Reviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
777 reviews
from
External reviews are not included in the AWS star rating for the product.
Secureframe simplifies compliance management
What do you like best about the product?
The integrations and automation save a ton of time, and the dashboards make it easy to track audit readiness. Great at quickly getting your org compliant.
What do you dislike about the product?
Test overview documentation sections can offer varying levels of depth, some are more helpful than others.
What problems is the product solving and how is that benefiting you?
Helps our org stay SOC 2/HIPAA compliant
Uncomplicated SOC 2
What do you like best about the product?
Secureframe makes compliance simple. The platform is user-friendly, well-organized, and easy to navigate. Their customer service is truly outstanding—responsive, knowledgeable, and always ready to help. Highly recommend for anyone working toward SOC 2 or similar certifications.
What do you dislike about the product?
Pricing is on the higher side, but the time and effort it saves makes it a worthwhile.
What problems is the product solving and how is that benefiting you?
Soc 2 Report needed to engage with customers
Solid Compliance Platform with Excellent Integrations and Support
What do you like best about the product?
Secureframe is incredibly easy to use, even for team members who are not deeply technical. The interface is intuitive, and navigating between different compliance requirements and integrations feels seamless. Implementation was straightforward, and the onboarding process made it simple to get up and running quickly. Their customer support is exceptional, with every interaction being with someone knowledgeable, friendly, and able to provide clear answers to both platform-specific and general compliance questions. The number of features is impressive for the price, especially when compared to alternatives like Drata, and the ease of integration with a wide variety of SaaS solutions has saved us countless hours of manual work. We use the platform frequently throughout the week to check progress toward SOC 2 and other compliance standards, and it has significantly improved our ability to track and maintain our security posture.
What do you dislike about the product?
The platform is still growing, which means that while new features are added often, they occasionally come with bugs that need to be addressed. These are usually resolved quickly, but they can be mildly disruptive. The pace of changes is fast, and while that is generally positive, it sometimes introduces temporary instability. It is clear the product is evolving rapidly, and although that brings some short-term challenges, the improvements over time have been substantial.
I would love to see Secureframe introduce automated analysis for manually uploaded evidence. While I understand this can be computationally demanding, it would be an incredibly valuable feature to help ensure that the evidence being gathered is accurate and complete. The current manual upload method causes the test to pass, regardless of what is uploaded.
I would love to see Secureframe introduce automated analysis for manually uploaded evidence. While I understand this can be computationally demanding, it would be an incredibly valuable feature to help ensure that the evidence being gathered is accurate and complete. The current manual upload method causes the test to pass, regardless of what is uploaded.
What problems is the product solving and how is that benefiting you?
Secureframe is helping us centralize and automate our security compliance efforts, particularly for SOC 2 and other industry standards. By integrating with our existing SaaS tools, it reduces the manual work of tracking controls and evidence, gives us real-time visibility into our compliance posture, and ensures we stay audit-ready year-round. This saves time, reduces errors, and allows our team to focus on higher-value security and IT initiatives.
Seamless - that's a one-word review for secureframe
What do you like best about the product?
Effortless Integrations: The ability to connect with services like AWS, Azure, and GitHub provides a centralized view of our security posture. This eliminates manual checks and ensures we are always up-to-date. and tests for each integration along with details for how to pass a specific test related to a certification and shows our progress
Comprehensive Compliance Monitoring: We can easily track our progress toward key certifications like SOC 2, GDPR, and ISO 27001. The platform consolidates all the necessary information, making it simple to see our compliance status at a glance.
Streamlined Onboarding: The integration with our HR portal is invaluable. We can automate the process of onboarding new staff, ensuring they receive and acknowledge all required security and compliance information from day one.
Centralized Information Hub: The platform serves as a single source of truth for all things compliance. We can access and review important documents, manage staff information, and monitor our overall compliance status in one place.
Comprehensive Compliance Monitoring: We can easily track our progress toward key certifications like SOC 2, GDPR, and ISO 27001. The platform consolidates all the necessary information, making it simple to see our compliance status at a glance.
Streamlined Onboarding: The integration with our HR portal is invaluable. We can automate the process of onboarding new staff, ensuring they receive and acknowledge all required security and compliance information from day one.
Centralized Information Hub: The platform serves as a single source of truth for all things compliance. We can access and review important documents, manage staff information, and monitor our overall compliance status in one place.
What do you dislike about the product?
Some time status doesn't update for few connections - and it was hard to figure out what else needed to be done. For ex certain PRs would fail but we follow all instruction on the test - but doesn't update. but we can add comments and upload evidence.
What problems is the product solving and how is that benefiting you?
We used secure frame for our SOC2, GDPR compliance.
Secureframe turned our AWS evidence into SOC 2 & ISO 27001 wins
What do you like best about the product?
Secureframe makes continuous compliance in AWS straightforward. The native AWS integrations (CloudTrail, Config, Security Hub, GuardDuty, IAM, S3/RDS/KMS, etc.) light up quickly and the out-of-the-box tests map cleanly to SOC 2 and ISO 27001 controls. I especially like how evidence is auto-collected and tied to specific controls, so I’m not chasing screenshots or ad-hoc exports. The tasking and workflows keep our team focused, and the dashboards make it obvious where we’re passing, drifting, or need to remediate. Their policy templates and auditor-friendly evidence packages have made audit prep much calmer.
What do you dislike about the product?
Mostly nits. A few AWS tests can be a bit strict Initial IAM permission setup took a moment of back-and-forth to align with our least-privilege standards. None of these were blockers, and once dialed in, the signal-to-noise has been excellent.
What problems is the product solving and how is that benefiting you?
Secureframe solves the revenue, gating problem of security compliance. For the enterprise deals we pursue, SOC 2 and ISO 27001 are now table stakes. Without them, procurement won’t move forward.
SecureFrame definitely helps our SaaS Co achieve and stay compliant using less internal resources
What do you like best about the product?
Some of the things I like best about SecureFrame are the extensive resources and templates it offers, the automation of compliance tests, the ability to easily view an overview of our ISMS health, and the dedicated success manager who collaborates with our security team year-round to help us achieve certification.
What do you dislike about the product?
While there are still some missing features for tracking risks and the downloadable agent our employees use to track their laptops isn’t perfect, I’ve seen definite improvements thanks to our feedback, and despite these dislikes, I would still highly recommend the product.
What problems is the product solving and how is that benefiting you?
SecureFrame has addressed our challenges—like not having full-time security staff, missing policies, and knowledge gaps—by streamlining and automating compliance processes, which enabled our team to successfully achieve initial certification in two frameworks in under 16 months.
Smooth SOC2 Compliance with Exceptional Support
What do you like best about the product?
Secureframe made preparing for our SOC2 audit straightforward and stress free. The platform provided an easy way to centralize all required information, making it simple to track progress and stay organized. The integrations were quick to set up and worked seamlessly with our existing tools. Our Customer Success Manager, Coletta Edison, was both knowledgeable and highly responsive, providing valuable guidance that helped us complete our audit efficiently. We met with her frequently and she was so helpful every time we connected with her. The overall experience left us feeling well prepared for future compliance cycles and I expect to use it moving forward.
What do you dislike about the product?
I don't have much criticism of the product. We provided feedback along the way and I believe it is being addressed in a future update. Mainly the abililty to customize timing and followup schedules for our team's compliance acceptance and training.
What problems is the product solving and how is that benefiting you?
The main problem Secureframe solves for us is organizing our information to complete our annual SOC2 compliance audit quickly and efficiently. It's nice to have it all in one place for the future too.
Secureframe - The Magical Automation Behind Continuous Compliance
What do you like best about the product?
For me, as a cybersecurity professional concentrated in automating at scale compliance processes, Secureframe quickly emerged as an obviously impactful product that made all the messy manual steps into this smooth sailing workflow. Using the platform supported by an API-first approach, we can bring various custom scripts and other internal tools (like SIEM and PAM solutions) into the compliance framework. It has been invaluable in automating the collection of evidence for controls that do not have standard integrations (e.g., our in-house IAM system).
Accurate real time monitoring and anomaly detection are outstanding. A simple example: Secureframe flagged an accidental misconfiguration of our cloud storage permissions, which could have been access to sensitive audit logs — a vector that was not covered by any of our existing tools. Mapping controls across multiple frameworks (SOC 2, ISO 27001, NIST CSF) in one single dashboard removes the duplicates we were locked into with non-integrated spreadsheets or point solutions.
Accurate real time monitoring and anomaly detection are outstanding. A simple example: Secureframe flagged an accidental misconfiguration of our cloud storage permissions, which could have been access to sensitive audit logs — a vector that was not covered by any of our existing tools. Mapping controls across multiple frameworks (SOC 2, ISO 27001, NIST CSF) in one single dashboard removes the duplicates we were locked into with non-integrated spreadsheets or point solutions.
What do you dislike about the product?
The automation options are impressive, but the scripting interface for creating something more advanced like a custom integration does not have the extent of an IDE. Bug in complex workflows benefit request that requires some back and forth from support. Also, the ability to customize scores within the risk assessment module tying into our internal risk appetite metrics could be a bit more granular.
What problems is the product solving and how is that benefiting you?
What Secureframe Solves: Scalability and Audit Fatigue So where exactly does Secureframe come into play? We have automated 90% of evidence collection and control testing, saving more than 40% in compliance-related FTE hours annually. For reference, our prior SOC 2 Type II audit required 8 hours of prep time on our end as opposed to 3 weeks pre-Secureframe.
It is also the bridge between security and DevOps. Using Terraform support, compliance checks will now be configured to be created in CI/CD pipeline wherein before every deploy of new infrastructure, the pipeline would ensure that the proper controls are met. The shift-left approach has reduced remediation costs by 60% and changed compliance from the end-of-the-line bottleneck to a collective action.
It is also the bridge between security and DevOps. Using Terraform support, compliance checks will now be configured to be created in CI/CD pipeline wherein before every deploy of new infrastructure, the pipeline would ensure that the proper controls are met. The shift-left approach has reduced remediation costs by 60% and changed compliance from the end-of-the-line bottleneck to a collective action.
SOC2-related audit support
What do you like best about the product?
I like the user interface and ease of navigation within SF. I also appreciate the integrations with our existing applications.
What do you dislike about the product?
In some cases (e.g. Paylocity) useful integration was not possible because certain extraneous but highly sensitive personal information could not be filtered out.
What problems is the product solving and how is that benefiting you?
SF is helping us solve SOC2 compliance and related audit support. This is invaluable to enterprise clients and for best-practice governance as well.
A Seamless Path to SOC 2 with a Truly Supportive Partner
What do you like best about the product?
Our experience with Secureframe has been nothing short of amazing. Going into our SOC 2 journey, we weren’t entirely sure what to expect, but the platform made everything feel straightforward and manageable. The tools are user-friendly, the integrations saved us countless hours, and the real-time tracking kept everyone on the same page.
What truly made the difference, though, was our Customer Success Manager. He was incredibly responsive and he always available to answer our questions, walk us through best practices, or just check in to make sure things were running smoothly. He also made a point to keep us updated on new features and improvements as they rolled out, which helped us take full advantage of the platform as it evolved.
Thanks to Secureframe, we not only achieved compliance but built stronger internal processes in the process. It felt less like working with a vendor and more like working with a partner who genuinely cared about our success. Highly recommend!
What truly made the difference, though, was our Customer Success Manager. He was incredibly responsive and he always available to answer our questions, walk us through best practices, or just check in to make sure things were running smoothly. He also made a point to keep us updated on new features and improvements as they rolled out, which helped us take full advantage of the platform as it evolved.
Thanks to Secureframe, we not only achieved compliance but built stronger internal processes in the process. It felt less like working with a vendor and more like working with a partner who genuinely cared about our success. Highly recommend!
What do you dislike about the product?
Secureframe has a lot of powerful features, but I found the initial onboarding experience a bit overwhelming. The platform presents a ton of information up front, which can make it difficult to know where to start, especially for teams going through their first compliance process. There's definitely a learning curve, and without prior experience in frameworks like SOC 2, it can feel like information overload.
That said, once you get familiar with the layout and workflows, the platform does become more intuitive. And while the tool itself could benefit from a more guided, step-by-step learning experience, the support team and Customer Success Managers are responsive and helpful when you reach out.
Overall, Secureframe has solid potential, but I’d love to see a more beginner-friendly approach for first-time users, especially those managing compliance on small or resource-limited teams.
That said, once you get familiar with the layout and workflows, the platform does become more intuitive. And while the tool itself could benefit from a more guided, step-by-step learning experience, the support team and Customer Success Managers are responsive and helpful when you reach out.
Overall, Secureframe has solid potential, but I’d love to see a more beginner-friendly approach for first-time users, especially those managing compliance on small or resource-limited teams.
What problems is the product solving and how is that benefiting you?
Secureframe is helping us solve the complexity and time-consuming nature of managing compliance, specifically for SOC 2. Before using the platform, we weren’t sure how to approach the process efficiently or confidently. Secureframe simplifies that by automating evidence collection, integrating with our existing tools, and giving us a clear, centralized view of our compliance posture.
The biggest benefit has been time savings and peace of mind.
The biggest benefit has been time savings and peace of mind.
showing 131 - 140