Reviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
767 reviews
from
External reviews are not included in the AWS star rating for the product.
Secureframe Makes Compliance Clear, Automated, and Audit-Ready
What do you like best about the product?
What I like most about Secureframe is how it turns compliance into a clear, manageable process. The platform brings together automation, structured workflows, and audit-ready templates, which removes a lot of the manual work and uncertainty that usually come with compliance.
It’s easy to use for both technical and non-technical users, helps keep everyone accountable, and significantly reduces audit stress.
As a best practice, I’d recommend connecting integrations early and keeping the platform continuously up to date to get the most benefit from it.
It’s easy to use for both technical and non-technical users, helps keep everyone accountable, and significantly reduces audit stress.
As a best practice, I’d recommend connecting integrations early and keeping the platform continuously up to date to get the most benefit from it.
What do you dislike about the product?
Secureframe can feel limiting in more complex or non-standard environments. Some workflows aren’t flexible enough and end up requiring manual handling outside the platform.
There’s also a noticeable learning curve at the start. It takes time to fully understand how controls, evidence, and tests connect, and how that relationship affects day-to-day work.
Best practice: plan onboarding carefully and document any custom processes early, so you can reduce friction later.
There’s also a noticeable learning curve at the start. It takes time to fully understand how controls, evidence, and tests connect, and how that relationship affects day-to-day work.
Best practice: plan onboarding carefully and document any custom processes early, so you can reduce friction later.
What problems is the product solving and how is that benefiting you?
Secureframe addresses the challenge of managing SOC 2 compliance in a structured, repeatable way. It replaces spreadsheets, email threads, and scattered documents with a single, clear system.
For us, that means time saved, less manual work, and lower audit stress. It also improves visibility into our compliance status, helps keep owners accountable, and makes audits feel more predictable and efficient.
Best practice: use Secureframe continuously, not just right before an audit, to get long-term value and avoid last-minute gaps.
For us, that means time saved, less manual work, and lower audit stress. It also improves visibility into our compliance status, helps keep owners accountable, and makes audits feel more predictable and efficient.
Best practice: use Secureframe continuously, not just right before an audit, to get long-term value and avoid last-minute gaps.
Seamless Integrations and Stellar Support—Secureframe Streamlined Our PCI & SOC Audits
What do you like best about the product?
The integrations with our internal systems are fantastic – Secureframe connects to our tools seamlessly, which automates so much of the compliance work that would otherwise be manual and time-consuming.
The platform itself is easy to use and intuitive, even for team members who aren't deep in the compliance world. But what really made the difference for us was the support from Secureframe's team during implementation. They were extremely helpful, responsive, and made sure we got set up properly.
Bottom line: Secureframe saved us an immense amount of time on our PCI and SOC audits. What could have been months of manual evidence collection and coordination became a much smoother, automated process. Highly recommended.
The platform itself is easy to use and intuitive, even for team members who aren't deep in the compliance world. But what really made the difference for us was the support from Secureframe's team during implementation. They were extremely helpful, responsive, and made sure we got set up properly.
Bottom line: Secureframe saved us an immense amount of time on our PCI and SOC audits. What could have been months of manual evidence collection and coordination became a much smoother, automated process. Highly recommended.
What do you dislike about the product?
The web app could be a bit more polished in places, though it's definitely usable and gets the job done. It's a minor thing that doesn't impact the core functionality.
I'd also love to see richer training resources – more in-depth guides or examples would help teams get even more value out of the platform. That said, the support team fills this gap well when you need help.
Overall, these are relatively minor points compared to the time savings and value we've gotten from the platform.
I'd also love to see richer training resources – more in-depth guides or examples would help teams get even more value out of the platform. That said, the support team fills this gap well when you need help.
Overall, these are relatively minor points compared to the time savings and value we've gotten from the platform.
What problems is the product solving and how is that benefiting you?
Secureframe is helping us maintain strong security practices and pass our PCI and SOC audits efficiently. Without it, compliance would require significant manual effort to collect evidence, track controls, and coordinate across teams. Secureframe automates much of this work, making audits achievable without pulling resources away from our core business. It also helps us actually be more secure, not just check boxes – the continuous monitoring catches gaps we might otherwise miss.
Effortless Compliance and Integration
What do you like best about the product?
I appreciate how Secureframe automates a ton of the data collection and monitoring required for SOC II and keeps all the info in one place. It does what it says on the tin and is very reliable. The interface is overall pretty straightforward and it integrates with a lot of the platforms we use. It saves time by having to manually update user access for certain platforms. It makes it so checks are more of a once in a while rather than something to closely monitor. I also like how it automatically reflects when someone has been offboarded from our HRIS.
What do you dislike about the product?
I can't seem to find an easy way to update my email and notification settings. Something more clear cut would be helpful. I don't think they exist at the moment so adding that as an option would be good.
What problems is the product solving and how is that benefiting you?
Secureframe automates data collection and monitoring for SOC II, saving time and keeping all info centralized. It integrates seamlessly with platforms, reducing manual updates and turning checks into infrequent tasks. It also auto-updates when staff leave, enhancing workflow efficiency.
Effortless Compliance with Stellar Support
What do you like best about the product?
I really enjoyed the people we've worked with so far on the partnership. The fact that Secureframe alerts me if anything is out of compliance is really helpful to keep everything organized in one secure area. The integration with tools like ADP and our Microsoft suite has been super beneficial. Additionally, Brandon, our point of contact for the account, has been absolutely fantastic, and he's been super helpful with answering any questions.
What do you dislike about the product?
I don't think there's anything for the time being. Honestly, a lot of the functionality is great. I would say maybe the only thing would be having more integrations with tools that they don't already have or being able to create our own integrations because sometimes we have tools that they don't have partnerships with already.
What problems is the product solving and how is that benefiting you?
I use Secureframe to automate compliance tasks, avoiding manual work and ensuring systems are up to date and functioning properly. It alerts me about compliance issues, helping keep everything organized in one secure area.
GRC Done Right
What do you like best about the product?
We tested Vanta, Drate, Sprinto, Auditboard and Secureframe. Overall, we felt Secureframe had the best multi-framework capabilities, easiest to navigate and fastest to use in terms of overall UI and feel. Their team has also been phenomenal to work with and very easy to do business with.
What do you dislike about the product?
At first, it can feel a bit overwhelming because there is so much to accomplish. This isn't really a problem with Secureframe itself, but rather reflects the broader challenges of GRC in general. I would appreciate seeing more agentic process automation and enhanced write capabilities through MCP, as these could help accelerate the workflow. More advanced reporting would also be welcome, like a print to pdf executive report of status changes and outstanding items.
What problems is the product solving and how is that benefiting you?
The problem of GRC observability and management. Its so much work, there is so much to do. Secureframe doesn't "do it for you" but provides a tool that can help supercharge your efforts and keep you on track, saving massive cost and time.
Effortless Compliance Achieved with Secureframe’s Intuitive Platform
What do you like best about the product?
What I like best about Secureframe is how it makes compliance feel manageable instead of overwhelming. The platform is intuitive and well-organized, with clear guidance at every step, so you always know what to do next. The automation saves a huge amount of time on evidence collection and ongoing monitoring, and the support team is truly a standout—responsive, knowledgeable, and genuinely invested in your success. Thanks to Secureframe, within just 18 months we were able to achieve both SOC 2 Type II and ISO 27001 compliance, turning what could have been a complex, stressful process into something streamlined, transparent, and achievable.
What do you dislike about the product?
One area where Secureframe could improve is around integrations with certain tools. While many integrations work well, some evidence didn’t transfer as seamlessly as expected, and we had to recreate a portion of it manually. With a bit more flexibility or refinement in how data is mapped and imported from other systems, the experience would be even smoother and reduce some of the extra effort during setup.
What problems is the product solving and how is that benefiting you?
Secureframe solves the challenge of managing complex security and compliance requirements in a structured, scalable way. Before using Secureframe, maintaining SOC and ISO compliance felt manual and difficult to sustain over time. Now that we’re compliant with both SOC and ISO, Secureframe provides a seamless, centralized portal to stay current—handling ongoing monitoring, evidence collection, and reminders so nothing falls through the cracks. This has significantly reduced administrative overhead, increased confidence in our compliance posture, and allowed our team to focus on core business priorities instead of compliance maintenance.
Effortless SOC2 Compliance and Audit Success with SF
What do you like best about the product?
SF makes achieving SOC2 compliance quite straightforward. Nearly everything—about 95%—is managed within their platform, which is convenient because it gives you a consistent and reliable overview of your compliance status at any time. This setup also simplifies things for auditors, provided they accept SF as a compliance platform; the more documentation and evidence you have stored there, the less you need to gather and present manually.
We've been using SF for approximately a year and a half and have successfully passed two SOC2 Type II audits during that time. Looking back, I can confidently say that managing compliance would have been much more challenging without a dedicated platform, so in that respect, SF definitely adds value.
I also appreciate the customizable trust center feature. Another positive aspect is that SF doesn't aggressively push you to purchase a lot of additional modules, unlike many other SaaS providers. While there are extra features available, their approach to upselling is quite relaxed.
We've been using SF for approximately a year and a half and have successfully passed two SOC2 Type II audits during that time. Looking back, I can confidently say that managing compliance would have been much more challenging without a dedicated platform, so in that respect, SF definitely adds value.
I also appreciate the customizable trust center feature. Another positive aspect is that SF doesn't aggressively push you to purchase a lot of additional modules, unlike many other SaaS providers. While there are extra features available, their approach to upselling is quite relaxed.
What do you dislike about the product?
It has its issues but you kind of learn to work around them eventually. Integrations to various services sometimes break in mysterious ways but they do get fixed. Usually not SF's fault but that is how we (customers) see it of course.
Timed tasks sometimes still expire even if you upload evidence before the expiry date.
Mostly small things.
Timed tasks sometimes still expire even if you upload evidence before the expiry date.
Mostly small things.
What problems is the product solving and how is that benefiting you?
Keeps us SOC2 compliant and eventually ISO 27001, too.
Streamlining Compliance at Scale
What do you like best about the product?
The automation of evidence collection is a game-changer for a lean IT team. Integrating directly with our tech stack—AWS and GitHub—means we aren't chasing down screenshots or manual logs every time an audit window opens. The platform’s ability to map a single control across multiple frameworks (like SOC 2 and PCI DSS) saves us an incredible amount of redundant work. It truly turns compliance from a "fire drill" into a background process.
What do you dislike about the product?
The initial mapping of custom internal processes to their standard controls can take some focused effort. While the library of pre-built policies is extensive, tailoring them to fit the specific operational nuances of a logistics-heavy business required a bit more back-and-forth with our CSM than I originally anticipated. However, once that foundation was set, it has been smooth sailing.
What problems is the product solving and how is that benefiting you?
As we scale, the complexity of our vendor ecosystem and data footprint grows. Secureframe solves the "compliance debt" problem. Instead of spending weeks preparing for an audit, we have a real-time dashboard that shows our posture 365 days a year. It has significantly accelerated our ability to pass vendor security reviews from enterprise partners, directly benefiting our bottom line by unblocking sales cycles. It also gives me peace of mind that our cloud configurations aren’t drifting out of compliance.
Streamlined Questionnaire Process with AI Assistance
What do you like best about the product?
I like that Secureframe makes it easy to upload information and it only takes a couple of minutes to get a large chunk of the form filled out. It's viable for me because I can fill out forms quicker for onboarding companies, which helps close deals faster, shortens the sales cycle, and makes it easier for my compliance team to complete the rest.
What do you dislike about the product?
Not all of the questions are filled out in the questionnaires. In fact, most are not filled out, which is a bit disappointing. Some of the answers are guesses, and although they inform you of this, I would have hoped for more of the questions to be filled out automatically.
What problems is the product solving and how is that benefiting you?
I use Secureframe to fill out tedious security questionnaires quickly. It auto-completes sections with AI and past data, saving time and helping my compliance team. This speeds up onboarding and shortens the sales cycle, even though not all questions are completed automatically.
Centralized Security Solution with AI Limitations
What do you like best about the product?
I like that Secureframe provides a single source of truth, which is really helpful for maintaining consistency in security reviews. I also appreciate the SSO login feature, which simplifies accessing the system. The onboarding process has been easy for me, which makes it convenient to get started with using Secureframe.
What do you dislike about the product?
The AI doesn't do as good of a job on first pass answers on security reviews as it could. Some of the answers are wrong or missing.
What problems is the product solving and how is that benefiting you?
Secureframe provides a central system for security reviews, acting as a single source of truth.
showing 1 - 10