The Secureframe Trusted Partner Program helps customers get and stay compliant with speed and ease while enabling partners to deliver more value to their customers and unlock new revenue

October 20, 2022—San Francisco—Secureframe, the modern, all-in-one platform for security and privacy compliance, announced new partnerships and launch partners for the Secureframe Trust API as part of its expanded Secureframe Trusted Partner Program. The industry-leading partner ecosystem helps customers achieve and maintain compliance while enabling integration, channel, pen testing, audit, and other partners to deliver more value to their customers, expand into new markets, and unlock new revenue streams. The latest additions to the Secureframe partner ecosystem include Rootly, Electric, Basis Theory, and Indent, with the latter two serving as launch partners for the new Secureframe Trust API.

“Our customers look to Secureframe as the most comprehensive automated security and privacy compliance platform to help them get and stay compliant,” noted Shrav Mehta, founder and CEO, Secureframe. “Our partner ecosystem is a critical part of our all-in-one solution, offering integrations to hundreds of tools that our customers use in their business every day, as well as pre-vetted partnerships with virtual CISOs, consultants, pen testers, and auditors who can help our customers complete their audits and certifications with speed and ease. The trust and confidence that customers have in Secureframe extends to our network of partners who are able to grow their business as a result.” 

“We are impressed with the innovation coming out of Secureframe, from their automated compliance platform to the depth and breadth of the Secureframe Trusted Partner Program in enabling not only our success, but the success of our joint customers,” said Russ Cobb, CMO, Cobalt

“Partnering with Secureframe has accelerated our business growth through a steady stream of new clients and access to a best-in-class security and privacy compliance platform that shortens the audit process for us and our clients,” noted Ryan Johanson, CPA, Partner, Johanson Group.

Integration Partners

Secureframe provides more than one hundred pre-built integrations to the most popular applications across cloud services, identity providers, background checks, HR and people management, device management, developer tools, single sign on, and more. These automated connectors identify security and privacy compliance gaps and capture compliance evidence from ADP Workforce Now, AirWatch, Asana, AWS, BambooHR, Bitbucket, CharlieHR, Checkr, Cloudflare, Datadog, Finch, Fleetsmith, GitHub, GitLab, Google Cloud, Google Workspace, Gusto, Heroku, Hexnode, Jamf, Jira, Jumpcloud, Justworks, Kandji, Kolide, Linear, Microsoft Azure, Azure Active Directory and Azure DevOps, Microsoft Office 365, Mosyle, Okta, Paycom, Paylocity, Personio, Pivotal Tracker, Render, Rippling, Shortcut, Slack, Trello, TriNet, Vetty, Zenefits, and many others.

As a new integration partner, Rootly’s incident management platform helps joint customers automate manual, administrative work during incidents. With incident management a core part of SOC 2 compliance, the integration enables a list of resolved incidents to be sent from Rootly to the Secureframe platform, automates the capture of incident follow up action items from Rootly into Secureframe, and enables Secureframe to ensure the right users in Rootly have admin access for appropriate access control.

“Since we learned about Secureframe, we knew a partnership made perfect sense,” said JJ Tang, co-founder & COO, Rootly. “Incident management is a core function of compliance across certifications such as SOC 2 and what better way to automate it than by integrating Rootly with the industry-leading security and privacy compliance platform, Secureframe.” 

Secureframe Trust API

Building on the breadth and depth of Secureframe’s pre-built integrations, the Secureframe Trust API will offer customers the flexibility to customize their security and privacy compliance programs to further meet the unique needs of their business. It will enable partners and developers to automatically send audit evidence to the Secureframe platform, unlocking real-time compliance data to further demonstrate an organization’s security and privacy posture. For example, launch partner Indent automates change management for access control while Basis Theory’s tokenization satisfies more than 90% of the requirements for PCI DSS, both helping customers further streamline their security and privacy compliance.

“We anticipate strong continued momentum of the Secureframe Trusted Partner Program and demand for the Secureframe Trust API by enabling more custom applications of Secureframe in our joint customers’ businesses,” said Mehta. “Enabling this deeper customization of our platform will help accelerate our growth by attracting more partners to our ecosystem and more customers to our platform, especially enterprises looking for a flexible, all-in-one GRC solution.”

“We’re excited to be a launch partner for the innovative Secureframe Trust API, which paired with the company’s pre-built integrations delivers the comprehensive compliance platform our customers need,” said Fouad Matin, co-founder and CEO, Indent. “By integrating with Secureframe, we can automatically send access review events to Secureframe as evidence for SOC 2 audits. This creates tremendous value for our customers. By further automating the compliance process, they can focus on serving customers and growing their business rather than chasing evidence.”

“Secureframe is leading the charge on making compliance fully digital so companies can achieve continuous compliance across every stage of the process, and we’re thrilled to be a launch partner for the Secureframe Trust API,” said Colin Luce, co-founder and CEO at Basis Theory. “Basis Theory unlocks the value of PCI compliant data with a tokenized technology infrastructure that enables secure and compliant collaboration across teams, business partners, and product lines. By integrating directly with Secureframe, our customers will be able to connect compliance oversight and management directly to their technology infrastructure in Basis Theory, eliminating 95% of the effort required to get and stay compliant with new regulations on the rise.”

Channel Partners

Channel partners, including resellers, Managed Service Providers (MSPs), and Managed Security Service Providers (MSSPs), provide IT and security services to their customers by aggregating best-in-class solutions and technology. Secureframe offers channel partners a comprehensive, all-in-one automated compliance platform for their customers. This includes a suite of world-class governance, risk, and compliance (GRC) solutions like continuous monitoring, personnel and asset inventory management, vendor access and risk management, a risk register, enterprise policy management, automated tests, data rooms. and reporting—all to help their customers achieve and maintain compliance.

Penetration Testing Partners

As part of the Secureframe Trusted Partner Program, Secureframe partners with leading penetration testing firms to help customers conduct comprehensive security assessments of their systems using simulated cyber attacks that identify exploitable vulnerabilities across people, processes, and technology. Pen testing partners include Cobalt, CyAlpha Cyber Solutions, Federacy, GRSee Consulting, Insight Assurance, Lost Rabbit Labs, Prescient Security, Rhymetec, Secure Cloud Innovations, Software Secured, TrustFoundry, and others.

Audit Partners

Secureframe helps auditors streamline the audit process with clear, detailed reporting, dashboards, and data rooms that make auditing more transparent and straightforward. With support for custom controls and processes, Secureframe offers the flexibility auditors need to serve the unique needs of their clients’ complex environments. Secureframe audit partners include Aprio, Barr Advisory, British Assessment Bureau, Boulay, Consilium Labs, Control Logics, Daszkal Bolton, GRSee, Hancock Askew, Insight Assurance, Johanson Group, KLR, MJD Advisors, Oread Risk, Prescient Assurance, Sensiba San Filippo, and ZeroDay, among others. 

"As an auditor, Secureframe’s platform makes my job easier with less back-and-forth with clients—whether it’s SOC 2, ISO 27001, PCI, or any other framework,” said ​​Hector Galvan, Senior Auditor, Prescient Assurance

The Secureframe Trusted Partner Program offers the most comprehensive security and privacy compliance ecosystem for integration, channel, pen test, audit, and other partners. Organizations interested in partnering with Secureframe may visit for more information, or read today’s blog post.

About Secureframe

Secureframe is the leading, all-in-one platform for security and privacy compliance. Delivering world-class governance, risk, and compliance (GRC) solutions, Secureframe makes it fast and easy to achieve and maintain compliance. With 100+ integrations to core services like AWS, Azure, Google Cloud, Github, Jamf, Okta, and Slack, Secureframe helps customers continuously achieve the most rigorous global standards, including SOC 2, ISO 27001, ISO 27701, PCI DSS, HIPAA, GDPR, CCPA, CMMC, NIST CSF, Microsoft SSPA, MVSP, and many more. Secureframe enables hyper-growth organizations like AngelList, Fabric, Doodle, Dooly, Lob, Rand McNally, Slab, and Stream to focus on what matters: serving customers securely and growing their business.