Secureframe Reviews & Product Details

Secureframe is very efficient for our compliance workflow and I really like that. At TechForing we handle client data and cybersecurity audits so staying organized and audit-ready is key. With automated reminders, straightforward framework mapping, and evidence gathering, Secureframe helps us stay compliant without manual tracking. The tool is easy to use and people can see what was audited and where the risk lies at once on its dashboard. Review collected by and hosted on G2.com.

I have observed that the only issue is that with that you will spend a lot of time initially setting up if you align numerous compliance frameworks at the same time. Some integrations could sync at a quicker pace, particularly for large evidence file imports. Once properly configured you are good to keep it running and carry out very little maintenance. Review collected by and hosted on G2.com.

I like that Secureframe doesn’t overcomplicate things. As someone who manages partner accounts and data exchanges across vendors, I feel the dashboard is clean. It automatically looks for compliance gaps and send alerts regarding policy reviews. For a quick brand like Quince, the time saved is several hours a week. I like that the setup is guided, it felt more like onboarding than a technical rollout. Review collected by and hosted on G2.com.

The reporting tools could be a little more flexible. There are times when I want to quickly export custom views without admin privileges. Other than that the interface has improved over times and when I contacted support for clarification they were responsive. Review collected by and hosted on G2.com.

What I love the most is Secureframe’s ability to turn compliance into a topic that my mid-sized retail business can actually understand. Handling over several brands means that we are able to efficiently sync all data and vendor policy without the need for a new system. I find the system’s automation for tracking certifications and alerting us to coming audits particularly helpful. I no longer have to chase people down for updates. Review collected by and hosted on G2.com.

At first, it took a bit of time to get every department onboard because our beauty and lifestyle divisions work differently. Once everyone saw the value, adoption picked up. There are just a couple of minor tweaks that could be beneficial. Some customized reports could be easier to modify without the need for administrators. Review collected by and hosted on G2.com.

I work as a system administrator at a software consultancy where my team utilizes many third-party tools and APIs. With Secureframe's risk management module, we are able to handle this complexity in a structured way. The automated vendor questionnaire system saves a lot of time. I can deliver a detailed security assessment to a new AI service provider and track their compliance status directly in the platform. When you integrate with our GitHub organization, we automatically flag new dependencies for vetting to keep all our code bases secure. Review collected by and hosted on G2.com.

At first, there was a lot of manual work on our part to get the risk scoring model working for our clients’ security needs. Certain API endpoints, which help extract vendor data for our internal dashboards, impose limitations that require a workaround. Review collected by and hosted on G2.com.

I like the fact that Secureframe organizes all of this without being overly complex. I can check compliance status, upcoming audits and documentation all from one dashboard. The set up process to our HR and internally systems was more straightforward than I thought and we love the automated reminders so we never miss those important security checks. It has honestly made our compliance reporting so much less painful. Review collected by and hosted on G2.com.

Initially, it took some time to figure out all the |buttons accompainied withit however I've gotten used to it mostly during setting up. I do wish their customer chat support was a little bit quicker on the uptake time during weekends, but otherwise the folks at support have been consistent and courteous once you reach them. Review collected by and hosted on G2.com.

I appreciate how Secureframe automates a ton of the data collection and monitoring required for SOC II and keeps all the info in one place. It does what it says on the tin and is very reliable. The interface is overall pretty straightforward and it integrates with a lot of the platforms we use. It saves time by having to manually update user access for certain platforms. It makes it so checks are more of a once in a while rather than something to closely monitor. I also like how it automatically reflects when someone has been offboarded from our HRIS. Review collected by and hosted on G2.com.

I can't seem to find an easy way to update my email and notification settings. Something more clear cut would be helpful. I don't think they exist at the moment so adding that as an option would be good. Review collected by and hosted on G2.com.

I really enjoyed the people we've worked with so far on the partnership. The fact that Secureframe alerts me if anything is out of compliance is really helpful to keep everything organized in one secure area. The integration with tools like ADP and our Microsoft suite has been super beneficial. Additionally, Brandon, our point of contact for the account, has been absolutely fantastic, and he's been super helpful with answering any questions. Review collected by and hosted on G2.com.

I don't think there's anything for the time being. Honestly, a lot of the functionality is great. I would say maybe the only thing would be having more integrations with tools that they don't already have or being able to create our own integrations because sometimes we have tools that they don't have partnerships with already. Review collected by and hosted on G2.com.

We tested Vanta, Drate, Sprinto, Auditboard and Secureframe. Overall, we felt Secureframe had the best multi-framework capabilities, easiest to navigate and fastest to use in terms of overall UI and feel. Their team has also been phenomenal to work with and very easy to do business with. Review collected by and hosted on G2.com.

At first, it can feel a bit overwhelming because there is so much to accomplish. This isn't really a problem with Secureframe itself, but rather reflects the broader challenges of GRC in general. I would appreciate seeing more agentic process automation and enhanced write capabilities through MCP, as these could help accelerate the workflow. More advanced reporting would also be welcome, like a print to pdf executive report of status changes and outstanding items. Review collected by and hosted on G2.com.

I love how easy it is to use everything is on Secureframe. An all of the above solution as someone running multiple departments, with no time for steep learning curves. The dashboard tells me the status of every compliance activity and the automatic notifications have helped my team stay on track. We’ve also used it to manage vendor assessments, which used to take days but now takesjust afew clicks. Their support team is quick to respond and they “treat you like a member of their family, not just a number,” as Perimutter put it. Their knowledgeable support team explains things in a manner that even non-technical staff can understand. Review collected by and hosted on G2.com.

There are a couple of idiosyncrasies in the reporting module — sometimes it’s too cumbersome to get custom report formatting. I want to be able to bring up data from third party integrations while being connected without needing to do any manual setup. None of this is a deal-breaker, but it would ease scaling. Review collected by and hosted on G2.com.

After handling our SOC 2 compliance at Sprinto, a transition to Secureframe was an easy choice for the automation and User Experience upgrade. The best change, from what I can see, is in the philosophy of evidence gathering. Secureframe’s technology categorizes and maps evidence from our AWS cloud and Jira instances automatically with very high accuracy, greatly lessening the time I used to spend manually reviewing in Sprinto. The dashboard is cleaner as well, which helps give our (team) an at-a-glance view of where they are in terms of compliance without a lot of distractions. Review collected by and hosted on G2.com.

The migration away from Sprinto did take some effort to trace back our controls and re-assert certain evidence. And though Secureframe’s support was useful, it was a project in its own right. Some of the policy editing features, though powerful, present a different workflow that I found a bit more difficult to get used to. Review collected by and hosted on G2.com.