Wij helpen bedrijven al 17 jaar
betere software te kiezen
Secureframe
Wat is Secureframe?
Naleving is vaak vervelend en er is veel handmatig werk voor nodig. Secureframe maakt het nalevingsproces eenvoudig en naadloos. Met Secureframe kunnen bedrijven binnen enkele weken compliant worden in plaats van maanden en het bewaakt meer dan 100 services, waaronder AWS, GCP en Azure. Secureframe verzamelt voortdurend auditbewijs, voert beveiligingsbewustzijnstraining uit, beheert leveranciers, bewaakt infrastructuur en meer, allemaal automatisch.
Het nalevingsteam helpt je graag bij het beantwoorden van al je vragen.
Wie gebruikt Secureframe?
Secureframe is bedoeld voor bedrijven van elke omvang met moderne technische stacks.
Twijfels over Secureframe?
Vergelijk met een populair alternatief
Secureframe
Reviews over Secureframe
Easy to stay organized and rest assured that we're compliant
Opmerkingen: Secureframe ensures that our team's policy documentation is recorded and kept up to date, and requires that every employee go through annual training on these policies and more. It makes it easy for our HR and IT teams to know who has accomplished the required tasks on time, and can send out personalized reminders to those who have yet to do so. It also automatically pulls Common Vulnerabilities and Exposures data for our connected integrations, which helps our team prioritize security tasks.
Pluspunten:
Any time there is a task that needs to be done, an email is sent out by Secureframe with explicit instructions on how to accomplish it. Whether that be a new employee going through onboarding, annual SOC 2 compliance, or verifying that security policies are up to date, Secureframe ensures that the important tasks are completed in a timely manner. It would be chaos to try and manage all of this another way, and our team breathes easy knowing that we're covered by their software.
Minpunten:
Our team receives security questionnaires at least weekly from our prospective customers, which can come in a variety of formats (Excel, Word, external site, etc). While there is a questionnaire library feature within Secureframe, it is currently limited to being able to read and fill out Excel spreadsheets. If this were the only way we received questionnaires, it would be perfect. Alas, that's not the world we live in. Thankfully, the Secureframe success/support team has been receptive to feedback around how this could be improved and have relayed those thoughts to their Product team.
How Secureframe Revolutionized Our ISO 27001 Compliance Process
Opmerkingen:
We just completed our annual surveillance audit, and it went incredibly smoothly. Our external auditor, who’s quite old-school, was initially skeptical of Secureframe, especially its ability to integrate with our systems and provide real-time compliance evidence. By the end of the audit, he said it was the best compliance tool he’d ever seen and planned to recommend it to his clients.
If that wasn’t enough, their support team is fantastic. Our Customer Success Manager, [sensitive content hidden], is super responsive, often replying to emails within the hour. If he can’t address something immediately, he loops in his team, and they follow up just as quickly.
We couldn’t be happier with Secureframe and are excited to expand its usage as our business scales and we explore support for more frameworks.
Pluspunten:
We used Secureframe to streamline our ISO 27001 compliance efforts. Before that, we worked with consulting companies that either had their own, not-so-great compliance tools or had us managing everything manually with Excel files and Dropbox—an incredibly tedious process. A colleague recommended Secureframe, and it’s been a complete game changer for us. The integration features are outstanding. We connected it to our Azure account (and other SaaS platforms we use), and it immediately identified configuration changes we needed to make. The system provided easy-to-follow instructions to help us harden our setup and ensure compliance with our policies. This automation not only made the process smoother, but it also simplified showing evidence of controls to auditors. Secureframe’s built-in content management system for policies is another great feature. It tracks version history and allows employees to log in and review policies based on their roles. This ensures everyone is reviewing the required policies annually for compliance. I also found the Vendor section extremely useful. It enables us to assess and rate the risks associated with our suppliers and keep track of their compliance documents. The integrated risk register is another standout feature. While I could go on about many more features, these are the ones that have been particularly impactful for us.
Minpunten:
From an integration standpoint, all of our major cloud and SaaS suppliers are included, but I wish there were a few more options, or if some of the integrations were a little more robust.
Solid Security Tool
Pluspunten:
Secureframe is actively developing its platform so missing features are usually on the roadmap
Minpunten:
There is a general lack of work management integrations so all work has to be tracked in Secureframe itself. This gives my team multiple sources of truth.
Secureframe: An ISO 27001 Game Changer!
Pluspunten:
Single repository and pane of glass for all things GRC. In our case we have an urgent imperative to get ISO 27001 Certified by year end. Tremendous value compared to Vanta and Drata. Great onboarding experience and dedicated account manager have made this process so much easier. The interface is logical, easy to navigate, and we were up and running in no time at all. I love how tests are cross-mapped to controls. The tests also rpovide clear guidance and instructions so providing suitable evidence and workarounds has proven quite easy. I also have to say our advisor has been great; she is a GRC professional, an auditor I believe so we are getting first-class consulting for the price of admission. I have learned so much from her, not just about Secureframe but about ISO in general. Secureframe also has numerous conteatcs in terms of audits, pen testing and so forth, so again, everything is provding to be so easy for us. I coudl not imagine meeting this urgent complaince goal without this partnership.
Minpunten:
Some of the integrations (Azure, for example) rendered less than great results or could not connect for some reason (probably on MS side). You can bypass these however, by other means, so this is not really a stopper in my view. Other platorms provide a real-time comparison for other frameworks, even though you have not paid for them. I was told that we can request to see what out status would be at any time, however.
Made Getting SOC 2 Type I a breeze. Easily saved hundreds of hours
Opmerkingen: Secureframe helped us secure our SOC 2 Type 1 incredibly quickly, which was instrumental to helping us unblock some of our enterprise opportunities and move along deals. Plus, it also helped our company start taking security more seriously as we continue to grow and scale.
Pluspunten:
Secureframe’s platform made getting our SOC 2 super easy and easily helped us save hundreds of hours of time and engineering resources. The software helped streamline the evidence collection process, vendor management, policy creation, and even security awareness training. It literally did almost everything we needed to get SOC 2 compliant. I was impressed with the breath of integrations. They helped save a lot of time with pulling in evidence from our existing vendors. Finally, the support is really top notch. Anything we had a question, we got a response within 24 hours, sometimes within just hours. We always felt like Secureframe was there for us.
Minpunten:
Reality is, you still have to read over the policies and make sure you’re setting up the integrations properly. But, I felt like Secureframe’s team was there to help us with any questions we had and get us moving through the process quickly.