Secureframe Reviews & Product Details

I love how easy it is to use everything is on Secureframe. An all of the above solution as someone running multiple departments, with no time for steep learning curves. The dashboard tells me the status of every compliance activity and the automatic notifications have helped my team stay on track. We’ve also used it to manage vendor assessments, which used to take days but now takesjust afew clicks. Their support team is quick to respond and they “treat you like a member of their family, not just a number,” as Perimutter put it. Their knowledgeable support team explains things in a manner that even non-technical staff can understand. Review collected by and hosted on G2.com.

There are a couple of idiosyncrasies in the reporting module — sometimes it’s too cumbersome to get custom report formatting. I want to be able to bring up data from third party integrations while being connected without needing to do any manual setup. None of this is a deal-breaker, but it would ease scaling. Review collected by and hosted on G2.com.

After handling our SOC 2 compliance at Sprinto, a transition to Secureframe was an easy choice for the automation and User Experience upgrade. The best change, from what I can see, is in the philosophy of evidence gathering. Secureframe’s technology categorizes and maps evidence from our AWS cloud and Jira instances automatically with very high accuracy, greatly lessening the time I used to spend manually reviewing in Sprinto. The dashboard is cleaner as well, which helps give our (team) an at-a-glance view of where they are in terms of compliance without a lot of distractions. Review collected by and hosted on G2.com.

The migration away from Sprinto did take some effort to trace back our controls and re-assert certain evidence. And though Secureframe’s support was useful, it was a project in its own right. Some of the policy editing features, though powerful, present a different workflow that I found a bit more difficult to get used to. Review collected by and hosted on G2.com.

What I like best about Secureframe is how it makes compliance feel manageable instead of overwhelming. The platform is intuitive and well-organized, with clear guidance at every step, so you always know what to do next. The automation saves a huge amount of time on evidence collection and ongoing monitoring, and the support team is truly a standout—responsive, knowledgeable, and genuinely invested in your success. Thanks to Secureframe, within just 18 months we were able to achieve both SOC 2 Type II and ISO 27001 compliance, turning what could have been a complex, stressful process into something streamlined, transparent, and achievable. Review collected by and hosted on G2.com.

One area where Secureframe could improve is around integrations with certain tools. While many integrations work well, some evidence didn’t transfer as seamlessly as expected, and we had to recreate a portion of it manually. With a bit more flexibility or refinement in how data is mapped and imported from other systems, the experience would be even smoother and reduce some of the extra effort during setup. Review collected by and hosted on G2.com.

At Rumi.ai, we’ve been using Secureframe to manage our security and compliance processes, and it’s made a huge difference. The platform has significantly reduced the manual work involved in maintaining security controls and preparing for audits, while also helping us efficiently monitor our external vendors. It’s streamlined our compliance efforts and shortened the time it takes to achieve compliance certifications.

The Secureframe support team has been consistently responsive and helpful whenever we’ve had questions or needed help.

For any company pursuing SOC 2, ISO 27001, or HIPAA compliance, Secureframe is a reliable and valuable solution that truly simplifies the process. Review collected by and hosted on G2.com.

The platform sometimes seems a bit complex especially for beginners/new users. Review collected by and hosted on G2.com.

SecureFrame is a time-saver for companies who want to reach compliance. They've been around for a while and by listening to their customers, they've ensured that their platform is easy to use for both technical and non-technical members. If you aren't a compliance expert, consider SecureFrame. You'll get a nice, long checklist of work to get you into compliance, which is great! Often times coming up with this list of work is difficult and time-consuming. Review collected by and hosted on G2.com.

Not a blocker or big deal, but they don't support GitHub Issues as a ticketing system. Review collected by and hosted on G2.com.

I like that Secureframe makes it easy to upload information and it only takes a couple of minutes to get a large chunk of the form filled out. It's viable for me because I can fill out forms quicker for onboarding companies, which helps close deals faster, shortens the sales cycle, and makes it easier for my compliance team to complete the rest. Review collected by and hosted on G2.com.

Not all of the questions are filled out in the questionnaires. In fact, most are not filled out, which is a bit disappointing. Some of the answers are guesses, and although they inform you of this, I would have hoped for more of the questions to be filled out automatically. Review collected by and hosted on G2.com.

Secureframe has drastically streamlined our SOC 2 process. Without it, managing everything manually would be a nightmare. The platform continues to evolve in all the right ways—new features actually solve real problems, not just add noise. Their integrations save tons of time, and the dashboard gives a clear picture of where we stand. Also, huge shoutout to their customer support (especially Jean Baptiste...) always professional, fast and genuinely helpful. Review collected by and hosted on G2.com.

Sometimes it takes a bit of digging to find specific information or settings, but that’s partly the nature of infosec. That said, they’re clearly aware of this and constantly improving navigation and how different parts of the product connect. It does getting better. Review collected by and hosted on G2.com.

SecureFrame offers a clear and thorough view of our compliance status for both SOC 2 and ISO 27001, making it easy to spot any gaps and keep real-time track of our audit readiness. I rely on it almost every day to check control statuses, review evidence, and manage compliance tasks. The extensive selection of integrations simplifies connecting our cloud services, HR platforms, and security tools, which has greatly reduced the amount of manual work required. I also appreciate the feature that lets us review historical evidence, as it helps us recognize recurring audit needs and prepare more effectively. The customer support team stands out as well—they are responsive, knowledgeable, and consistently proactive in addressing our questions. Review collected by and hosted on G2.com.

Earlier, the platform lacked a dedicated audit view, which made it slightly difficult to visualize evidence progress — though this has now been added and works well.

An AI-based policy creation assistant would be a great addition to further simplify documentation.

It would also help if the SecureFrame agent were more configurable for different environments and if there were an option to easily remove devices from the asset inventory.

These are minor areas for improvement in an otherwise well-built platform. Review collected by and hosted on G2.com.

I like Secureframe for its efficiency and the reduction in manual work. It makes our auditing process much easier and helps us keep track of employee statuses regarding policy sign-offs and training efficiently. We need fewer people to operate our security management system, which is a great time-saver. Additionally, joining the team after the setup, I found that I needed zero training as it was very easy to use. Review collected by and hosted on G2.com.

I would love it if Secureframe had a user management access log that we could add to, instead of having to keep that separately. Review collected by and hosted on G2.com.

It allows us to efficiently organize, assign and track our progress towards our SOC 2 Type requirements. Their account team, especially Brandon has been an incredible asset and provided timely support when needed. Review collected by and hosted on G2.com.

There are none to note. It is a positive experience in all aspects. Review collected by and hosted on G2.com.