Sign in
Sign in
or
Create a new account
Agent Mode
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Secureframe Automated Security, Privacy & Compliance Platform

Secureframe

Reviews from AWS customer

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

1,184 reviews
from

External reviews are not included in the AWS star rating for the product.

    Alvin W.

A Reliable Partner in Navigating Third Party Risk with Confidence

  • September 21, 2025
  • Review provided by G2

What do you like best about the product?
Secureframe is a easy to use platform, and their team has been incredibly helpful whenever we had questions.
What do you dislike about the product?
The setup had a few hiccups, especially connecting with some internal tools, but once it was running, things smoothed out. it's been a reliable tools that's taken a big load off our compliance and security teams.
What problems is the product solving and how is that benefiting you?
Working with Secureframe made managing third party and supplier risk at sorcero so much easier. Before, it felt like we were constantly scrambling to vet vendors and track down security documentations. Now everything's in one place and their system helps us spot risk early without all the manual work.

    Josh (Windos) K.

Extends Our Compliance Oversight to the Entire Software SupplyChain

  • September 21, 2025
  • Review provided by G2

What do you like best about the product?
We like Secureframe’s software supply chain and vendor risk functionalities a lot. We do not just write our own code – we have a huge number of third-party libraries and services we rely on. So managing that risk is critical. Secureframe automates the security questionnaires for our vendors and provides insights into their compliance posture.

It easily integrates with our GitHub organizations and then monitors for vulnerabilities in our dependencies. This holistic view is very helpful for a financial services company like ours, where a breach in a third-party tool could be as devastating as in our own core platform.
What do you dislike about the product?
While the vendor risk database is pretty extensive, some newer, niche blockchain infrastructure providers can have very little data in it. This puts the onus back on us to do detailed assessments in some cases.
What problems is the product solving and how is that benefiting you?
It resolves the blind spot of third-party and open-source risk.

In DeFi sector, there is a saying, that you have to trust but verify. Secureframe gives us the framework for that verification. That is, every link in our technical chain is secure certified. This protects our platform from upstream vulnerabilities and gives regulators an excellent clear view of how we manage our full software supply chain.

    Mr Taiwo M.

Slashed Our Third-Party Vendor Onboarding from Weeks to Days.

  • September 21, 2025
  • Review provided by G2

What do you like best about the product?
The vendor risk management module alone is worth the price of admission. Any retail project that requires us to bring in a new supplier, payment processor, marketing tool, we now have a standardized automated security assessment process to kick off. It’s so easy to use! I launch a detailed security questionnaire to a vendor in a few clicks and track progress in real-time. This has really sped up our onboarding timelines. The customer support team helped us customize these assessments for the unique risks in retail. It was very easy to integrate into our procurement workflow.
What do you dislike about the product?
The platform is so powerful that it’s probably overkill for assessing very low-risk vendors (like a one-time event caterer). A lite assessment path would be useful.
What problems is the product solving and how is that benefiting you?
We had a massive project bottleneck — security reviews of new vendors. This was manual and slow and was holding up critical projects. Now, we have a fast, rigorous and documented process that meets all our compliance needs and allows projects to get off the ground faster — this fits into our overall time-to-market metric for new initiatives.

    Nana E.

We Built In Compliance Right Down to Our DevOps Pipeline

  • September 21, 2025
  • Review provided by G2

What do you like best about the product?
It was its evolution / design as API-first and extreme ease of automation into our CI/CD tools first and foremost (Jenkins, GitLab). We’ve even gone so far as to bake compliance checks into our deployment pipelines. Now, a pull request cannot be merged if it introduces a security misconfiguration that would have broken a SOC 2 control. This “shift-left” has been revolutionary. The usability for my team is great; it speaks our language with IaC scanning as well as real time alerts. Our AWS environment is now silently being collected, automatically updating with our evidence to avoid this being a "4 x year" process.
What do you dislike about the product?
The Terraform provider is also still a bit green. We can work around with some resources but we’d love to have all available feature parity with Web UI ( in this case Dashboard ) so that hey, we could truly manage our compliance posture as code.
What problems is the product solving and how is that benefiting you?
It removes the “audit panic” that jangles around our sprint cycles. We have a system in which there is always on, always audit-ready data and never a need to go through the laborious process of collecting evidence for auditors. This is perfect for our blockchain lending platform since every deployment is by default complaint (a must-have when dealing with financial data and crypto collateral).

    Jhony P.

Easy to use, SOC2 complains fast

  • September 21, 2025
  • Review provided by G2

What do you like best about the product?
Easy to use, follow the Security complains in a easier way. Integration with AWS, GitHub, ClickUp and other tools is smooth
What do you dislike about the product?
Some of the AWS test are not 100% accurate but they keep improved
What problems is the product solving and how is that benefiting you?
Speed up product compliance to be SOC2 Type 1 and Type 2 tests

    Jude A.

Operationalized HIPAA Compliance Mitigated Institutional Risk

  • September 20, 2025
  • Review provided by G2

What do you like best about the product?
Secureframe turned a previously ad hoc, manual task into an operationalized one. Nothing comes close in ease for tracking and handling the compliance lifecycle from policy attestations, employee training to vendor risk assessments. It gives me a single-pane of glass that I, in my role as COO, am able to leverage and see our security posture in real time. The implementation was smooth and efficient, the team got our EHR system and Active Directory integration. The customer service is outstanding and oftentimes they have been an extension of our team to help guide us through convoluted HIPAA/HITECH parameters. The features, in particular…," and "automated evidence collecting, as well as pre-built policy templates all saved us a lot of time (and legal fees".
What do you dislike about the product?
It was a significant operational cost for us to ensure we had data isolation in this way, but the ROI through reduced risk and saved staff time has justified it. It’s deep; non-technical department heads can be overwhelmed (we wound up developing internal training on this just so clinical managers could find and respond to their tasks).
What problems is the product solving and how is that benefiting you?
It addressed the key issue of institutional risk management. In health care, a compliance failure isn’t just a financial punishment; it’s an erosion of patient trust on an epic scale. Secureframe is a certifiable audit-ready system that illustrates how committed we are to the protection of Protected Health Information (PHI). This is good for our company by de-risking our organization, reducing the complexity of our audit from our external auditors and ultimately being able to tell to patients we can safeguard their data.

    Lila T r.

Cloud Compliance Made Simple and Stress Free

  • September 20, 2025
  • Review provided by G2

What do you like best about the product?
I appreciate Secureframe's interface and smooth integrations with our cloud platforms. The ease of implementations and frequent updates keep us ahead in compliance. Their customer support is exceptional responsive and knowledgeable always ready to resolve issues quickly.
What do you dislike about the product?
While Secureframe cover most compliance needs, occasionally the depth of some features feels limited for highly complex environments'. Also some integrations cloud be more seamless, Overall there are minor compare to the benefit and excellent support provided.
What problems is the product solving and how is that benefiting you?
Secureframe helps us take out of cloud compliance by automating audits and keeping our security check up to date. For Capgemini, this means less manual work and fewer worries about meeting regulations across different client setups.

    Christian S.

Secureframe makes Audit Management Simple and Stress free

  • September 20, 2025
  • Review provided by G2

What do you like best about the product?
We Really love how intuitive the platform is. The dashboards give us clear visibility into controls and their team is incredibly responsive ,customer support truly feels like a partner.
What do you dislike about the product?
Somme Initial integrations took a bit longer than expected . A few features felt hidden in the UI, but once we got used to the layout, it wasn't a blocker.
What problems is the product solving and how is that benefiting you?
Secureframe streamlines audit prep and compliance tracking, it's reduced manual effort and helped us stay audit ready without scrambling at the last minute.

    Paul S.

A Must Have Tool for Managing Vendor & Supplier Risk.

  • September 20, 2025
  • Review provided by G2

What do you like best about the product?
We Love the automated vendor tracking , easy integrations and how simple it is to onboards suppliers while staying aligned with SOC 2 and ISO requirements.
What do you dislike about the product?
There is nothing to dislike about Secureframe because they offer us the best of the best.
What problems is the product solving and how is that benefiting you?
Secureframe helps us streamline third party and vendor risk reviews, cutting down time spent chasing documents and ensuring compliance across the board.

    Sandra T.

The DevOps Bridge to Painless Cloud Compliance for FinTech

  • September 20, 2025
  • Review provided by G2

What do you like best about the product?
Speaking in terms of infrastructure, integration is one best selling point. We were able to consolidate our AWS and Azure accounts, Github orgs, CICD suite (Jenkins/Gitlab) in Bitrise within a few days. The simplicity of use for my team, along with the one / single pane of glass to see our cloud security posture against SOC 2 & ISO 27001 without us needing to be compliance gurus was awesome.

The game changer is automated, real-time evidence collection it’s constantly pulling in data on IAM roles, S3 bucket policies, security group settings and vulnerability scans. This makes my team’s manual labor go way down. The support is very good and they also possess technically knowledgeable understanding of cloud-native environments.
What do you dislike about the product?
The one minor annoyance is that if you are using cloud monitoring, the alerts for slight configuration drift can be a bit chatty. Tuning them to disregard the pre-approved low-risk anomalies that are unique to our blockchain node infra though took some time. I would also like to see tighter integration with particular scaffolding security tools in the future.
What problems is the product solving and how is that benefiting you?
It addresses the major issue regarding how to demonstrate secure configuration and operational integrity to auditors or financial examiners. In blockchain-based lending, security is not a feature it’s the product. Secureframe gives us an immutable, automated audit trail to prove that our controls are operating 24/7. That’s a win for us, it turns an otherwise-giant pain in the A$$ process into a totally-integrated component of our DevOps workflow instead of this interruptive, finger-in-a-dam "audit season" scramble. It's a way that we can provide proof to our borrowers and partners that their collateral and data is protected, which builds trust.

showing 201 - 210