At Secureframe, we’re dedicated to helping our customers save time and reduce risk while growing their business. That’s why we’re continuously finding ways to help customers automate tasks related to security, risk, and compliance.

As 2023 draws to a close, we want to reflect on some of the many milestones Secureframe has achieved as we advance this mission — all thanks to our employees, customers, partners, and investors.

This year, we continued to:

• Build AI-powered capabilities and other innovative solutions to reduce the effort and costs associated with maintaining a strong security compliance posture
• Collaborate with partners to share insights and best practices for simplifying risk and compliance management
• Be recognized as a leader in the GRC space for our efforts to empower businesses to build trust

Below are some of this year’s highlights.

Product launches and announcements

Our mission at Secureframe is to empower businesses to build trust by simplifying information security and compliance through AI and automation. This year, we expanded our AI capabilities and suite of modern governance, risk, and compliance (GRC) solutions to enable our customers’ success. You can find a full list of product updates here or read the highlights below.

Comply AI for Remediation

Using infrastructure as code, Comply AI for Remediation provides precise and tailored remediation guidance so organizations can:

• Remediate cloud risk
• Improve their security and compliance posture
• Fix failing controls

By leveraging Comply AI, our customers can speed up time-to-compliance, differentiate themselves from competitors, and accelerate their growth. 

Enterprise-grade Risk Management

As your business grows, so does your attack surface and risk exposure. Manually tracking risks in static spreadsheets and other traditional risk management processes are not enough to keep your business safe as it scales or to meet the risk management criteria for compliance frameworks such as SOC 2® and ISO 27001.

That’s why we introduced an enterprise-grade risk management tool that includes an AI-powered risk assessment workflow and an Enhanced Risk module that includes quantitative risk assessment, dashboards, and custom scoring.

Secureframe API

Customers can now use the Secureframe API to integrate with any tool or service in their existing tech stack beyond our 200+ native integrations. This empowers them to:

• Create custom tools & scripts
• Save time
• Reduce human error

Custom controls, frameworks, and tests

Growing companies can now create and customize a compliance program to meet evolving security requirements with Secureframe's custom frameworks, custom controls, and test library.  These changes, along with Secureframe’s intuitive compliance architecture, reduce the amount of manual work required for organizations to achieve compliance across one or multiple frameworks with ease, so they can focus on growing the business.

Secureframe Trust 

Today's customers and prospects want to know what measures your organization is taking to protect their data. That's why we built Secureframe Trust, a powerful solution that helps companies build confidence around security and privacy. Secureframe Trust can help you showcase your organization’s security posture, maintain a single source of truth on security information, and streamline the questionnaire response process.

Secureframe for MSPs

Secureframe for MSPs equips service providers, who are often already providing 24x7 monitoring and management of their customers’ network infrastructure, to help customers achieve and maintain security and privacy compliance to the most rigorous global standards,  including SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR, CCPA, NIST CSF, and others. 

European data center

European organizations are challenged with ensuring the data privacy of their customers and meeting evolving privacy standards like GDPR. To help address these challenges, Secureframe now offers data residency for European customers so they can choose where their data is stored and processed. This flexibility provides an easier way for UK customers to meet data privacy laws.

Integrations

Our customers look to Secureframe as the most comprehensive automated security and compliance platform. Secureframe provides more than 200 native integrations to tools our customers use every day. Throughout the year, we’ve made several enhancements to existing integrations, including Office365, Azure Active Directory, JamfPro, and Amazon Inspector. We also announced integrations with AWS GovCloud to help meet the unique compliance requirements of government agencies and regulated industries and KnowBe4 to provide our customers with flexibility in their employee training solutions. 

Customers looking to integrate with and pull evidence from a tool or service beyond our native integrations can use the Secureframe API. 

Improved task tracking and notifications

To manage compliance, organizations must be able to track outstanding tasks, respond to issues, and collaborate efficiently. With our latest integrations, customers can now create tasks and send notifications via email, Slack, or Jira within the platform.

Improved policy management

To simplify policy management, we introduced AI-powered revisions and other updates to the Secureframe policy editor, including:

• Comprehensive and collaborative editing tools
• The ability to comment and upload one or more PDFs
• Read-only policies

Building policies for your organization is now easier than ever. 

Company Announcements

In addition to improving our product, here are some highlights of how we demonstrated our commitment to providing customers with the best experiences and resources in 2023. 

Licensed content from the AICPA related to SOC services

Secureframe licensed content from the American Institute of CPAs (AICPA) related to System and Organizational Controls (SOC) services, widely recognized engagements for examining and reporting on organizations’ system processes and controls. As a licensee of authorized AICPA content in this area, we agree to adhere to a higher standard in marketing.  

Website Rebrand

Our website got a new look that represents who we are today. This rebrand reflects the significant investments we’ve made in our product and in our team and included the following changes:

• A sleek and modern design
• A logo representing the simplicity, speed, and integrations that the Secureframe platform offers
• Messaging that captures our innovative product capabilities, including AI
• Illustrations and imagery that show off our product and brand personality 

AWS Marketplace listing

Secureframe is now available in the AWS Marketplace. We’re thrilled to bring the power of Secureframe to AWS customers to help them quickly and easily demonstrate their security and privacy posture to earn their customers’ trust and grow their businesses.

Events and partners

Secureframe empowers thousands of organizations to build trust with customers using automation backed by world-class experts. We go one step further by offering expert insights through events, webinars, podcasts, and blogs to help organizations navigate an increasingly complex threat and regulatory landscape. We frequently leverage our trusted partner program to provide these insights and enable our mutual customers’ success. 

Events

We connected with customers and partners at digital and in-person events around the world, including:

• MSP Expo
• ASCII Edge
• IT Nation
• RSA Conference, including a reception with GRSEE Consulting
• SaaStr Europa
• KnowBe4's #KB4CON23

Some of our thought leaders also presented at events, including:

• RemotebaseHQ’s #CTOCon23 ft CoryThomas
• SaaStr Annual ft Shrav Mehta
• AWS Startup Showcase ft Ruoting Sun
• PCI Security Standards Council's #PCINACM23 ft Marc Rubbinaccio
• THAT conference ft Chris Johnson
• TechCrunch Disrupt 2023 ft Shrav Mehta

Partners

We shared expert insights in webinars, podcasts, and blogs with our partners and fellow thought leaders to address common questions and challenges that organizations face around vulnerability management, SOC 2 and ISO 27001 audits, identity and access management, and other key aspects of security and compliance.

Webinars

These partners were featured in Secureframe Expert Insights webinars:

• Insight Assurance
• Consilium Labs
• Basis Theory
• Moss Adams
• Red Sentry

We had two customers join Secureframe webinars and Office Hours as well:

• Nametag
• Current

These partners and thought leaders featured a Secureframe expert in their webinar or podcast:

• Electric AI
• NetSPI
• DNSFilter
• Red Sentry
• Intruder
• theCUBE
• Jason Lemkin’s “What's New At” podcast
• Dashlane
• Prescient Security

Blog

Partners wrote or contributed to several blog posts to provide insights and tips for simplifying other aspects of security and compliance, including choosing an auditor and implementing automated vulnerability scanning.

How Penetration Testing Can Help You Achieve ISO 27001 Compliance by Software Secured

15+ Tips for Choosing an Auditor, According to Secureframe Audit Partners featuring:

• Barr Advisory
• Boulay
• British Assessment Bureau
• CAS Assurance
• Hancock Askew & Co, LLP
• Johanson Group
• Linford & Company, LLP 
• Sensiba San Filippo
• Sentry Assurance

How to Use Changelogs to Satisfy the SOC 2 CC2 Communication Requirement  by Ignition

Vulnerability Scanning: What It Is & Why It’s Important for Security and Compliance by Red Sentry

Awards and press mentions

We were once again recognized as a leader in the GRC space for our AI capabilities, company growth, large market presence, and high customer satisfaction. The recognition by Forbes, GGVCapital, Nasdaq, Crunchbase, FenwickWest, Business Insider, G2, and WIRED reflects our innovation and commitment to automating information security and compliance. 

• Forbes’ America's Best Startup Employers
• The SMBTech 50 List
• Business Insider’s The Most Promising Startups of 2023, According to Top VCs
• Business Insider’s The 34 Most Promising AI Startups of 2023, According to Top VCs
• G2 Grid® for Security Compliance, Cloud Compliance, Cloud Security, Third-Party & Supplier Risk Management, and Vendor Security and Privacy Assessment
• Featured in WIRED’s “Generative AI Is Coming for Sales Execs’ Jobs—and They’re Celebrating”

What’s next

This is just a brief look at what Secureframe accomplished in 2023. In 2024, we’re looking forward to advancing our vision of transforming how businesses manage risk and compliance. Thank you to all our customers, employees, partners, and investors for supporting us.

We hope you stay tuned for more exciting updates about our product, company, events, and partner ecosystem in the coming months. The future looks promising.