What do you like best about the product?

What I like best about Secureframe is how intuitive and customizable the platform is. It allows me to tailor compliance workflows to each client's unique environment while keeping everything easy to manage and audit-ready.

What do you dislike about the product?

While Secureframe is a powerful and user-friendly platform, one area that could be improved is the flexibility of some evidence automation workflows. In more complex client environments, especially where systems fall outside standard integrations, there can be limitations that require manual workarounds. Expanding custom integration support or allowing more configurable evidence logic would make the platform even more robust.

What problems is the product solving and how is that benefiting you?

Secureframe is solving the complexity and overhead associated with managing multiple compliance frameworks like ISO 27001, SOC 2, and GDPR. As a consultant supporting clients across different industries and maturity levels, the platform enables me to centralize evidence collection, automate control monitoring, and align documentation to audit requirements with minimal friction. This significantly reduces the time and manual effort needed to get clients audit-ready, improves accuracy, and allows me to deliver a more streamlined, scalable service.

What do you like best about the product?

Secureframe has been instrumental in our SOC 2 compliance journey. The platform's intuitive interface makes navigating complex compliance requirements much more manageable than trying to tackle everything manually. What really impressed me was how the dashboard breaks down each compliance control into clear, actionable tasks with real-time progress tracking.

The implementation process was surprisingly straightforward, we were up and running within a few days rather than the weeks I had anticipated. The automated evidence collection through integrations with our existing tools (AWS, Google Workspace, etc.) has saved us countless hours of manual work. Instead of scrambling to gather documentation during audit time, everything is continuously monitored and organized in one central location.
I use Secureframe daily to monitor our compliance status and track progress on remediation tasks. The frequency of use speaks to how central it's become to our security operations, it's not just an audit time tool but an ongoing compliance management system.

The customer support team deserves special recognition, they're incredibly responsive and knowledgeable. Whenever I've had questions about specific controls or needed clarification on evidence requirements, I've received detailed responses within hours, not days. The onboarding process was smooth, and our assigned customer success manager really understood our specific needs and timeline.

The policy management features are also excellent. Having all our security policies, employee training, and acknowledgments centralized in one platform has streamlined our HR processes significantly. New employee onboarding now includes automatic policy assignments and training modules, which has been a game changer for maintaining compliance as we scale.

What do you dislike about the product?

The integration catalog, while comprehensive, doesn't cover every tool we use. We had to handle some evidence collection manually for a few legacy systems, which wasn't ideal but manageable. It would be helpful to see more integrations added, especially for older enterprise software that many companies still rely on.

Some of the automated tests can be overly sensitive, flagging minor configuration changes that don't actually impact compliance. This creates some noise that requires manual review to determine if action is truly needed. While the automated monitoring is generally excellent, fine-tuning these sensitivity levels would reduce false positives and make the alerts more actionable.

What problems is the product solving and how is that benefiting you?

We needed to achieve SOC 2 Type II certification to close deals with enterprise customers, and Secureframe has made this complex process manageable for our small security team. The platform solved our biggest challenges: organizing evidence collection, maintaining continuous compliance monitoring, and preparing for the actual audit.

The automated monitoring gives us confidence that we're staying compliant between audits, and the audit ready evidence collection has significantly reduced the stress of working with our external auditors. We've been able to focus on actually improving our security posture rather than just scrambling to document it.

The time savings have been substantial, what would have taken weeks of manual effort now happens automatically in the background, allowing our team to focus on strategic security initiatives rather than compliance busy work.

What do you like best about the product?

What I like best about Secureframe is its automation. It pulls evidence directly from tools like AWS, Okta, and Jira, cutting audit prep time drastically. Policy templates, vendor reviews, and real-time compliance tracking make it a solid one-stop shop for managing frameworks like SOC 2 and ISO 27001.

What do you dislike about the product?

Rigid workflows — not flexible for custom processes.

Weak custom framework support — great for SOC 2, but clunky beyond that.

Evidence uploads — recurring tasks can feel repetitive and manual.

Basic alerting — limited control over who gets what notifications.

Vendor management — useful but underdeveloped.

Solid platform, but definitely room to grow.

What problems is the product solving and how is that benefiting you?

Secureframe solves the headache of manual compliance management. It streamlines the entire audit process by automating evidence collection, task tracking, and policy management. That reduces overhead, saves time, and keeps us audit-ready year-round.

The biggest benefit? Less scrambling, more structure — and we can focus on improving security posture instead of babysitting spreadsheets.

What do you like best about the product?

The UI is intuitive and user-friendly (I use it daily). It offers comprehensive automated test coverage for compliance controls, with clear guidance and real-time feedback on tests and evidence.

What do you dislike about the product?

The range of available integrations is more limited compared to competing solutions.

What problems is the product solving and how is that benefiting you?

I use Securframe to support SOC 2 compliance tracking and audits. Its automated tests and evidence collection features help streamline and accelerate the compliance process.

What do you like best about the product?

In terms of creating lists of users, devices, services, vendors and tracking their compliance, Secureframe is great. The interface is fairly easy to figure out once you learn your way around. It has good tools for finding what shortcomings you still have and keeping on top of ongoing compliance for various factors.

Additionally, the onboarding process is simple and easy for users. The little training videos are nice a short but to the point so there isn't much incentive to skip since it only saves 45 seconds. :) Background checks were easy to implement and listing the policies... well, it's a list of policies. "I agree" buttons will be blindly pushed.

The support has also been supurb, quickly responding and fixing issue that arise.

What do you dislike about the product?

The integrations can be a little wonky. Aside from not having some things you'd assume would be there, like antivirus, the integrations that exist can behave unexpectedly. For example, due to HR software taking precidence over

What problems is the product solving and how is that benefiting you?

We are starting our security framework from scratch and Secureframe has been an incredible help with that. In the future I can see it will be very useful for monitoring and maintaining compliance.

What do you like best about the product?

We've been working through PCI compliance requirements for our organization, and SecureFrame has been an invaluable partner in that process. What really stands out is their intuitive, well-designed UI. It breaks down each compliance requirement into actionable tasks and clearly shows what’s needed to pass every test. This has made what can be a complicated and overwhelming process feel organized and manageable.

Beyond the technology, their team has been excellent. They're friendly, knowledgeable, and always willing to help. Whenever I've had questions or needed clarification I've been able to reach out to my contact and get the answers I needed. Getting started with SecureFrame and having access to the frameworks I needed was a breeze and I was even able to add and remove what frameworks I needed mid-stream without any issue. I've used the SecureFrame nearly everyday tracking my progress and working compliance since we've started using it and couldn't imagine trying to get this all done any other way at this point.

Another excellent feature I'd like to point out is the ability to easily integrate HR resources into their system so on-boarding new employee's and getting them up to speed is nearly seamless. SecureFrame has all the policies and training built into their system so new employees simply login to their account and are presented with an easy to use interface that provides them with training videos that are accompanied with questions and policy acceptance. Policy changes or annual training? all handled through the same interface and SecureFrame even has a feature for automatically emailing employees and having them accept new/modified policies as well as new training or mandatory annual training. There's honestly no easy way I could keep track of this on my own so the fact that I'm able to just let SecureFrame handle has been invaluable.

We're currently preparing for our QSA audit and its been a long road but it would have been even longer had we not hired SecureFrame to help us through the process. Had we not used them, I would not feel as confident as I do about passing our upcoming audit so the peace of mind alone has been worth it all. I seriously recommend using them if you need to start your compliance journey.

What do you dislike about the product?

There are actually very few things I dislike about SecureFrame. I think at this time the only thing I can mention is maybe the meeting lengths. Time with your consultant is limited a hard 30min limit with no option to book more time automatically. In most cases 30min has been plenty of time but there has been cases where a 45-60min meeting would have been much better, especially in the beginning when you're learning and trying to wrap your head around everything. It's not a huge deal because you can book more time with a few clicks of your mouse but that time might be days later. Generally though, this isn't a huge deal and certainly shouldn't discourage anyone from their service because as I've said, 30min is usually more than enough time.

What problems is the product solving and how is that benefiting you?

Becoming PCI compliant is a HUGE complicated task and without their help I'm not sure where we would be without them.

What do you like best about the product?

It was very easy to follow the instructions and complete the process of ISO certification, most of the steps were automated. Using their software is easy to make sure the device is secured. I would recommend it to everyone who wants ISO certification.

What do you dislike about the product?

I don't have anything that I don't like about Secureframe.

What problems is the product solving and how is that benefiting you?

Making sure that the device is secured and a user is informed and following ISO-related recommendations.

What do you like best about the product?

It has plugins for most of the products/applications that typically needs to be integrated in the platform for compliance in the small Businesses . The documentation is exhaustive and more intuitive. The support from Secureframe in person over mails and calls and support desk is excellent. People providing support knows the product well to get you started quickly and make you feel confident to secure ISO certification and maintain in future. We are still in the process of securing the ISO certification but our journey so far with Secureframe is satisfactory.

What do you dislike about the product?

Actually, there isn't much to dislike about. other than enhancement in their secureframe agent (end point security) installation where the message is not shown at the end of installation that the agent is installed successfully or if there are errors.

What problems is the product solving and how is that benefiting you?

Its helping us identify security lapses/mis configuration along with possible remedies to overcome them.

What do you like best about the product?

Very strong sales process, solid product. Our team was impressed with the understanding of the support we needed and offering a solid solution. The support as we navigate SOC2 has also been great, the team is very knowledge and willing to help, even the simplest of questions.

What do you dislike about the product?

We should have been informed that we needed a PEN test, we are new to compliance so that was an unexpected cost.

What problems is the product solving and how is that benefiting you?

We are going to be compliant, have policies in place and make the sales process with prospective clients easier!

What do you like best about the product?

It helped us streamline our workflows and makes a timely intensive process easier.

What do you dislike about the product?

Nothing comes to mind. I liked the service.

What problems is the product solving and how is that benefiting you?

Secureframe helped us manage our Soc 2 type 2 certification process.