Reviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
761 reviews
from
External reviews are not included in the AWS star rating for the product.
Essential Compliance Tool for Streamlined Team Coordination
What do you like best about the product?
Secureframe is a go-to tool, organizing our compliance tasks into one place. At Billor, our fintech-logistics setting means we handle sensitive client data for freight management and truck ownership programs.Secureframe's dashboards enable me to keep track of audit progress and task assignments across teams with ease. I like how the automated notifications and checklists minimize manual follow-ups, keeping everyone aligned.
What do you dislike about the product?
Initial integration with our internal tools required some trial and error to get it just right. There were a few workflows that needed manual adjustments to fit our operational process. While the product is very capable, a more guided onboarding would save time for teams like ours.
What problems is the product solving and how is that benefiting you?
Before Secureframe, compliance documentation was scattered across spreadsheets and emails. Now, our audit prep, risk assessments, and reporting are centralized. AI-powered documentation and predictive risk features in the tool help us identify gaps in controls, thus saving time and reducing potential errors on the part of the team. It is also enabling us to demonstrate compliance quickly to our partners and regulators.
Effortless Vendor Risk Management for Non-Technical Teams
What do you like best about the product?
Secureframe makes it very easy, especially for non-technical users, to manage vendor risk. I work in the accounting department and I am responsible for onboarding new vendors for our bookkeeping software and audit firms etc. We previously had Vanta but I found it too technical which made it tough to manage the financial risk of our vendors. Secureframe is easy to use. I can send a simple security questionnaire to a new vendor right from the platform, and check out their risk score in plain language. The integration with my QuickBooks online account is amazing as it flags any vendor that is overdue on their security review before I process a payment. It gives me and our finance team great peace of mind.
What do you dislike about the product?
Having to re-enter the information of all our active vendors switching from Vanta took a while. I would also love to see more pre-built questions around financial controls for bookkeeping software vendors.
What problems is the product solving and how is that benefiting you?
We do not know whether they are secure, and it solves that – it being our supply chain, our vendors. In the past, I paid vendors without investigating whether or not they were a security risk to the company. Now, I have a clear process. It protects the firm against financial fraud and data breaches. Further, external audits are easier as all vendor due diligence is organised and is easy to access.
Considerable importance to smaller fintechs.
What do you like best about the product?
It is user friendly and with automation 80 percent of the work is done. Management reports are also exportable.
What do you dislike about the product?
Wishes it had additional regional compliance templates.
What problems is the product solving and how is that benefiting you?
Reducing evidence gathering in audit and investor due dilligence.
Ideal at scaling banks.
What do you like best about the product?
Secureframe maintains our rules and guidelines in balance with minimum manual efforts. AWS integrations and Google Workspace are really good.
What do you dislike about the product?
Mid sized institutions could be more flexible in pricing.
What problems is the product solving and how is that benefiting you?
Having a number of structures to deal with as we grow global.
secureframe for SOC2
What do you like best about the product?
Customer Service was fantastic, not just software but compliance advice and technical help.
What do you dislike about the product?
Frequent bugs, but customer service promptly just aid "I'll get this fixed" and followed up in a day or two with resolution.
What problems is the product solving and how is that benefiting you?
Prior to secure frame, it took months and ~ 40k to complete a SOC assesment, after it took weeks and cost $10k
Uncomplicated, contemporary and useful.
What do you like best about the product?
Secureframe ensures that one can know what the auditors expect. The real time status dashboard enables the management to be confident.
What do you dislike about the product?
It has some documentation that is very US-centric.
What problems is the product solving and how is that benefiting you?
Lessening the time experienced in preparing audit evidence and closing gaps in compliance.
Outstanding Support Team Makes All the Difference
What do you like best about the product?
The technical support staff is second to none. They are incredibly friendly, knowledgeable, fun to work with make every effort to find an answer for even the toughest problems. If they don't know, they'll find out! (but they usually know)
What do you dislike about the product?
User management leaves a lot to be desired and audit processing, although I know that is inthe works to be overhauled.
What problems is the product solving and how is that benefiting you?
SecureFrame is helping maintain our frameworks adn track timelines to remind us when things are due as wel las giving us great information on how to pass tests, format evidence and other helpful details that make life a lot easier
Comprehensive Compliance Made Easy with Robust Integrations and Automation
What do you like best about the product?
Multi-Framework Support
Secureframe supports over 14 compliance frameworks, including:
SOC 2
ISO 27001
HIPAA
PCI DSS
GDPR
CCPA
This makes it suitable for organizations with diverse regulatory needs.
Extensive Integrations
Offers 200+ integrations with popular tools like AWS, GitHub, Jira, Azure, Google Workspace, and more—streamlining evidence collection and control monitoring.
Automated Evidence Collection
Secureframe automates many manual compliance tasks, helping teams prepare for audits faster and with less effort.
Real-Time Compliance Monitoring
Businesses can monitor their compliance posture in real time, enabling proactive risk management and faster issue resolution.
Employee Security Training
Built-in training modules help ensure that employees are aware of security best practices, which is often a requirement for frameworks like SOC 2 and HIPAA.
Risk & Vendor Management Tools
Includes features for assessing vendor risks and managing internal controls, which are critical for maintaining compliance.
Audit Readiness Support
Secureframe is designed to help teams reach audit readiness quickly—often within a couple of months for SOC 2 Type I.
Expert Support
Users report responsive support from compliance specialists, often within one business day.
Clean and Intuitive Interface
Especially helpful for first-time compliance teams, Secureframe’s UI is simple and easy to navigate.
Affordability for Startups
Pricing tiers (starting around $1,500/year) make it accessible for smaller companies looking to achieve initial compliance.
Secureframe supports over 14 compliance frameworks, including:
SOC 2
ISO 27001
HIPAA
PCI DSS
GDPR
CCPA
This makes it suitable for organizations with diverse regulatory needs.
Extensive Integrations
Offers 200+ integrations with popular tools like AWS, GitHub, Jira, Azure, Google Workspace, and more—streamlining evidence collection and control monitoring.
Automated Evidence Collection
Secureframe automates many manual compliance tasks, helping teams prepare for audits faster and with less effort.
Real-Time Compliance Monitoring
Businesses can monitor their compliance posture in real time, enabling proactive risk management and faster issue resolution.
Employee Security Training
Built-in training modules help ensure that employees are aware of security best practices, which is often a requirement for frameworks like SOC 2 and HIPAA.
Risk & Vendor Management Tools
Includes features for assessing vendor risks and managing internal controls, which are critical for maintaining compliance.
Audit Readiness Support
Secureframe is designed to help teams reach audit readiness quickly—often within a couple of months for SOC 2 Type I.
Expert Support
Users report responsive support from compliance specialists, often within one business day.
Clean and Intuitive Interface
Especially helpful for first-time compliance teams, Secureframe’s UI is simple and easy to navigate.
Affordability for Startups
Pricing tiers (starting around $1,500/year) make it accessible for smaller companies looking to achieve initial compliance.
What do you dislike about the product?
Limited Customization
Users report that Secureframe lacks flexibility in customizing workflows, templates, and controls—especially for complex or non-standard compliance needs.
Integration Challenges
While Secureframe supports many integrations, users have faced issues with:
Custom applications not being detected properly.
Work management tools (e.g., Asana, Monday.com) not integrating well, forcing teams to track tasks manually within Secureframe.
Initial Setup Confusion
Some users find the onboarding and navigation experience unclear, especially during the first-time setup.
Missing Features
Requests for:
Better test management tools
More industry-specific training materials
Enhanced regional compliance templates
Cost for Smaller Teams
Although pricing is competitive for mid-sized companies, early-stage startups may find it expensive if they don’t need all the features.
Over-Reliance on Automation
In some cases, automation can oversimplify nuanced compliance tasks, requiring manual intervention or expert guidance.
Vendor Risk Management Limitations
While Secureframe includes vendor management, users have noted that it lacks depth compared to dedicated third-party risk platforms.
Users report that Secureframe lacks flexibility in customizing workflows, templates, and controls—especially for complex or non-standard compliance needs.
Integration Challenges
While Secureframe supports many integrations, users have faced issues with:
Custom applications not being detected properly.
Work management tools (e.g., Asana, Monday.com) not integrating well, forcing teams to track tasks manually within Secureframe.
Initial Setup Confusion
Some users find the onboarding and navigation experience unclear, especially during the first-time setup.
Missing Features
Requests for:
Better test management tools
More industry-specific training materials
Enhanced regional compliance templates
Cost for Smaller Teams
Although pricing is competitive for mid-sized companies, early-stage startups may find it expensive if they don’t need all the features.
Over-Reliance on Automation
In some cases, automation can oversimplify nuanced compliance tasks, requiring manual intervention or expert guidance.
Vendor Risk Management Limitations
While Secureframe includes vendor management, users have noted that it lacks depth compared to dedicated third-party risk platforms.
What problems is the product solving and how is that benefiting you?
Manual Compliance Workflows
Traditional compliance involves spreadsheets, emails, and manual evidence collection. Secureframe automates these tasks, reducing human error and saving time.
Audit Readiness Delays
Preparing for audits like SOC 2 or ISO 27001 can take months. Secureframe accelerates this by guiding teams through readiness checklists and automating control monitoring.
Fragmented Tool Ecosystems
Evidence often lives across AWS, GitHub, Google Workspace, etc. Secureframe integrates with 200+ tools to centralize and continuously sync compliance data.
Lack of Real-Time Visibility
Without dashboards, it’s hard to know your compliance posture. Secureframe provides real-time monitoring and alerts for control failures or risks.
Vendor Risk Management Gaps
Many companies struggle to assess third-party risks. Secureframe includes tools to track vendor compliance and automate risk assessments.
Employee Training & Policy Management
Secureframe helps deploy security training and manage policy acknowledgments, which are often required for frameworks like HIPAA and SOC 2.
Traditional compliance involves spreadsheets, emails, and manual evidence collection. Secureframe automates these tasks, reducing human error and saving time.
Audit Readiness Delays
Preparing for audits like SOC 2 or ISO 27001 can take months. Secureframe accelerates this by guiding teams through readiness checklists and automating control monitoring.
Fragmented Tool Ecosystems
Evidence often lives across AWS, GitHub, Google Workspace, etc. Secureframe integrates with 200+ tools to centralize and continuously sync compliance data.
Lack of Real-Time Visibility
Without dashboards, it’s hard to know your compliance posture. Secureframe provides real-time monitoring and alerts for control failures or risks.
Vendor Risk Management Gaps
Many companies struggle to assess third-party risks. Secureframe includes tools to track vendor compliance and automate risk assessments.
Employee Training & Policy Management
Secureframe helps deploy security training and manage policy acknowledgments, which are often required for frameworks like HIPAA and SOC 2.
Continuous Innovation and Free Implementation Set This Tool Apart
What do you like best about the product?
Free and fast implementation, simple to use, integrations that just work, responsive support, and a complete SOC 2 feature set. We use it daily.
What do you dislike about the product?
Pricing feels unclear and hard to plan around. Clearer tiers and packaging would help. Advanced learning is also lacking depth.
What problems is the product solving and how is that benefiting you?
Secureframe centralizes our SOC 2 evidence and documents, continuously monitors controls, and automates testing across our stack. The result is faster audits, fewer manual tasks, clear ownership, and an audit ready posture year round.
Keeps us compliant while we scale fast.
What do you like best about the product?
Secureframe fits perfectly with our cloud stack and eliminates the trial and error of SOC 2 and ISO 27001. The observing and reminders save our staff hours in a week.
What do you dislike about the product?
The report exports can be made a bit more customizable.
What problems is the product solving and how is that benefiting you?
Ongoing engineering/risk compliance management in the expansion into new products.
showing 21 - 30