Reviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
1,157 reviews
from
External reviews are not included in the AWS star rating for the product.
Secureframe streamlined our SOC 2 journey from months to weeks
What do you like best about the product?
Secureframe integrates seamlessly with our cloud infrastructure and workplace tools. The automated evidence collection has reduced the amount of manual work during audits. The platform provides a centralized view of compliance readiness and keeps us on track with reminders
What do you dislike about the product?
The dashboard is comprehensive, but the first time setup required guidance from their team. More step by step onboarding videos would have been helpful.
What problems is the product solving and how is that benefiting you?
SOC 2 compliance was taking us months of preparation each year, with our teams relying heavily on spreadsheets. Secureframe automated much of that burden and allowed us to shift our focus back to client security initiatives
Made SOC 2 Compliance Easy for Our Startup – Great Support and User-Friendly Platform
What do you like best about the product?
Secureframe has been great for our startup as we worked toward SOC 2 compliance. From the beginning, the support we received was outstanding. Our Customer Success Manager was incredibly friendly, responsive, and proactive, always following up and making sure our questions were answered quickly and clearly. The platform itself was mostly very easy to navigate. It simplified what could have been a very complex process. Compliance testing was straightforward, and we especially appreciated the clear visibility into all outstanding tasks, which helped us stay organized and on track. One of the standout features was how easy Secureframe made compliance training for our team, something that can often be a heavy lift for startups with limited resources. For any small startup tackling compliance for the first time, I highly recommend Secureframe.
What do you dislike about the product?
It would helpful if I could resize the columns on the Tests and Controls pages, some of the data gets cut off, which makes it harder to review at a glance. Also, a few of the tasks feel pretty manual, especially around evidence uploads. More flexibility and automation here would make a big difference.
What problems is the product solving and how is that benefiting you?
As a small startup, Secureframe is helping us streamline and manage our SOC 2 compliance process. It simplifies what would otherwise be a complex and time-consuming effort by organizing controls, tracking tasks, and keeping us audit-ready. This lets us stay focused on building our product while still meeting key security and trust requirements.
Easy-to use and effective
What do you like best about the product?
Secureframe has made it easy for us to stay on top of compliance without slowing down the business. The integrations and automation remove a lot of manual effort, and the reporting gives us a clear, executive-level view of where we stand across our compliance workstreams. We appreciate them being a reliable partner for scaling securely.
What do you dislike about the product?
We don’t have many complaints. Occasionally a test will error without clear explanation, but in those instances the Secureframe team has been very responsive and helpful in resolving the issue.
What problems is the product solving and how is that benefiting you?
Secureframe has streamlined key parts of our compliance program, including security training, policy review and acceptance, and managing our ISO 27001 and SOC 2 requirements. It saves us time, reduces manual work, and gives us confidence that we’re meeting the necessary standards.
A Life Line for Healthcare Compliance : Overwhelmed to manageable
What do you like best about the product?
I’m founder of a healthcare startup, not an expert in not getting lost in the insanely confusing labyrinth of HIPAA and SOC 2 compliance. “It’s been nothing short of a lifeline with Secureframe. And yet, prior to implementation, the thought of an audit was enough to make me shudder—a time-sucking, resource-draining black hole ridden with uncertainty that menaced the ticking heart of our business. Safe became a clear, organized process: thanks to Secureframe. The platform is essentially a linear, no-step-left-behind guide to everything you need. The best part is that I have peace of mind knowing our evidence is always being collected and neatly organized in a single place. The automatic reminders for training staff and policy acknowledgements maintain a level of consistency across the board with the pulse of the team; and since it’s a clinical setting it’s very important for us to remain like minded. “For someone in my position as a CEO, that dashboard is a godsend: It provides for me a quick, at-a-glance snapshot of our compliance health and does not take me down technical rabbit holes and gives me the confidence that I can go report to my board, ‘You know what, we’re not audit-ready — not because of the Argyle platform, but because of something we need to do.
What do you dislike about the product?
We needed to invest a large chunk of time up front by my clinical operations manager to integrate all our systems and upload policies. Back when we were a small, resource-strapped team, that was a heavy lift for the first few weeks. Also, although the platform is very suitable for general frameworks, we found a few HIPAA nuances that are specific to our patient data workflows that needed clarification from their support team. While they were useful, it was a reminder that for very specific health care use cases, there can be a small discrepancy between the automated guidance and ground truth, necessitating some manual interpretation.
What problems is the product solving and how is that benefiting you?
Secureframe is tackling our single largest non-clinical business risk of a HIPAA audit and proving to potential hospital partners that we are secure. The issue was just an internal lack of knowledge and the huge elements of manual compliance that are scary as hell. This was a business strategic problem, because without those certifications we were locked out of important partnerships and deals. Secureframe solved this for us by building the infrastructure and automation we didn’t have. The benefit is twofold. First, it has permitted us to sign agreements with large providers who need us to be a verified security postured organization. Second, and no less significantly, it has shielded my clinical team from burnout. It’s enabling them to practice medicine, rather than paperwork, by automating the compliance obligation. This is not simply a software solution; it is a strategic asset that protects our brand, makes growth possible, and defends our most critical resources: our teams’ time and attention.
Secureframe: Simplifying Compliance with Efficiency
What do you like best about the product?
Secureframe provides a centralized and user-friendly platform that greatly simplifies the audit process. I particularly appreciate the streamlined evidence collection, automated reminders, and integrations with key systems, which reduce manual follow-ups and save significant time. The platform enhances visibility into compliance progress and helps maintain consistency across audits.
What do you dislike about the product?
While Secureframe streamlines many aspects of the audit process, there are areas that could be improved. At times, the evidence requirements in the platform are either too generic or repetitive, leading to additional back-and-forth with clients. Enhanced customization options and clearer guidance within the tool would further reduce queries and make the process even more efficient.
What problems is the product solving and how is that benefiting you?
Secureframe benefits auditors by centralizing all compliance evidence in one platform, reducing the need for manual tracking and endless follow-ups. Automated reminders, system integrations, and real-time dashboards save significant time and effort, allowing auditors to focus more on assessment and analysis rather than administrative tasks. It also improves transparency and consistency across audits, making the entire process more efficient and reliable.
Our Secret Weapon to Close Enterprise Deals Faster and Build Trust
What do you like best about the product?
From my vantage point as a CMO, Secureframe is not only a security tool, but also a major business enabler. My team and I are on the front lines of trust-building with enterprise prospects, and nothing kills a deal faster than not being able to promptly address their security questionnaires. Prior to Secureframe, these requests would set off a multi-week internal fire drill, tying up key personnel across engineering, IT and security to manually gather evidence. So today some of the most difficult security assessments can be made in hours rather than weeks. We can produce a professional compliance report in real-time and grant a clean, client-facing dashboard sharing our SOC 2 and ISO 27001 posture, which is a differentiator in our sales cycle. It’s got a language of professional trust that strongly appeals to procurement and security teams at Fortune 500 companies. Its played a contributing role several high value accounts by having our compliance posture as a last check point.
What do you dislike about the product?
The platform is very security-pro centered and, while the output is exactly what I want, the interface can be a bit overwhelming as a non-technical person going in looking for something specific outside of the lay-up reports. Occasionally, I think it might be nice to have a true, more simplified, "executive view" that just does away with all the technical backend and shows me and my team at-a-glance our state of compliance health, the pending things are other teams responsibility, and a running log of recent prospect accesses. Also, while the standard reports are great we would like even more means to customize the branding for the client-facing materials in order to keep up the visual consistency that we work so hard to achieve with our sales documents.
What problems is the product solving and how is that benefiting you?
There are two problems that Secureframe solves for me, as a business owner at this fast-growing tech company. First, it removes the huge revenue friction of slow and painful security reviews. We don’t have contracts hung up in legal or procurement for months; we can provide evidence of our strong security posture right away. This dramatically cut down our sales cycle for large organizations. Second, and more importantly, it’s turned our security compliance from a cost center to a competitive advantage we measure. We take this lead with us into our marketing and sales conversations. It’s a fundamental part of our story, showing that we take data privacy and security seriously and placing credibility in the hands of potential customers straight away. The payoff is not only operational efficiency; it’s also top-line revenue growth and a more durable, credible market brand.
Compliance confidence with automation
What do you like best about the product?
The automated tracking of evidence and policies saves countless hours in audit prep.
What do you dislike about the product?
The system already integrates well-we'd just like to see more connections to AML/KYC-specific tools in the future.
What problems is the product solving and how is that benefiting you?
It makes compliance management faster and gives our clients confidence in our data security practices.
The Technical Foundation for Our Security and Compliance Program
What do you like best about the product?
As CTO, for me I have to have both a solid AND a dev platform. The ability to integrate with an API help us to incorporate compliance checks into our CI/CD process is amazing but also a game changer. Impressive features are dedicated to technical controls, particularly against cloud infrastructure with AWS and GitHub. The execution, albeit intense, was clear and intelligible. I use it every week to track architecture-level risks and the customer support for technical questions is we always very knowledgeable and able to dig in the nuance of our stack.
What do you dislike about the product?
The reporting module is great but it isn't possible to create more custom reports for different tech people without having to export reports.
What problems is the product solving and how is that benefiting you?
Source of truth for our security posture We refer to Secureframe for our security posture. It's addressing the tool-disjoint and manually verified issue by providing a unified compliance flow. It serves our engineering organization by giving them automated, easy to understand guardrails that prevent them from moving quickly and breaking compliance. It has shifted our security left in a fundamental way and decreased the friction on the development / audit requirements.
A Non-Negotiable Tool for Any Founder Serious About Scaling
What do you like best about the product?
But, as someone from a digital product background, security compliance was my larget fear when scaling. Secureframe was very inviting and easy to use. The preloaded templates and walk-thru’s were a life saver. The best part is the customer support; they became our compliance officer by default, there was never any condescension, patience in their explanations and how we should go about them. I use it bi-weekly (check on our status) and the dashboard is exactly built for a founder who needs highlight, not the details. Ease of integration also meant that our small team didn’t have to suddenly become AWS experts.
What do you dislike about the product?
The workflow for inviting auditors and managing them within the platform is good, but it still required some back and forth email coordination, I’d rather have it all 100% automated.
What problems is the product solving and how is that benefiting you?
It eliminated my own ignorance and fear of security compliance. As a co-founder, it gave me confidence selling to large enterprises while assuring them of our security practices with data to support it. The payoff is pure business acceleration. It also took something off our plate as I was trying to work on the product and company culture while trying to figure this critical foundation out.
Transformed Compliance from a Manual Audit to an Automated Control Plane
What do you like best about the product?
Secureframe has automated our cybersecurity compliance through the API. I, as an automation expert, always keep in mind the API-driven architecture as a major value for the product. Practically, we have used it to build up our CI/CD pipelines in Azure DevOps where we have installed automatic compliance gates that are capable of stopping a running deployment, if it violates a predefined SOC 2 or ISO 27001 control, for example, publishing the application to a cloud environment that is not compliant with the code. Among other products of the same kind, Secureframe is deeply and natively integrated into our core stack, which includes such elements as Azure AD for identity governance, Microsoft 365 for data loss prevention evidence, and Cloud flare for SSE policies, which means that a person's role in evidence collection has been automatically diminished to near zero. We have also been able to extend the platform by using its API to get compliance status into our internal security dashboards and SIEM, we have the ability now to expose the security officers to the latest threats. What used to be a point-in-time audit mentality is now a state of continuous, demonstrable compliance thereby drastically reducing risk.
What do you dislike about the product?
The security operations department would like to customize more the alert and remediation scripts associated with each incident type; however, as it is now, those two functions do not have as many detailed and fine-tuning options as they would have in a security operations center like a mature one. Even though it is good at spotting the most common mis-configurations, a task of creating complex conditional alerts based on multiple factors, for example, "Alert only if the critical asset is misconfigured and exposed to the internet," could demand the company to search alternative ways of accomplishing that goal. Most of the times, we have to add more logic to the webhook payloads we use to trigger external automations like ServiceNow or Jira before we are allowed to parse and enrich the data and it can then be used to trigger an automated remediation runbook. I would also appreciate it if there were more progressive capabilities for dealing with exceptions and risk acceptances automatically by means of the API, because it is still this kind of process that is gentler and more manual in the UI.
What problems is the product solving and how is that benefiting you?
Secureframe is solving the basic scalability issue of cybersecurity compliance. Prior to its deployment, our small security team was the bottleneck of the process, as they had to manually verify the controls and get evidence from the engineers. This model was not only unsustainable but also had a high risk of errors. Secureframe has been empowered to carry out the evidence collection and control monitoring throughout our multi-cloud and SaaS ecosystem (Azure, AWS, Google Workspace, GitHub) which has resulted in the primary benefit of a significant reduction in operational overhead, thus the senior security personnel are free to focus on strategic threat mitigation instead of compliance paperwork. Secondly, it has progressed security compliance as a seamless part of the DevOps lifecycle rather than a security infrastructure that is checked off from a retrospective list. This automation is the provision of the most up-to-date and indisputable evidence of cybersecurity both to leadership and clients, and hence trust is strengthened which is a major factor in the sales cycle during security reviews, that is, it is considerably shortened.
showing 331 - 340