Sign in
Sign in
or
Create a new account
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Secureframe Automated Security, Privacy & Compliance Platform

Secureframe

Reviews from AWS customer

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

1,157 reviews
from

External reviews are not included in the AWS star rating for the product.

    Wes C.

The Strategic Enabler for Enterprise Deals and Investor Confidence

  • August 19, 2025
  • Review provided by G2

What do you like best about the product?
Just as a CEO I'm heads-down on growing and managing risk, and Secureframe has been an incredible partner on both sides of the equation. The UI is slick; I can do a check in each week and get a very user-friendly, big-picture view of the health of our compliance without getting buried in the weeds. While this is important for board-level reporting and investor relations. The handoff was smooth, staffed by a team of support that felt like our own. The features, especially the vendor security assessments on autopilot, have been invaluable. We can now provide professional-grade slick reports to prospects within sales' and adding significantly to enterprise contract closures. It hooked right into our cloud infrastructure, so we had it up and running in no time.
What do you dislike about the product?
The pace of these automated alerts can sometimes be noisy because our team tells me that this isn’t a bug but a feature near and dear to their hearts as it reflects the Amazonian desire for function over form.
What problems is the product solving and how is that benefiting you?
Secureframe was the solution to our trust issue at the baseline. Until now, the process of getting SOC 2 ready has been a black box—expensive, time-consuming and a distraction from what is most important to your business. But now it’s a streamlined, orderly one. That pays off for us as it engenders an incredible trust dynamic with the enterprise customers and investors, and often itis the decider that gives us the edge in particularly competitive deals. It turned us from a cost center into a business enabler, and it has heavily contributed to revenue growth.

    Brandon H.

The Bridge Between DevOps Velocity and Audit-Ready Compliance

  • August 19, 2025
  • Review provided by G2

What do you like best about the product?
As an ITDevOps engineer, I am constantly battling the trade-off between fast development and security thoroughness. The Secureframe platform is the one that manages to successfully connect this divide without lowering either. The API-first approach and the Terraform provider give us the ability to define our compliance posture, which means we can manage the security controls the same way as the infrastructure code. The main advantage is that we can seamlessly integrate our evidence collection directly from our CI/CD pipelines in Azure DevOps or GitHub Actions and thus, every deployment is automatically verified against SOC 2 and ISO 27001 controls. The pre-built integrations with cloud providers such as AWS and Azure are the main source of strength; rather than you having to do the writing of custom scripts to check for S3 bucket policies or unencrypted storage accounts, Secureframe is doing that continually and is also bringing the drift to you in a single dashboard. The point where a failed security scan in the pipeline is automatically linked to the compliance control exception is the method that has changed the way we handle risk. It makes the abstract policies tangible, concrete, and actionable and thus, tickets in Jira become the ones we get through the Slack channel which is connected to it.
What do you dislike about the product?
Considering the fact that the platform is designed specifically for technologists, the custom alerting and remediation workflow can sometimes be quite inflexible. We would like to have the ability to start the particular automated runbooks in Ansible or ServiceNow when a critical compliance failure is discovered. However, the webhook payloads are often so generic that we are compelled to create a middleware parser to make them compatible. Also, the granularity of the automated tests appears as a disadvantage; they are perfect for the most frequent cloud misconfigurations but have limitations when it comes to custom Kubernetes security contexts or complex Azure Policy definitions. We frequently supplement our manual evidence collection which unfortunately disrupts the flow of the automation process that we aim to achieve. Although evidence collection at the core is done in a strong manner, the reporting API has an impression of being secondary which makes it problematic in extracting raw compliance data to internal executive dashboards without a complicated extraction job.
What problems is the product solving and how is that benefiting you?
Secureframe is tackling the problem of compliance that is the main cause of a bottleneck. In a fast-paced DevOps environment, security and compliance were the last, slow, and painful steps of the process, which were usually done manually and after the fact. Now, compliance is not only automated but also 'shifted left'. It is actually part of the pipeline itself.

The problem of evidence collection-a process that took a lot of time and that pulled engineers away from their work-has been solved in such a way that they can now do cloud-native services without any restrictions. This is benefiting us as it enables us to have a single source of truth for audit trails across hybrid cloud environments, which in turn, drastically reduces the mean time to remediate (MTTR) security drift and gives our developers immediate feedback on their compliance posture without them needing to become compliance experts. It has also made our cloud infrastructure safer and more compliant by default and not just during an audit.

    Dean B.

Our Go-To for Security Compliance

  • August 19, 2025
  • Review provided by G2

What do you like best about the product?
Their prebuilt integrations (GitHub, Okta, etc.) make everyone's lives easier and even fits seamlessly into our set of tech stacks. It's something we use on a weekly basis without even thinking—it's actionable alerts and an API to automate evidence pulls. Fixed a rare AWS IAM sync issue in less than 24 hours by support.
What do you dislike about the product?
Weird UX is somewhat common (e.g., you can’t customize the templates for the invites), and the risk-scoring algorithm doesn’t offer a perfect prioritization of vulnerabilities occasionally.
What problems is the product solving and how is that benefiting you?
Secureframe in essence standardized our SOC 2 and ISO 27001 processes. It has evolved as our internal security health dashboard and dramatically decreased firesrills in advance of audits.

    Computer & Network Security

From Zero to (SOC) 2 in a month

  • August 19, 2025
  • Review provided by G2

What do you like best about the product?
We looked at a variety of compliance automation platforms, Secureframe's team and platform stood apart. They take a very straight forward approach and an unbeatable price. They supported integrations for every tool we needed and their support was prompt whenever we had a question or needed help.
What do you dislike about the product?
There are certain tests/controls that are included that aren't required as part of a SOC 2, it was sometimes difficult for us to tell what where required vs nice to have.
What problems is the product solving and how is that benefiting you?
We used Secureframe to help our start up get SOC2 Type 1 compliant in very short order. We had a unique situation of being a very small and early company, they helped us navigate the nuance of what that means and how to make it work.

    Robin D.

Great tool for Security & Compliance Management

  • August 19, 2025
  • Review provided by G2

What do you like best about the product?
Easy to use platform, great UI, amazing customer support
What do you dislike about the product?
Some non-critical integrations don't work as intended
What problems is the product solving and how is that benefiting you?
Security and compliance management tool with a great UI at an affordable price.

    Leslie O.

SOC 2 Without the Stress

  • August 19, 2025
  • Review provided by G2

What do you like best about the product?
Secureframe's Policy templates were a game changer for our marketing and legal terms, We went from to audit-ready weeks.
What do you dislike about the product?
Initial setup was a bit overwhelming especially for our community manager who's new to compliance.
What problems is the product solving and how is that benefiting you?
We needed SOC 2 to expand into enterprise e-'commerce. Secureframe made it possible without derailing product development or distracting our marketing

    Chelsea G.

Secureframe Keeps Our Data Fresh

  • August 19, 2025
  • Review provided by G2

What do you like best about the product?
Secureframe's automated evidence collection saved our lean ops tea, dozens of hours. It's like having a compliance assistant who sleeps.
What do you dislike about the product?
Vendor risk scoring feels a bit generic-- would love more nuance for food tech vendors.
What problems is the product solving and how is that benefiting you?
We handle customer data and needed HIPAA and SOC 2. Secureframe helped us stay compliant while scaling our subscription model and expending our marketing partnerships.

    Mark O.

Best Compliance for IT Teams

  • August 18, 2025
  • Review provided by G2

What do you like best about the product?
That one single dashboard is a godsend for daily compliance checks. Every week I’ll log into Secureframe to check my team’s policy acknowledgments and system integration logs, and I enjoy the color-coded signals for what I need to tackle first. They are quick to respond when you are working with the CSR team, especially during audits and the pre made templates saved us hours of documentation. 30% reduction in helpdesk matters and populating cost savings - Employee self-service portal has kept the IT out of training compliance management, HR now runs it.
What do you dislike about the product?
Tracking devices was super challenging — it would take days before some of these endpoint would sync and risk alerts which appeared to be false positives would lead to significant fire drills.
What problems is the product solving and how is that benefiting you?
Before Secureframe, compliance was a reactive scramble. Now we have a proactive system that includes reminders and evidence gathering. It has cut in half the time that we spend preparing for audits, and standardized procedures across the entire organization.

    Burton M. G.

Flawless Implementation, But Auditing Could Be Smoother

  • August 18, 2025
  • Review provided by G2

What do you like best about the product?
Onboarding was easy — we took our clouds on in days, not weeks. The policy library and automated evidence collection saved hundreds of hours. The support is amazing - they even helped research niche questions relalted to HIPAA alignment that we had.
What do you dislike about the product?
Auditor tools have not been reworked, and users have to use outside tools (not integrated with secureframe) in a redundant manner. The policy update UI could be a bit more fine grained.
What problems is the product solving and how is that benefiting you?
With Secureframe, we finally have a single source of truth for all things compliance. We Skated Through Our SOC 2 Auditing With no findings We were able to lay it all out, publicly on the platform, which built trust with our board.

    Sarah E.

Affordable, Feature-Rich, and Perfect Compliance

  • August 18, 2025
  • Review provided by G2

What do you like best about the product?
Secureframe is great value for money—automated control mapping, cloud integrations (AWS/GCP), and auditor co-authoring. The customer support was very patient as we asked our first-time SOC 2 questions, and the platform was simple enough to allow us to delegate tasks to non-technical team members. That constant monitoring keeps us audit-ready at all times.
What do you dislike about the product?
Minor sync lag in a handful of SaaS tools, risk assessment engine can sometimes make a mountain out of a molehill with low-priority items. The browser experience is not on par with the desktop version.
What problems is the product solving and how is that benefiting you?
We completed SOC 2 Type II in 4 months (vs. 8+ doing it manually) and stayed compliant with low overhead. The biggest win? Secureframe’s vendor assessments sped up our security reviews with partners.

showing 341 - 350