Reviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
1,158 reviews
from
External reviews are not included in the AWS star rating for the product.
Small Team, Big Compliance Wins with Secureframe
What do you like best about the product?
For small IT teams, it is a game-changer. We did SOC 2 without lifting a finger using the policy library and auto evidence collection (Jira, Google Workspace). Support was on the front foot when people encountered problems integrating with GitHub Speedy response to GitHub integration issue that even non-technical stakeholders could compare.
What do you dislike about the product?
Mobile access is slow - I wish I could admin on the run. Contextual Alerts not providing any context and forcing the user to click into it to understand what has occurred. Couple niche tools manually uploaded (cough yea our local HR system), which is good in the following way.
What problems is the product solving and how is that benefiting you?
We no longer find ourselves stuck in a vicious cycle of being reactive and scrambling during audits, and are always audit ready. We can give a need to know compliance status instantly, so sales cycles are much shorter. The biggest benefit? Security posture is believed to be at rest 24/7.
From Manual Headaches to Automated Peace of Mind
What do you like best about the product?
The integrations are incredibly fast to set up. We had AWS, GCP, and our HR system connected in days, and the automations just works in the background.
What do you dislike about the product?
it's all been positive. I could see even more value if there were advanced onboarding tips for new users to unlock features faster.
What problems is the product solving and how is that benefiting you?
We've reduced manual audit prep by 80%. My team can now focus on strengthening security instead of chasing paperwork.
Smooth SOC2 Compliance with Exceptional Support
What do you like best about the product?
Secureframe made preparing for our SOC2 audit straightforward and stress free. The platform provided an easy way to centralize all required information, making it simple to track progress and stay organized. The integrations were quick to set up and worked seamlessly with our existing tools. Our Customer Success Manager, Coletta Edison, was both knowledgeable and highly responsive, providing valuable guidance that helped us complete our audit efficiently. We met with her frequently and she was so helpful every time we connected with her. The overall experience left us feeling well prepared for future compliance cycles and I expect to use it moving forward.
What do you dislike about the product?
I don't have much criticism of the product. We provided feedback along the way and I believe it is being addressed in a future update. Mainly the abililty to customize timing and followup schedules for our team's compliance acceptance and training.
What problems is the product solving and how is that benefiting you?
The main problem Secureframe solves for us is organizing our information to complete our annual SOC2 compliance audit quickly and efficiently. It's nice to have it all in one place for the future too.
Secureframe - The Magical Automation Behind Continuous Compliance
What do you like best about the product?
For me, as a cybersecurity professional concentrated in automating at scale compliance processes, Secureframe quickly emerged as an obviously impactful product that made all the messy manual steps into this smooth sailing workflow. Using the platform supported by an API-first approach, we can bring various custom scripts and other internal tools (like SIEM and PAM solutions) into the compliance framework. It has been invaluable in automating the collection of evidence for controls that do not have standard integrations (e.g., our in-house IAM system).
Accurate real time monitoring and anomaly detection are outstanding. A simple example: Secureframe flagged an accidental misconfiguration of our cloud storage permissions, which could have been access to sensitive audit logs — a vector that was not covered by any of our existing tools. Mapping controls across multiple frameworks (SOC 2, ISO 27001, NIST CSF) in one single dashboard removes the duplicates we were locked into with non-integrated spreadsheets or point solutions.
Accurate real time monitoring and anomaly detection are outstanding. A simple example: Secureframe flagged an accidental misconfiguration of our cloud storage permissions, which could have been access to sensitive audit logs — a vector that was not covered by any of our existing tools. Mapping controls across multiple frameworks (SOC 2, ISO 27001, NIST CSF) in one single dashboard removes the duplicates we were locked into with non-integrated spreadsheets or point solutions.
What do you dislike about the product?
The automation options are impressive, but the scripting interface for creating something more advanced like a custom integration does not have the extent of an IDE. Bug in complex workflows benefit request that requires some back and forth from support. Also, the ability to customize scores within the risk assessment module tying into our internal risk appetite metrics could be a bit more granular.
What problems is the product solving and how is that benefiting you?
What Secureframe Solves: Scalability and Audit Fatigue So where exactly does Secureframe come into play? We have automated 90% of evidence collection and control testing, saving more than 40% in compliance-related FTE hours annually. For reference, our prior SOC 2 Type II audit required 8 hours of prep time on our end as opposed to 3 weeks pre-Secureframe.
It is also the bridge between security and DevOps. Using Terraform support, compliance checks will now be configured to be created in CI/CD pipeline wherein before every deploy of new infrastructure, the pipeline would ensure that the proper controls are met. The shift-left approach has reduced remediation costs by 60% and changed compliance from the end-of-the-line bottleneck to a collective action.
It is also the bridge between security and DevOps. Using Terraform support, compliance checks will now be configured to be created in CI/CD pipeline wherein before every deploy of new infrastructure, the pipeline would ensure that the proper controls are met. The shift-left approach has reduced remediation costs by 60% and changed compliance from the end-of-the-line bottleneck to a collective action.
A Lifesaver for Multi-Framework Compliance in Enterprise IT
What do you like best about the product?
Admittedly, the whole thing was surprisingly simple — we were going live with control mapping in just a few days. They did an autopsy from log and automatically collected, especially for AWS, which means never touch a log again in our day to day mundane job of grep/nr. kubectl command, and the audit trail aids in vendor assessments. Even for micro-questions on how HIPAA interacts with GDPR. Customer service responded to these back and forth less than a day I use it in my daily job for Data quality audit on Employee training compliance and Access reviews. no more boring SAML based Service provider integrations.
What do you dislike about the product?
Nothing to dislike at all, but Reporting lacks some flexibility if I want to nitpick.
What problems is the product solving and how is that benefiting you?
We're in the fourth week now where we've broken down the work that needs to be done prior to audit. Related Quick Links234: Speeding the Response to Security Questionnaires, Nearly a Million Forwarded Unmanaged Migrations, and Early Detection of Misconfigurations with Instant Monitoring. The best part is it has now helped us to have a more collaborative team with an increase in cross-team accountability as well.
AI Compliance That Saves Weeks Of Work
What do you like best about the product?
The automated evidence collection and AI-generated remediation are game changer. We no longer chase people for document Secreframe pulls everything into one place, organized and audit-ready
What do you dislike about the product?
Everything works perfectly it's dashboard match our internal workflow
What problems is the product solving and how is that benefiting you?
Before Secureframe, our company prep consumed weeks of time. Now everything is ready in real time. we've cut SOC 2 readiness work by about 40% and our audit are smoother than ever
SOC2-related audit support
What do you like best about the product?
I like the user interface and ease of navigation within SF. I also appreciate the integrations with our existing applications.
What do you dislike about the product?
In some cases (e.g. Paylocity) useful integration was not possible because certain extraneous but highly sensitive personal information could not be filtered out.
What problems is the product solving and how is that benefiting you?
SF is helping us solve SOC2 compliance and related audit support. This is invaluable to enterprise clients and for best-practice governance as well.
From Compliance Overwhelm to Effortless Audits with Secureframe
What do you like best about the product?
The workflow has been automated to such an extent that it allows for IT Managers, reducing the heavy load of juggling across multiple frameworks (SOC 2,ISO 27001). "Sophisticated controls are distilled down to bite-sized, achievable tasks and self-service integrations with tools like Azure AD & GitHub handle 90% of the heavy lifting in establishing your evidence. We received tremendous customer support and they helped us to set up the controls over our special infrastructure. The policy templates saved us weeks of starting from scratch, and the dashboard gave a genuine time overview of compliance gaps.
What do you dislike about the product?
Though they were hand-held through the onboarding team so actually strategy was good. The integrations work well mostly, however, some manual evidence uploading yet not okay (e.g. our onprem asset tracker).
What problems is the product solving and how is that benefiting you?
We had enterprise contracts that required SOC 2 compliance, and we were small without security as a full-time area of focus. Assisted by Secureframe (80% of the work was automated!) We can now verify compliance around the clock and have basically sped up sales cycles by making you audit-compliant.
A Seamless Path to SOC 2 with a Truly Supportive Partner
What do you like best about the product?
Our experience with Secureframe has been nothing short of amazing. Going into our SOC 2 journey, we weren’t entirely sure what to expect, but the platform made everything feel straightforward and manageable. The tools are user-friendly, the integrations saved us countless hours, and the real-time tracking kept everyone on the same page.
What truly made the difference, though, was our Customer Success Manager. He was incredibly responsive and he always available to answer our questions, walk us through best practices, or just check in to make sure things were running smoothly. He also made a point to keep us updated on new features and improvements as they rolled out, which helped us take full advantage of the platform as it evolved.
Thanks to Secureframe, we not only achieved compliance but built stronger internal processes in the process. It felt less like working with a vendor and more like working with a partner who genuinely cared about our success. Highly recommend!
What truly made the difference, though, was our Customer Success Manager. He was incredibly responsive and he always available to answer our questions, walk us through best practices, or just check in to make sure things were running smoothly. He also made a point to keep us updated on new features and improvements as they rolled out, which helped us take full advantage of the platform as it evolved.
Thanks to Secureframe, we not only achieved compliance but built stronger internal processes in the process. It felt less like working with a vendor and more like working with a partner who genuinely cared about our success. Highly recommend!
What do you dislike about the product?
Secureframe has a lot of powerful features, but I found the initial onboarding experience a bit overwhelming. The platform presents a ton of information up front, which can make it difficult to know where to start, especially for teams going through their first compliance process. There's definitely a learning curve, and without prior experience in frameworks like SOC 2, it can feel like information overload.
That said, once you get familiar with the layout and workflows, the platform does become more intuitive. And while the tool itself could benefit from a more guided, step-by-step learning experience, the support team and Customer Success Managers are responsive and helpful when you reach out.
Overall, Secureframe has solid potential, but I’d love to see a more beginner-friendly approach for first-time users, especially those managing compliance on small or resource-limited teams.
That said, once you get familiar with the layout and workflows, the platform does become more intuitive. And while the tool itself could benefit from a more guided, step-by-step learning experience, the support team and Customer Success Managers are responsive and helpful when you reach out.
Overall, Secureframe has solid potential, but I’d love to see a more beginner-friendly approach for first-time users, especially those managing compliance on small or resource-limited teams.
What problems is the product solving and how is that benefiting you?
Secureframe is helping us solve the complexity and time-consuming nature of managing compliance, specifically for SOC 2. Before using the platform, we weren’t sure how to approach the process efficiently or confidently. Secureframe simplifies that by automating evidence collection, integrating with our existing tools, and giving us a clear, centralized view of our compliance posture.
The biggest benefit has been time savings and peace of mind.
The biggest benefit has been time savings and peace of mind.
Great for lean businesses
What do you like best about the product?
The SecureFrame system makes it very easy to get started with SOC2. The framework of tests and evidence they provide (in conjunction with great auditor partners) takes away the need to have pricey consultants.
Onboarding is simple, with many integrations if your infrastructure and other tools are largely cloud-based/SaaS. Your Customer Success contact will happily spend time with you to answer questions and make sure you are successful.
The largest benefit as a lean team, in my opinion, is the ability to set everything up properly, and then not need to spend much time year over year worried about the next audit. Not needing to use the software on a daily basis is huge, as the team can instead focus on more customer-facing matters.
Onboarding is simple, with many integrations if your infrastructure and other tools are largely cloud-based/SaaS. Your Customer Success contact will happily spend time with you to answer questions and make sure you are successful.
The largest benefit as a lean team, in my opinion, is the ability to set everything up properly, and then not need to spend much time year over year worried about the next audit. Not needing to use the software on a daily basis is huge, as the team can instead focus on more customer-facing matters.
What do you dislike about the product?
While it's great that SecureFrame has integrations, there's still a good chance that for some aspects you'll have to fallback to manual evidence collection. The tests can also be fairly rigid, and won't handle alternative solutions well. It's best to have a decent understanding of SOC2 so that you can work with your auditors to ensure you're not doing needless work that has no benefit other than turning a SecureFrame test green.
What problems is the product solving and how is that benefiting you?
SecureFrame solves our SOC2 compliance needs. In our space, this is required by many larger and/or more sophisticated clients.
showing 401 - 410