Reviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
1,081 reviews
from
External reviews are not included in the AWS star rating for the product.
We automated our SOC 2 evidence collection for a complex AWS and SaaS stack.
What do you like best about the product?
The easiest integration was the biggest win for us. Our stack consists of AWS services, including EC2, S3, IAM, and other important SaaS operations tools, such as engineering Jira and HR HiBob. The process of getting Secureframe hooked into everything was refreshingly simple. The automatic evidence collection is the MVP – it's always pulling the latest data from these systems, so there’s no mad scramble before an audit. The customer service team also deserves a shout-out; they were very attentive during setup and helped us map a few custom controls to our specific Jira workflows.
What do you dislike about the product?
For an automation-focused platform, the vendor risk management module can be a little manual when you have high volumes of assessments. Although it helps to standardize the data collection process, the follow-up with third-party vendors think merchants, for example still requires a lot of manual work beyond the system. I would love to see more automated follow-up reminders and better status tracking built into the workflow.
What problems is the product solving and how is that benefiting you?
It absolutely changed the game for our auditability. Prior to Secureframe, all of our compliance was a stressful, quarterly fire drill, where engineers were taken off their normal jobs to spend days taking screenshots and grabbing logs manually. Now, our information is assembled automatically and tirelessly. This has provided me, as an engineering leader, some real peace of mind. To me, that means we can easily create a real-time report at any point that says we are still in compliance for SOC 2. No longer about passing audits, but maintaining a strong and verifiable security posture day in and day out, which is critical for our enterprise sales cycles.
Essential Compliance Platform That Transformed Our Security Posture
What do you like best about the product?
SecureFrame has been instrumental in transforming our organization's security posture. The platform excels at identifying missing controls and gaps in our security framework that we weren't even aware existed. The risk assessment capabilities are thorough and provide clear, actionable insights that have helped us build a robust security program from the ground up. The automated control mapping and gap analysis features are particularly valuable for organizations looking to achieve compliance with frameworks like SOC 2.
One of the most impactful features has been the employee onboarding management system. SecureFrame has simplified our security training and policy acknowledgment processes significantly. The platform makes it easy to track completion rates, ensure all new hires receive proper security training, and maintain compliance documentation. This has reduced our administrative burden while ensuring we meet all regulatory requirements for employee security awareness.
The policy management functionality is outstanding. SecureFrame provides a centralized repository for all our security policies with version control, approval workflows, and automated distribution to relevant stakeholders. The platform's ability to generate policy templates, track policy acknowledgments, and maintain audit trails has been invaluable. The integration with compliance frameworks ensures our policies align with industry standards and regulatory requirements.
One of the most impactful features has been the employee onboarding management system. SecureFrame has simplified our security training and policy acknowledgment processes significantly. The platform makes it easy to track completion rates, ensure all new hires receive proper security training, and maintain compliance documentation. This has reduced our administrative burden while ensuring we meet all regulatory requirements for employee security awareness.
The policy management functionality is outstanding. SecureFrame provides a centralized repository for all our security policies with version control, approval workflows, and automated distribution to relevant stakeholders. The platform's ability to generate policy templates, track policy acknowledgments, and maintain audit trails has been invaluable. The integration with compliance frameworks ensures our policies align with industry standards and regulatory requirements.
What do you dislike about the product?
The only area where SecureFrame falls short is in web application performance. There are occasional slowdowns and latency issues, particularly when loading large datasets or generating comprehensive reports. While these performance issues don't significantly impact functionality, they can be frustrating during peak usage times. The platform would benefit from optimization to improve response times and overall user experience.
What problems is the product solving and how is that benefiting you?
Before SecureFrame, we were struggling with fragmented security compliance management that was consuming significant time and resources. Our small development team was spending countless hours manually tracking security controls, managing policy versions, and trying to identify compliance gaps without a clear framework. We lacked visibility into our security posture and were constantly worried about missing critical requirements that could impact our business operations or customer trust.
SecureFrame has transformed our approach by providing a centralized, automated platform that automatically identifies missing security controls and compliance gaps, streamlines policy management with version control and approval workflows, and automates employee onboarding with security training tracking. The platform gives us real-time visibility into our compliance status and continuous monitoring instead of reactive compliance management. The business impact has been significant: we've reduced compliance-related administrative time by 60%, improved our security posture through systematic gap identification, and gained confidence in our ability to meet customer security requirements while building a security-first culture that scales with our business growth.
SecureFrame has transformed our approach by providing a centralized, automated platform that automatically identifies missing security controls and compliance gaps, streamlines policy management with version control and approval workflows, and automates employee onboarding with security training tracking. The platform gives us real-time visibility into our compliance status and continuous monitoring instead of reactive compliance management. The business impact has been significant: we've reduced compliance-related administrative time by 60%, improved our security posture through systematic gap identification, and gained confidence in our ability to meet customer security requirements while building a security-first culture that scales with our business growth.
A Reliable Security PPartner for Financial Services
What do you like best about the product?
The platform is intuitive and integrates smoothly with our existing tools. Their customer support is responsive and knowledgeable, which makes troubleshooting quick and painless
What do you dislike about the product?
Sometimes , new features updates come with limited guidance, so a bit more detailed documentation would help ease the learning curve.
What problems is the product solving and how is that benefiting you?
Secureframe streamlined our compliance efforts ad audit management, making complex regulations easier to navigate. This gave our team more time to focus on core business goals.
Secureframe makes Security Compliance and Vendor Reviews Painless
What do you like best about the product?
Secureframe dashboards is intuitive and keeps everything in one place. Vendor assessment are simple to send and track and their alerts helps us stay ahead of compliance gaps.
What do you dislike about the product?
Sometimes integrations need extra steps to sync correctly. A bit more automation around evidence collection would make the platform even more seamless.
What problems is the product solving and how is that benefiting you?
Secureframe makes it easy to stay compliant with SOC 2 and streamline vendor reviews, It saves us hours on manual tracking and reduces risk across our tech stack
Secureframe Simplifies cloud and Security Compliance
What do you like best about the product?
Secureframe is easy to use, quick to set up, and integrates well with our tools. Automated checks and clear dashboard make compliance stress free.
What do you dislike about the product?
Some smaller tools don't integrate yet and customizing controls can feel technical at times, more built in tips would help.
What problems is the product solving and how is that benefiting you?
Secureframe helps us stay audit ready by automating cloud and security compliance saving time and reducing manual errors.
Audit Management from crazy to ordered
What do you like best about the product?
Audit management is a game changer. We were able to assign tasks to control owners directly in Jira / Slack and turned our chaotic process into a well oiled machine. The customer service is also top draw, they are an extension of our team and provide best practice advice that transcends the platform. To be able to pull an audit ready report in minutes is amazing.
What do you dislike about the product?
The Project Management side of following an audit is good but could be improved. For example to have custom sprint like timelines within the tool for audit prep etc. would mean less reliance on external intergration with Jira.
What problems is the product solving and how is that benefiting you?
Secureframe provided structure and organization to our compliance process. It has gotten rid of the endless email chains and spreadsheets for audit work. It became part of our team’s already existing workflow by tying in with Jira and Slack, adding accountability, and transparency. This has shaved close to 40% off our pre-audit preparation time and has been a huge relief for me as the manager that will be accountable.
Simplified HIPAA Compliance
What do you like best about the product?
The amount of features for particular compliance frameworks, e.g. HIPAA is impressive. Having the pre-mapped controls and policies built in saved us weeks of implementation time. Ease of use is a strong point our compliance and engineering people have found the interface intuitive with minimal training. It was easy to integrate with our Azure Active Directory and Amazon RDS servers and we could instantly see and identify all our crucial assets.
What do you dislike about the product?
Getting more complex custom controls working initially involved some backwards and forwards with support to get right. It’s a good process, but it added a couple of days to our process. I would also like to see more flexibility in the dashboard to develop custom views for different team members.
What problems is the product solving and how is that benefiting you?
Secureframe was crucial in our ability to get a handle on our compliance in a hybrid AWS / Azure world. It does 80% of our controls evidence collection process in automatic, and allowed our compliance officers to concentrate on strategy and remediation instead of collecting evidence. It represents incontrovertible evidence of our security promise to our allies and patients.
Consolidated all of our vendor risk & internal access controls
What do you like best about the product?
What I think is the easiest is how seamless it is to work directly with some of our key HR / IT systems. Integration with Rippling and Okta was a snap, and it fully automated our system for reviewing user access. Your new hires will be assigned the compliance training, and system access levels they need automatically, and offboarding will no longer be a security issue. The vendor risk assessment module is user-friendly and has helped us standardize our entire procurement process.
What do you dislike about the product?
The questionnaire customization for vendor reviews is very robust but takes a bit of tutorial work. We ended up having to customize the default templates to our own use case. Not a fan of the reporting features when it comes to third-party risk, would like to see more visual customization for exec presentations.
What problems is the product solving and how is that benefiting you?
The major win for us is how Secureframe addressed two of our biggest headaches: keeping employee access in control and having a grasp over the risks coming from all our third-party vendors. It has removed the error-prone manual exercise of managing the spreadsheets for access reviews and vendor questionnaires. We now have one source of truth for access to SaaS apps and can onboard a new tool with confidence we have done a comprehensive, consistent security review.
A must have for every cloud native startup on GCP
What do you like best about the product?
Being gophers and a team deeply involved in the Google ecosystem, the fact it was so deeply integrated with Google Cloud Run, Cloud SQL and (Google) Workspace was the final straw. It was very easy to set up and constantly monitors our infrastructure for badly configured services. It's heavily used; it's the first tab I open in the morning to see overnight alerts. That its most appealing feature is peace of mind.
What do you dislike about the product?
Speed checks will sometimes trigger on small, non security impacting config drifts in Cloud Storage for a number of reasons. Adjusting the alert sensitivity for those particular controls takes some clicking around and might be intuitive right out of the box to help avoid alert fatigue.
What problems is the product solving and how is that benefiting you?
Secureframe made us always audit-ready. It's helped drive down the amount of time our DevOps engineers had to spend doing compliance checks, so they could focus on developing features. Last round in the audit cycle, our auditor was blown away by the neat automated evidence trail and this helped speed up the audit process significantly and there was less friction.
Automated SOC 2 Evidence Collection
What do you like best about the product?
And, to my surprise, it didn’t hurt too much getting everything to work. We had Secureframe talking to our source AWS services IAM, S3, whatever, via EC2 within days of having built it. The value is the ongoing observability; it publishes to the background and all I need to do is refresh the dashboard a couple times a week to see how compliant we are today. Customer support is awesome and super quick also with getting setup with AWS config, they helped us immensely with dialing in the permissions for the AWS Config integration.
What do you dislike about the product?
At first the price was a bit of a sticker shock for a small business like ours, but the amount of man hours we have saved has easily paid for it. The one thing I would wish for is more effective sifting of old evidence. Finding a specific alert from a few weeks ago can be a bit of a hunt.
What problems is the product solving and how is that benefiting you?
Prior to partnering with Secureframe, preparing for our SOC 2 was total mayhem. It felt like an all hands on deck scenario for the full quarter as all engineers were constantly taking screenshots and manually pulling logs to build our evidence hearing. It’s freed up 20% of our engineering team’s time not having to manually check controls and given our sales team the certainty and validated security posture necessary to close enterprise deals more quickly.
showing 181 - 190