Reviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
761 reviews
from
External reviews are not included in the AWS star rating for the product.
Smooth SOC2 Compliance with Exceptional Support
What do you like best about the product?
Secureframe made preparing for our SOC2 audit straightforward and stress free. The platform provided an easy way to centralize all required information, making it simple to track progress and stay organized. The integrations were quick to set up and worked seamlessly with our existing tools. Our Customer Success Manager, Coletta Edison, was both knowledgeable and highly responsive, providing valuable guidance that helped us complete our audit efficiently. We met with her frequently and she was so helpful every time we connected with her. The overall experience left us feeling well prepared for future compliance cycles and I expect to use it moving forward.
What do you dislike about the product?
I don't have much criticism of the product. We provided feedback along the way and I believe it is being addressed in a future update. Mainly the abililty to customize timing and followup schedules for our team's compliance acceptance and training.
What problems is the product solving and how is that benefiting you?
The main problem Secureframe solves for us is organizing our information to complete our annual SOC2 compliance audit quickly and efficiently. It's nice to have it all in one place for the future too.
Secureframe - The Magical Automation Behind Continuous Compliance
What do you like best about the product?
For me, as a cybersecurity professional concentrated in automating at scale compliance processes, Secureframe quickly emerged as an obviously impactful product that made all the messy manual steps into this smooth sailing workflow. Using the platform supported by an API-first approach, we can bring various custom scripts and other internal tools (like SIEM and PAM solutions) into the compliance framework. It has been invaluable in automating the collection of evidence for controls that do not have standard integrations (e.g., our in-house IAM system).
Accurate real time monitoring and anomaly detection are outstanding. A simple example: Secureframe flagged an accidental misconfiguration of our cloud storage permissions, which could have been access to sensitive audit logs — a vector that was not covered by any of our existing tools. Mapping controls across multiple frameworks (SOC 2, ISO 27001, NIST CSF) in one single dashboard removes the duplicates we were locked into with non-integrated spreadsheets or point solutions.
Accurate real time monitoring and anomaly detection are outstanding. A simple example: Secureframe flagged an accidental misconfiguration of our cloud storage permissions, which could have been access to sensitive audit logs — a vector that was not covered by any of our existing tools. Mapping controls across multiple frameworks (SOC 2, ISO 27001, NIST CSF) in one single dashboard removes the duplicates we were locked into with non-integrated spreadsheets or point solutions.
What do you dislike about the product?
The automation options are impressive, but the scripting interface for creating something more advanced like a custom integration does not have the extent of an IDE. Bug in complex workflows benefit request that requires some back and forth from support. Also, the ability to customize scores within the risk assessment module tying into our internal risk appetite metrics could be a bit more granular.
What problems is the product solving and how is that benefiting you?
What Secureframe Solves: Scalability and Audit Fatigue So where exactly does Secureframe come into play? We have automated 90% of evidence collection and control testing, saving more than 40% in compliance-related FTE hours annually. For reference, our prior SOC 2 Type II audit required 8 hours of prep time on our end as opposed to 3 weeks pre-Secureframe.
It is also the bridge between security and DevOps. Using Terraform support, compliance checks will now be configured to be created in CI/CD pipeline wherein before every deploy of new infrastructure, the pipeline would ensure that the proper controls are met. The shift-left approach has reduced remediation costs by 60% and changed compliance from the end-of-the-line bottleneck to a collective action.
It is also the bridge between security and DevOps. Using Terraform support, compliance checks will now be configured to be created in CI/CD pipeline wherein before every deploy of new infrastructure, the pipeline would ensure that the proper controls are met. The shift-left approach has reduced remediation costs by 60% and changed compliance from the end-of-the-line bottleneck to a collective action.
SOC2-related audit support
What do you like best about the product?
I like the user interface and ease of navigation within SF. I also appreciate the integrations with our existing applications.
What do you dislike about the product?
In some cases (e.g. Paylocity) useful integration was not possible because certain extraneous but highly sensitive personal information could not be filtered out.
What problems is the product solving and how is that benefiting you?
SF is helping us solve SOC2 compliance and related audit support. This is invaluable to enterprise clients and for best-practice governance as well.
A Seamless Path to SOC 2 with a Truly Supportive Partner
What do you like best about the product?
Our experience with Secureframe has been nothing short of amazing. Going into our SOC 2 journey, we weren’t entirely sure what to expect, but the platform made everything feel straightforward and manageable. The tools are user-friendly, the integrations saved us countless hours, and the real-time tracking kept everyone on the same page.
What truly made the difference, though, was our Customer Success Manager. He was incredibly responsive and he always available to answer our questions, walk us through best practices, or just check in to make sure things were running smoothly. He also made a point to keep us updated on new features and improvements as they rolled out, which helped us take full advantage of the platform as it evolved.
Thanks to Secureframe, we not only achieved compliance but built stronger internal processes in the process. It felt less like working with a vendor and more like working with a partner who genuinely cared about our success. Highly recommend!
What truly made the difference, though, was our Customer Success Manager. He was incredibly responsive and he always available to answer our questions, walk us through best practices, or just check in to make sure things were running smoothly. He also made a point to keep us updated on new features and improvements as they rolled out, which helped us take full advantage of the platform as it evolved.
Thanks to Secureframe, we not only achieved compliance but built stronger internal processes in the process. It felt less like working with a vendor and more like working with a partner who genuinely cared about our success. Highly recommend!
What do you dislike about the product?
Secureframe has a lot of powerful features, but I found the initial onboarding experience a bit overwhelming. The platform presents a ton of information up front, which can make it difficult to know where to start, especially for teams going through their first compliance process. There's definitely a learning curve, and without prior experience in frameworks like SOC 2, it can feel like information overload.
That said, once you get familiar with the layout and workflows, the platform does become more intuitive. And while the tool itself could benefit from a more guided, step-by-step learning experience, the support team and Customer Success Managers are responsive and helpful when you reach out.
Overall, Secureframe has solid potential, but I’d love to see a more beginner-friendly approach for first-time users, especially those managing compliance on small or resource-limited teams.
That said, once you get familiar with the layout and workflows, the platform does become more intuitive. And while the tool itself could benefit from a more guided, step-by-step learning experience, the support team and Customer Success Managers are responsive and helpful when you reach out.
Overall, Secureframe has solid potential, but I’d love to see a more beginner-friendly approach for first-time users, especially those managing compliance on small or resource-limited teams.
What problems is the product solving and how is that benefiting you?
Secureframe is helping us solve the complexity and time-consuming nature of managing compliance, specifically for SOC 2. Before using the platform, we weren’t sure how to approach the process efficiently or confidently. Secureframe simplifies that by automating evidence collection, integrating with our existing tools, and giving us a clear, centralized view of our compliance posture.
The biggest benefit has been time savings and peace of mind.
The biggest benefit has been time savings and peace of mind.
Great for lean businesses
What do you like best about the product?
The SecureFrame system makes it very easy to get started with SOC2. The framework of tests and evidence they provide (in conjunction with great auditor partners) takes away the need to have pricey consultants.
Onboarding is simple, with many integrations if your infrastructure and other tools are largely cloud-based/SaaS. Your Customer Success contact will happily spend time with you to answer questions and make sure you are successful.
The largest benefit as a lean team, in my opinion, is the ability to set everything up properly, and then not need to spend much time year over year worried about the next audit. Not needing to use the software on a daily basis is huge, as the team can instead focus on more customer-facing matters.
Onboarding is simple, with many integrations if your infrastructure and other tools are largely cloud-based/SaaS. Your Customer Success contact will happily spend time with you to answer questions and make sure you are successful.
The largest benefit as a lean team, in my opinion, is the ability to set everything up properly, and then not need to spend much time year over year worried about the next audit. Not needing to use the software on a daily basis is huge, as the team can instead focus on more customer-facing matters.
What do you dislike about the product?
While it's great that SecureFrame has integrations, there's still a good chance that for some aspects you'll have to fallback to manual evidence collection. The tests can also be fairly rigid, and won't handle alternative solutions well. It's best to have a decent understanding of SOC2 so that you can work with your auditors to ensure you're not doing needless work that has no benefit other than turning a SecureFrame test green.
What problems is the product solving and how is that benefiting you?
SecureFrame solves our SOC2 compliance needs. In our space, this is required by many larger and/or more sophisticated clients.
Very helpful in organizing needs for audit.
What do you like best about the product?
I really like the automated evidence collection, this feature is very helpful as it reduces the manually work on the team to collect these evidence.
What do you dislike about the product?
need more integrations options with certain vendors, would like to integrate with other vendors used by company but they are not available. Custom integrations would be helpful.
What problems is the product solving and how is that benefiting you?
Audit Management, helps with organizing and drive work needed for audit and compliance.
Straightforward experience
What do you like best about the product?
Easy to use, hands-on onboarding and support
What do you dislike about the product?
Takes a long time to get setup, more could be automated
What problems is the product solving and how is that benefiting you?
Getting SOCII compliance
Easy to use product for compliance management
What do you like best about the product?
What I like best about SecureFrame is how straightforward it makes to manage our compliance program. Everything is organized, automated, and easy to follow. The platform makes it clear what needs to be done and when. I also appreciate how quickly I can find the information I need, and the support has been amazing from the whole org.
What do you dislike about the product?
It is still a fairly new product, so there are some bugs and weird workarounds here and there, but support has always been helpful in resolving those as they come up.
What problems is the product solving and how is that benefiting you?
SecureFrame helps us manage compliance without the manual tasks. Before, we were tracking requirements in spreadsheets, hunting down documents, and spending too much time coordinating different teams. Now, everything is in one place, tasks are easily assigned, and I can see our progress at a glance. It saves us time and makes audits much easier.
Fantastic for SOC2 prep
What do you like best about the product?
- Phenomenal integrations, being able to sync with Azure, Entra, and Google Cloud has been indispensable.
- 'Steps to pass this test' is an incredible time saver
- Collaboration features with the team such as assigning and leaving notes is very helpful.
- 'Steps to pass this test' is an incredible time saver
- Collaboration features with the team such as assigning and leaving notes is very helpful.
What do you dislike about the product?
- Sometimes it is unclear exactly how secure frame is determining compliant with endpoints. For example, in Intune the device will show as complaint, but still not passing password policy. We deploy the policy, but it doesn't seem to help no matter what we do,
- When we first were adding admins, it didn't seem to allow signing in until they were invited and clicked the link. Even after setting up SAML SSO and having the users added and assigned admin permissions, it didnt want to let them sign in,
- When we first were adding admins, it didn't seem to allow signing in until they were invited and clicked the link. Even after setting up SAML SSO and having the users added and assigned admin permissions, it didnt want to let them sign in,
What problems is the product solving and how is that benefiting you?
Great for tackling SOC2 for the first time, knowing what to do.
Great Customer Supper
What do you like best about the product?
SecureFrame has made our SOC 2 Compliance possible. Their platform lists every requirement and provides quick view of what tests are failing or passing. Additionally, anytime we have a question, their support team is quick to answer. They are always working to improve as well - taking our feedback and implementing solutions.
What do you dislike about the product?
Although SecureFrame has many integrations, we use software that is not yet integrated. This means that we have to upload some pieces of evidence manually instead.
What problems is the product solving and how is that benefiting you?
For various reasons, our company needs to be SOC 2 Type 2 Compliant. With SecureFrame, we are able to accomplish this through thier easy to navigate software.
showing 121 - 130