Wir helfen Unternehmen seit 17 Jahren,
bessere Software zu finden
Über Secureframe
Secureframe unterstützt Unternehmen, indem es die SOC 2- und ISO 27001-Compliance optimiert. Erreiche Compliance innerhalb von Wochen.
Secureframe helped us become SOC ready and was easy to use.
Initial onboarding can be problematic. Sign up links should be available for 7 days vs. 24 hours as onboarding a new joiner can take longer than a day.
Nutzerbewertungen filtern (21)
Nutzung
Sortieren nach
Nutzerbewertungen filtern (21)
Easy to stay organized and rest assured that we're compliant
Kommentare: Secureframe ensures that our team's policy documentation is recorded and kept up to date, and requires that every employee go through annual training on these policies and more. It makes it easy for our HR and IT teams to know who has accomplished the required tasks on time, and can send out personalized reminders to those who have yet to do so. It also automatically pulls Common Vulnerabilities and Exposures data for our connected integrations, which helps our team prioritize security tasks.
Vorteile:
Any time there is a task that needs to be done, an email is sent out by Secureframe with explicit instructions on how to accomplish it. Whether that be a new employee going through onboarding, annual SOC 2 compliance, or verifying that security policies are up to date, Secureframe ensures that the important tasks are completed in a timely manner. It would be chaos to try and manage all of this another way, and our team breathes easy knowing that we're covered by their software.
Nachteile:
Our team receives security questionnaires at least weekly from our prospective customers, which can come in a variety of formats (Excel, Word, external site, etc). While there is a questionnaire library feature within Secureframe, it is currently limited to being able to read and fill out Excel spreadsheets. If this were the only way we received questionnaires, it would be perfect. Alas, that's not the world we live in. Thankfully, the Secureframe success/support team has been receptive to feedback around how this could be improved and have relayed those thoughts to their Product team.
First Time CTO
Kommentare: I had a great experience with the service and would likely use it again in the future.
Vorteile:
The friendly support staff answered every question I had about the process or what needed to be documented in relation to the SOC2 certification I was looking to achieve. The many integrations removed a lot of work I would need to do in order to verify my cloud environment along with my other venders. They broke down the process into many steps allowing me to do a bit at a time and eventually get audited.
Nachteile:
Like i said in the pros section, I enjoyed how they broken down the process into many different steps. Some of those steps were vague and i needed to contact Secureframes support to learn what I needed to do in order to complete the task. Like I said the support staff were great but I think the examples or explanations could have been better so I would not need to chat / email / call the support in the first place.
Solid Security Tool
Vorteile:
Secureframe is actively developing its platform so missing features are usually on the roadmap
Nachteile:
There is a general lack of work management integrations so all work has to be tracked in Secureframe itself. This gives my team multiple sources of truth.
SecureFrame is an invaluable tool for CTOs
Kommentare: PCI Compliance is a truly daunting process, but SecureFrame helps me understand what exactly we need to do as an organization to stay compliant. Even with SecureFrame, there is still a lot of ongoing work that needs to be done.
Vorteile:
SecureFrame is easy to setup, and integrates with nearly every application our business uses. It has saved us having to hire someone to monitor PCI compliance.
Nachteile:
Probably the one issue I have is that when meeting the criteria for a "test", the system requires you to upload a document when often all that is required is an attestation or verbal explanation of how your company meets that critiera.
Excellent Solution for tracking Compliance, Security, SOC2
Kommentare: Super easy to manage and complete trainings, track overall team compliance status and nudge people and track expirations.
Vorteile:
Very helpful interface, super easy to follow and manage tasks, both as an admin and employer
Nachteile:
Initial onboarding can be problematic. Sign up links should be available for 7 days vs. 24 hours as onboarding a new joiner can take longer than a day.
How Secureframe Revolutionized Our ISO 27001 Compliance Process
Kommentare:
We just completed our annual surveillance audit, and it went incredibly smoothly. Our external auditor, who’s quite old-school, was initially skeptical of Secureframe, especially its ability to integrate with our systems and provide real-time compliance evidence. By the end of the audit, he said it was the best compliance tool he’d ever seen and planned to recommend it to his clients.
If that wasn’t enough, their support team is fantastic. Our Customer Success Manager, [sensitive content hidden], is super responsive, often replying to emails within the hour. If he can’t address something immediately, he loops in his team, and they follow up just as quickly.
We couldn’t be happier with Secureframe and are excited to expand its usage as our business scales and we explore support for more frameworks.
Vorteile:
We used Secureframe to streamline our ISO 27001 compliance efforts. Before that, we worked with consulting companies that either had their own, not-so-great compliance tools or had us managing everything manually with Excel files and Dropbox—an incredibly tedious process. A colleague recommended Secureframe, and it’s been a complete game changer for us. The integration features are outstanding. We connected it to our Azure account (and other SaaS platforms we use), and it immediately identified configuration changes we needed to make. The system provided easy-to-follow instructions to help us harden our setup and ensure compliance with our policies. This automation not only made the process smoother, but it also simplified showing evidence of controls to auditors. Secureframe’s built-in content management system for policies is another great feature. It tracks version history and allows employees to log in and review policies based on their roles. This ensures everyone is reviewing the required policies annually for compliance. I also found the Vendor section extremely useful. It enables us to assess and rate the risks associated with our suppliers and keep track of their compliance documents. The integrated risk register is another standout feature. While I could go on about many more features, these are the ones that have been particularly impactful for us.
Nachteile:
From an integration standpoint, all of our major cloud and SaaS suppliers are included, but I wish there were a few more options, or if some of the integrations were a little more robust.
Secureframe: An ISO 27001 Game Changer!
Vorteile:
Single repository and pane of glass for all things GRC. In our case we have an urgent imperative to get ISO 27001 Certified by year end. Tremendous value compared to Vanta and Drata. Great onboarding experience and dedicated account manager have made this process so much easier. The interface is logical, easy to navigate, and we were up and running in no time at all. I love how tests are cross-mapped to controls. The tests also rpovide clear guidance and instructions so providing suitable evidence and workarounds has proven quite easy. I also have to say our advisor has been great; she is a GRC professional, an auditor I believe so we are getting first-class consulting for the price of admission. I have learned so much from her, not just about Secureframe but about ISO in general. Secureframe also has numerous conteatcs in terms of audits, pen testing and so forth, so again, everything is provding to be so easy for us. I coudl not imagine meeting this urgent complaince goal without this partnership.
Nachteile:
Some of the integrations (Azure, for example) rendered less than great results or could not connect for some reason (probably on MS side). You can bypass these however, by other means, so this is not really a stopper in my view. Other platorms provide a real-time comparison for other frameworks, even though you have not paid for them. I was told that we can request to see what out status would be at any time, however.
Great way to simplify SOC2 compliance and tracking
Kommentare: Implementation was easy, and provided policy docs helped us have a great starting point. They also had a great customer success team to help us get things going, and partners for low cost, but reputable, audits and penetration tests. We have used it for SOC2 type 1 and type 2.
Vorteile:
It was extremely simple to get started, and they have everything we needed to get SOC2 compliant and maintain monitoring without having to go through a lengthy process. For a startup where SOC2 is important, but our team doesn't have budget for a dedicated security and compliance team, it was great. The integrations with the 3rd party applications for ongoing monitoring were great, and the continuous compliance checklist is helpful as well. We have used it for SOC2 type 1 and type 2.
Nachteile:
The device management and asset tracking could be better, but seems to be improving. I also wish the tasks for team members for ongoing activities like yearly security trainings, device management, etc. would be more clear. Last, adding HIPPA compliance checklists without a significant additional cost or separate process would be nice.
Streamlined Compliance with Minimal Effort
Vorteile:
Secureframe provides a seamless way to manage and automate compliance processes, saving significant time and effort. The intuitive interface, robust integrations with tools like AWS and Google Workspace, and the clear guidance for SOC 2 and ISO PCI-DSS audits make it invaluable. The ability to continuously monitor systems and simplify evidence collection is a game changer for ensuring audit readiness.
Nachteile:
the setup process can feel a bit overwhelming initially without proper guidance, though their support team is helpful. It would also be beneficial to have more customization options for smaller, niche compliance frameworks.
Easy to use
Vorteile:
The guidance provided to resolve issues was thorough and easy to follow
Nachteile:
No terraform support for issue resolution
Best GRC on the market
Kommentare: I have been using Secureframe for two years. The platform is very easy to navigate and integrate with vendors and keep your policies and procedures organized. The ease of onboarding is a plus.
Vorteile:
Easy to implement and excellent customer success management team.
Nachteile:
Nothing negative to report. Things have been working out just fine.
Easy to Use
Kommentare: Very thankful for Secureframe. It has been very helpful in preparing for our upcoming ISO audit.
Vorteile:
Secureframe was very easy to use and makes ISO compliance understandable
Nachteile:
Sometimes it is not obvious how to do something in Secureframe, however I have a contact who is very responsive and helpful with my questions so that hasn't been a major issue.
Secureframe makes audit readiness a breeze
Kommentare: The experience with Secureframe was great from start to finish. They were just and email or call away if help was needed.
Vorteile:
Secureframe helped us become SOC ready and was easy to use.
Nachteile:
Some of the step by step remedies were a little out dated, but still invaluable.
Secureframe UI
Vorteile:
very easy to use the UI and the flow of info
Nachteile:
Some say that Secureframe limits access for non-users, which can impact collaboration
Secureframe will help get you where you need to be !
Kommentare: Excellent service. Extremely knowledgeable staff . Very prompt to answer questions that arise throughout the process. I highly recommend their services.
Vorteile:
They genuinely want to see you succeed. They are always responsive and demonstrate true professionalism. Highly recommend their services and I personally look forward to all of out future interactions.
Nachteile:
There was really no downside to my interactions with Secureframe.
Great Tool for Compliance and Audit
Kommentare: We've been using Secureframe for one of the clients to organize all the evidence for SOC audits and it's been really helpful to present to the auditors.
Vorteile:
Great tool to collect and organize the evidence for audits
Nachteile:
needs constant verification of instance running on each system. Maybe automation to automatically register or detect.
In Betracht gezogene Alternativen:
Review of Secureframe
Vorteile:
Easy to set up, very good customer support and help.
Nachteile:
A bit pricey, and did not fully understand how to add new plans.
Made Getting SOC 2 Type I a breeze. Easily saved hundreds of hours
Kommentare: Secureframe helped us secure our SOC 2 Type 1 incredibly quickly, which was instrumental to helping us unblock some of our enterprise opportunities and move along deals. Plus, it also helped our company start taking security more seriously as we continue to grow and scale.
Vorteile:
Secureframe’s platform made getting our SOC 2 super easy and easily helped us save hundreds of hours of time and engineering resources. The software helped streamline the evidence collection process, vendor management, policy creation, and even security awareness training. It literally did almost everything we needed to get SOC 2 compliant. I was impressed with the breath of integrations. They helped save a lot of time with pulling in evidence from our existing vendors. Finally, the support is really top notch. Anything we had a question, we got a response within 24 hours, sometimes within just hours. We always felt like Secureframe was there for us.
Nachteile:
Reality is, you still have to read over the policies and make sure you’re setting up the integrations properly. But, I felt like Secureframe’s team was there to help us with any questions we had and get us moving through the process quickly.
Great product, great team
Kommentare: Using Secureframe to complete SOC audits. Very happy with the product, as well as the level of support our team has received from the Secureframe customer success team.
Vorteile:
Platform is very easy to use for folks like myself who are not compliance/security experts. Easy to see all data and what needs to be done in one place.
Nachteile:
Some workflows are still manual, but the team is working on automation.
Fantastic Customer Service & Onboarding Experience
Vorteile:
Secureframe makes it possible for small shops to finally overcome the daunting task of becoming SOC II Type I and Type II compliant. The best part about picking Secureframe is you'll get access to their customer support team via Slack and recurring meetings as you prepare for your audit. I also thought the platform was intuitive, which made it easy to track where you and your team are at any point in the process. If you're looking for a way to become compliant quickly - look no further!
Nachteile:
You occasionally have to provide a screenshot if you have a product that they haven't yet integrated with. However, the platform makes it incredibly easy to upload and track evidence (screenshots). Overall, they provide a great alternative when/if needed.
Helpful Customer Service
Vorteile:
The customer service was amazing and helped our team understand everything.
Nachteile:
It requires a lot of time from the team to set up.