether they are secure, and it solves that – it being our supply chain, our vendors. In the past, I paid vendors without investigating whether or not they were a security risk to the company. Now, I have a clear process. It protects the firm against financial fraud and data breaches. Further, external audits are easier as all vendor due diligence is organised and is easy to access.
secureframe for SOC2
What do you like best about the product?
Customer Service was fantastic, not just software but compliance advice and technical help.
What do you dislike about the product?
Frequent bugs, but customer service promptly just aid "I'll get this fixed" and followed up in a day or two with resolution.
What problems is the product solving and how is that benefiting you?
Prior to secure frame, it took months and ~ 40k to complete a SOC assesment, after it took weeks and cost $10k
Uncomplicated, contemporary and useful.
What do you like best about the product?
Secureframe ensures that one can know what the auditors expect. The real time status dashboard enables the management to be confident.
What do you dislike about the product?
It has some documentation that is very US-centric.
What problems is the product solving and how is that benefiting you?
Lessening the time experienced in preparing audit evidence and closing gaps in compliance.
Outstanding Support Team Makes All the Difference
What do you like best about the product?
The technical support staff is second to none. They are incredibly friendly, knowledgeable, fun to work with make every effort to find an answer for even the toughest problems. If they don't know, they'll find out! (but they usually know)
What do you dislike about the product?
User management leaves a lot to be desired and audit processing, although I know that is inthe works to be overhauled.
What problems is the product solving and how is that benefiting you?
SecureFrame is helping maintain our frameworks adn track timelines to remind us when things are due as wel las giving us great information on how to pass tests, format evidence and other helpful details that make life a lot easier
Comprehensive Compliance Made Easy with Robust Integrations and Automation
What do you like best about the product?
Multi-Framework Support
Secureframe supports over 14 compliance frameworks, including:
SOC 2
ISO 27001
HIPAA
PCI DSS
GDPR
CCPA
This makes it suitable for organizations with diverse regulatory needs.
Extensive Integrations
Offers 200+ integrations with popular tools like AWS, GitHub, Jira, Azure, Google Workspace, and more—streamlining evidence collection and control monitoring.
Automated Evidence Collection
Secureframe automates many manual compliance tasks, helping teams prepare for audits faster and with less effort.
Real-Time Compliance Monitoring
Businesses can monitor their compliance posture in real time, enabling proactive risk management and faster issue resolution.
Employee Security Training
Built-in training modules help ensure that employees are aware of security best practices, which is often a requirement for frameworks like SOC 2 and HIPAA.
Risk & Vendor Management Tools
Includes features for assessing vendor risks and managing internal controls, which are critical for maintaining compliance.
Audit Readiness Support
Secureframe is designed to help teams reach audit readiness quickly—often within a couple of months for SOC 2 Type I.
Expert Support
Users report responsive support from compliance specialists, often within one business day.
Clean and Intuitive Interface
Especially helpful for first-time compliance teams, Secureframe’s UI is simple and easy to navigate.
Affordability for Startups
Pricing tiers (starting around $1,500/year) make it accessible for smaller companies looking to achieve initial compliance.
Secureframe supports over 14 compliance frameworks, including:
SOC 2
ISO 27001
HIPAA
PCI DSS
GDPR
CCPA
This makes it suitable for organizations with diverse regulatory needs.
Extensive Integrations
Offers 200+ integrations with popular tools like AWS, GitHub, Jira, Azure, Google Workspace, and more—streamlining evidence collection and control monitoring.
Automated Evidence Collection
Secureframe automates many manual compliance tasks, helping teams prepare for audits faster and with less effort.
Real-Time Compliance Monitoring
Businesses can monitor their compliance posture in real time, enabling proactive risk management and faster issue resolution.
Employee Security Training
Built-in training modules help ensure that employees are aware of security best practices, which is often a requirement for frameworks like SOC 2 and HIPAA.
Risk & Vendor Management Tools
Includes features for assessing vendor risks and managing internal controls, which are critical for maintaining compliance.
Audit Readiness Support
Secureframe is designed to help teams reach audit readiness quickly—often within a couple of months for SOC 2 Type I.
Expert Support
Users report responsive support from compliance specialists, often within one business day.
Clean and Intuitive Interface
Especially helpful for first-time compliance teams, Secureframe’s UI is simple and easy to navigate.
Affordability for Startups
Pricing tiers (starting around $1,500/year) make it accessible for smaller companies looking to achieve initial compliance.
What do you dislike about the product?
Limited Customization
Users report that Secureframe lacks flexibility in customizing workflows, templates, and controls—especially for complex or non-standard compliance needs.
Integration Challenges
While Secureframe supports many integrations, users have faced issues with:
Custom applications not being detected properly.
Work management tools (e.g., Asana, Monday.com) not integrating well, forcing teams to track tasks manually within Secureframe.
Initial Setup Confusion
Some users find the onboarding and navigation experience unclear, especially during the first-time setup.
Missing Features
Requests for:
Better test management tools
More industry-specific training materials
Enhanced regional compliance templates
Cost for Smaller Teams
Although pricing is competitive for mid-sized companies, early-stage startups may find it expensive if they don’t need all the features.
Over-Reliance on Automation
In some cases, automation can oversimplify nuanced compliance tasks, requiring manual intervention or expert guidance.
Vendor Risk Management Limitations
While Secureframe includes vendor management, users have noted that it lacks depth compared to dedicated third-party risk platforms.
Users report that Secureframe lacks flexibility in customizing workflows, templates, and controls—especially for complex or non-standard compliance needs.
Integration Challenges
While Secureframe supports many integrations, users have faced issues with:
Custom applications not being detected properly.
Work management tools (e.g., Asana, Monday.com) not integrating well, forcing teams to track tasks manually within Secureframe.
Initial Setup Confusion
Some users find the onboarding and navigation experience unclear, especially during the first-time setup.
Missing Features
Requests for:
Better test management tools
More industry-specific training materials
Enhanced regional compliance templates
Cost for Smaller Teams
Although pricing is competitive for mid-sized companies, early-stage startups may find it expensive if they don’t need all the features.
Over-Reliance on Automation
In some cases, automation can oversimplify nuanced compliance tasks, requiring manual intervention or expert guidance.
Vendor Risk Management Limitations
While Secureframe includes vendor management, users have noted that it lacks depth compared to dedicated third-party risk platforms.
What problems is the product solving and how is that benefiting you?
Manual Compliance Workflows
Traditional compliance involves spreadsheets, emails, and manual evidence collection. Secureframe automates these tasks, reducing human error and saving time.
Audit Readiness Delays
Preparing for audits like SOC 2 or ISO 27001 can take months. Secureframe accelerates this by guiding teams through readiness checklists and automating control monitoring.
Fragmented Tool Ecosystems
Evidence often lives across AWS, GitHub, Google Workspace, etc. Secureframe integrates with 200+ tools to centralize and continuously sync compliance data.
Lack of Real-Time Visibility
Without dashboards, it’s hard to know your compliance posture. Secureframe provides real-time monitoring and alerts for control failures or risks.
Vendor Risk Management Gaps
Many companies struggle to assess third-party risks. Secureframe includes tools to track vendor compliance and automate risk assessments.
Employee Training & Policy Management
Secureframe helps deploy security training and manage policy acknowledgments, which are often required for frameworks like HIPAA and SOC 2.
Traditional compliance involves spreadsheets, emails, and manual evidence collection. Secureframe automates these tasks, reducing human error and saving time.
Audit Readiness Delays
Preparing for audits like SOC 2 or ISO 27001 can take months. Secureframe accelerates this by guiding teams through readiness checklists and automating control monitoring.
Fragmented Tool Ecosystems
Evidence often lives across AWS, GitHub, Google Workspace, etc. Secureframe integrates with 200+ tools to centralize and continuously sync compliance data.
Lack of Real-Time Visibility
Without dashboards, it’s hard to know your compliance posture. Secureframe provides real-time monitoring and alerts for control failures or risks.
Vendor Risk Management Gaps
Many companies struggle to assess third-party risks. Secureframe includes tools to track vendor compliance and automate risk assessments.
Employee Training & Policy Management
Secureframe helps deploy security training and manage policy acknowledgments, which are often required for frameworks like HIPAA and SOC 2.
Continuous Innovation and Free Implementation Set This Tool Apart
What do you like best about the product?
Free and fast implementation, simple to use, integrations that just work, responsive support, and a complete SOC 2 feature set. We use it daily.
What do you dislike about the product?
Pricing feels unclear and hard to plan around. Clearer tiers and packaging would help. Advanced learning is also lacking depth.
What problems is the product solving and how is that benefiting you?
Secureframe centralizes our SOC 2 evidence and documents, continuously monitors controls, and automates testing across our stack. The result is faster audits, fewer manual tasks, clear ownership, and an audit ready posture year round.
Keeps us compliant while we scale fast.
What do you like best about the product?
Secureframe fits perfectly with our cloud stack and eliminates the trial and error of SOC 2 and ISO 27001. The observing and reminders save our staff hours in a week.
What do you dislike about the product?
The report exports can be made a bit more customizable.
What problems is the product solving and how is that benefiting you?
Ongoing engineering/risk compliance management in the expansion into new products.
Saves time and creates customer trust.
What do you like best about the product?
Secureframe allows the management of several compliance frameworks on the same dashboard without trouble. The automation has minimized repetitive work and we currently have uniform evidence on international teams.
What do you dislike about the product?
Greater customization of reporting would be excellent in bigger businesses.
What problems is the product solving and how is that benefiting you?
Which issues are you resolving using the product?
Increasing the pace of audit and providing uniformity of controls to the global financial operations.
Increasing the pace of audit and providing uniformity of controls to the global financial operations.
Effortless Compliance and Organization with Secureframe
What do you like best about the product?
Secureframe is very efficient for our compliance workflow and I really like that. At TechForing we handle client data and cybersecurity audits so staying organized and audit-ready is key. With automated reminders, straightforward framework mapping, and evidence gathering, Secureframe helps us stay compliant without manual tracking. The tool is easy to use and people can see what was audited and where the risk lies at once on its dashboard.
What do you dislike about the product?
I have observed that the only issue is that with that you will spend a lot of time initially setting up if you align numerous compliance frameworks at the same time. Some integrations could sync at a quicker pace, particularly for large evidence file imports. Once properly configured you are good to keep it running and carry out very little maintenance.
What problems is the product solving and how is that benefiting you?
Prior to Secureframe, compliance tracking was all over spreadsheets and reports. That caused delays in client audits and gaps in data. Now Secureframe brings everything together with their policy document and employee training logs. It has reduced our audit prep time by approximately 40%.Giving evidence from one department to another is now easy. It also makes sure that the DevOps and security teams are collaborating through control testing and fixing steps.
Excellent Risk Management & Trust Center, But Needs Modern Version Control
What do you like best about the product?
The risk management module is nice to manage the risks. We can create a risk from other places/processes in Secureframe.
Also, the trust center is really nice. Because customers can see exactly what we have in place to ensure we delivery quality and security.
Also, the fact that we don't have to manually manage ISO 27001 and 9001 anymore is amazing.
Also, the trust center is really nice. Because customers can see exactly what we have in place to ensure we delivery quality and security.
Also, the fact that we don't have to manually manage ISO 27001 and 9001 anymore is amazing.
What do you dislike about the product?
They could improve their version control, not it is a bit old school. Maybe a google docs type of version control?
What problems is the product solving and how is that benefiting you?
Managing security and quality policies.
Replacing manual admin of managing ISO certifications.
Showing our quality and security standards with a standardize page.
Replacing manual admin of managing ISO certifications.
Showing our quality and security standards with a standardize page.
showing 61 - 70