Reviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
1,166 reviews
from
External reviews are not included in the AWS star rating for the product.
User friendly even for non-tech experts
What do you like best about the product?
As someone in a non-technical role I appreciate how user friendly Secureframe is. Many parts of the system sync automatically with other parts to ensure minimal human labor is required.
What do you dislike about the product?
Lots of nesting of information that can make it difficult to locate specific sections of the site. The search feature is great for remedying this however, but only if you know an exact key word to search for.
What problems is the product solving and how is that benefiting you?
Reducing human labor and errors. Saving money and time, aka saving lots of money.
Reliable Platform for SOC 2 & HIPAA Compliance
What do you like best about the product?
Secureframe has been an excellent tool for managing our SOC 2 and HIPAA compliance. The platform centralizes policies, automates evidence collection, and integrates smoothly with our clients existing systems, which significantly reduces manual effort.
Its clear dashboards and task tracking make it easy to monitor progress and ensure we stay on schedule.
The support team is extremely responsive and knowledgeable, providing guidance throughout the process.
Its clear dashboards and task tracking make it easy to monitor progress and ensure we stay on schedule.
The support team is extremely responsive and knowledgeable, providing guidance throughout the process.
What do you dislike about the product?
There is nothing we dislike about the platform currently. Any suggested improvements are rapidly updated.
What problems is the product solving and how is that benefiting you?
Secureframe has enabled our client to maintain SOC 2 and HIPAA readiness in a far more efficient and organized way.
From an auditor’s perspective, the platform’s automated evidence collection, centralized policy management, and clear control tracking greatly streamline the review process.
It reduces back-and-forth, ensures documentation is complete and up to date, and ultimately allows us to perform our audit more efficiently while giving the client ongoing visibility into their compliance posture.
From an auditor’s perspective, the platform’s automated evidence collection, centralized policy management, and clear control tracking greatly streamline the review process.
It reduces back-and-forth, ensures documentation is complete and up to date, and ultimately allows us to perform our audit more efficiently while giving the client ongoing visibility into their compliance posture.
Secureframe made our compliance process faster and easier, with great support
What do you like best about the product?
I like Secureframe’s intuitive dashboard, strong integrations, and responsive support team that makes compliance tracking and evidence collection feel seamless.
What do you dislike about the product?
Secureframe takes time to implement suggested features.
What problems is the product solving and how is that benefiting you?
Secureframe is solving the time-consuming, manual burden of preparing for and maintaining compliance with standards like SOC 2, ISO 27001 by automating evidence collection, continuous monitoring, and policy management—saving significant audit prep time, reducing human error, and giving real-time visibility into security posture.
Streamlined Vendor Security Compliance for Enterprise Integrations
What do you like best about the product?
This has simplified the vendor security assessment process greatly for us as Senior Platform Engineer of the Integrations team at Capital One. The platform is very automated and significantly takes manual effort out of needing to understand third-party compliance, especially for SOC 2 & ISO 27001. It has pre-mapped controls and policy templates which are in sync with our internal standards and evidence-collection workflow is very streamlined. Centralized Dashboard to Track Risk from Vendors — This is useful for us because my team saves time in onboarding new marketplace partners.
What do you dislike about the product?
Although the main features are quite stable, we did have to do a good amount of setup to get this integrated with our internal systems — some enterprise scale items like custom API workflows. It sometimes requires us to cross reference manually with other tools for the gaps in the vendor responses during assessments which should be done more clearly on UI. More deeply integrating with Jira or ServiceNow would continue to streamline our ticketing process for remediation.
What problems is the product solving and how is that benefiting you?
Secureframe makes it so we do not need to worry about scaling vendor due diligence and can maintain audit readiness. Automating evidence collection and control mapping have reduced our assessment cycles by ~40% and reliance on spreadsheets. With everyone from law firms, to development shops and cloud consulting agencies trying to get in on the FinTech action compliance is king — it means we can address risks proactively (especially when our software integrates with an external marketplace). The regulated nature of the platform also ensures uniformity between the different teams which is very useful when going through internal audits.
Exceptional compliance platform for me and my organization
What do you like best about the product?
I truly appreciate how Secureframe helped my organization achieve SOC 2 compliance — it made the entire process significantly smoother. In the past, SOC 2 compliance involved overwhelming amounts of documentation, but with Secureframe, it felt like a streamlined and effortless journey. The platform offers numerous controls that can be mapped directly to policies, automated test passes, and much more.
It’s intuitive and easy to learn, but what stands out most is the unwavering support from the Secureframe team. Their responsiveness, dedication, and willingness to go above and beyond are exceptional. They consistently provide timely assistance and never shy away from addressing any concerns.
Secureframe also brings everything together — from integrating vendors and onboarding users to maintaining inventory and more. With its extensive features, I would highly recommend it to anyone seeking a robust compliance solution.
It’s intuitive and easy to learn, but what stands out most is the unwavering support from the Secureframe team. Their responsiveness, dedication, and willingness to go above and beyond are exceptional. They consistently provide timely assistance and never shy away from addressing any concerns.
Secureframe also brings everything together — from integrating vendors and onboarding users to maintaining inventory and more. With its extensive features, I would highly recommend it to anyone seeking a robust compliance solution.
What do you dislike about the product?
While Secureframe is an excellent platform overall, there are a few areas where it could be improved. The employee training module could be expanded to cover a broader range of topics. Additionally, the TPA module would benefit from enhancements — particularly simplifying the process after uploading questionnaires, as managing them afterward can be challenging. Making these workflows more intuitive would further improve the overall user experience.
What problems is the product solving and how is that benefiting you?
Secureframe has simplified and accelerated our journey to achieving and maintaining SOC 2 compliance. It eliminates the need for manual tracking of multiple controls, policies, and audit requirements by providing an automated, centralized platform. The automated evidence collection, policy mapping, and integration with our systems save significant time and effort, reducing the risk of human error.
Simplified HIPAA Compliance for Our Engineering Team
What do you like best about the product?
Secureframe actually provides developer-friendly, step-by-step instructions on how to fix compliance gaps (like having unencrypted databases or incorrect IAM roles set up). Rather than guessing what auditors are looking for, we receive simple actionable steps to fix the issues. The employee training modules are also well laid out and assist with bringing new hires onto compliance policies easily.
What do you dislike about the product?
There were some issues with the rigidity of a few of the automated tests, viz. one or two false positives from legacy systems that werent easy to reconfigure. While these were resolved with the help of the support team, a bit more leeway in customizing rules could be nice.
What problems is the product solving and how is that benefiting you?
A team of <2, we were no experts in HIPAA compliance. Secureframe is the compliance solution that has automated checks and remediation steps for every point on a framework, while maintaining an audit trail. Secureframe was a lifesaver: it helped us through our first HIPAA audit and made sure we passed with flying colors — zero major findings.
Compliance made easy and simple
What do you like best about the product?
Secure Frame helps condense all of the required tests and evidence in 1 general application, making it easier to tag and assign each piece of information to its related security certificate. It also allows for integration with company systems to help complete required tasks or tests.
What do you dislike about the product?
Some features are missing, such as being able to assign more than 1 role to a user or being able to edit a questionnaire document that has been uploaded but perhaps these will be added in the future via a roadmap. Some information is quite vague on some controls test and definitely needs some expanding on but luckily our Secure Frame representative is always willing to take time to explain in greater detail.
What problems is the product solving and how is that benefiting you?
Secureframe is solving the compliance and risk tasked while keeping them all in 1 area/application. It is beneficial because its all kept under 1 application.
Secureframe has been a game changer for audit readiness and super easy to use!
What do you like best about the product?
SecureFrame has been a game-changer for our SOC 2 Type 1 audit process. What could have been a complex and time-consuming turned into a surprisingly manageable project thanks to their platform. The initial implementation was easy and if we faced any issues, their customer support was quick to help.
The guided approach walks you through each control requirement step-by-step, making it clear exactly what evidence you need and how to collect it and the real-time dashboard gave us confidence that we were staying on track throughout the entire process.
Easy to monitor personnel and create policies as well.
The guided approach walks you through each control requirement step-by-step, making it clear exactly what evidence you need and how to collect it and the real-time dashboard gave us confidence that we were staying on track throughout the entire process.
Easy to monitor personnel and create policies as well.
What do you dislike about the product?
Sometimes the connections to all the tests of each control can be confusing but that may just be due to the nature of the framework rather than an issue with the platform
What problems is the product solving and how is that benefiting you?
- Tracking that our employees are compliant and secure on their hardware, this would not have been possible before
- Working on our audit readiness, ensured we were quickly able to get our SOC 2 type 1 compliance
- Vendor security: keeping all our vendor information in one place along with their security compliance information
- Working on our audit readiness, ensured we were quickly able to get our SOC 2 type 1 compliance
- Vendor security: keeping all our vendor information in one place along with their security compliance information
Streamlined compliance
What do you like best about the product?
Saves us a lot of time thanks to automated checks (integrations: AWS, GitHub). Runs continously, so we can mitigate the findings as soon as they show up, avoiding the pre-audit pile-up.
What do you dislike about the product?
The automated checks sometimes take too long to synchronize.
What problems is the product solving and how is that benefiting you?
We're using Secureframe for managing SOC2 compliance.
Helps to keep a good overview for our Certification
What do you like best about the product?
We use Secureframe to keep track of all the documentation and evidence needed for our ISO9001 certification. The pre-defined tests and direct integration with our Google Drive and GitHub saved us a lot of time in the setup and maintenance of our Quality Management System.
Secureframe is easy to use and whenever we have any questions the team is there to help us move forward.
Secureframe is easy to use and whenever we have any questions the team is there to help us move forward.
What do you dislike about the product?
Document management is very limited. The history of changes is not automatically generated and there is no way to cooperate with team members on one document (by suggesting changes, or making comments).
When assigning tests / requirements to team members, they are not automatically notified when they are due to upload evidence. You need to create a task explicitly, which adds a lot of manual work.
When assigning tests / requirements to team members, they are not automatically notified when they are due to upload evidence. You need to create a task explicitly, which adds a lot of manual work.
What problems is the product solving and how is that benefiting you?
Having one central system where we can find all our ISO related documentation helps us keep track of everything and prepare for an audit. It also helps during the audit to give the auditor confidence in our Quality Management System.
showing 591 - 600