Product Updates

We’re always working to make our modern governance, risk, and compliance platform even better. See what’s new and what we’ve been improving here.

hero-image
G2 Crowd

G2 Crowd

Capterra

Capterra

Global InfoSec Awards

Global InfoSec Awards

Product Hunt

Product Hunt

Software Advice

Software Advice

May 2023

New features & updates

Secureframe Trust

We recently announced the availability of Secureframe Trust – a powerful combination of our Trust Center, Knowledge Base, and ML-powered Questionnaire Automation solutions. 

Now, you can proactively showcase the measures your organization is taking around security, compliance, and privacy with a Trust Center that continuously pulls in data from the Secureframe platform. You have the ability to customize this page - show only what you want to show, and adjust the look and feel of your Trust Center with customized logos, colors, and information. You can upload documents, review/approve/deny requests for information, and enforce automated NDAs. If a visitor has additional security questions after perusing your Trust Center, they can submit an RFP or questionnaire, and our Questionnaire Automation and Knowledge Base can help streamline that process.

Learn more about Secureframe Trust here.

Export tests as JSON

We recently added the ability to view and export raw JSON evidence for AWS, Azure, and GCP to aid in remediation for your failed tests. JSON provides more detail so you can easily identify the reason a test failed and quickly remediate the issue. Raw JSON is helpful for your auditors as well because it reduces the amount of time it takes them to review the evidence and provides them with additional details to help minimize follow-up questions. 

When downloading a test, you will now see two options: ‘Download Test data (.csv)’ or ‘Download Test data (JSON)’. You can easily navigate the JSON evidence for every resource associated with a test using the arrows in the platform which allows you to review on an individual resource basis so you can focus on a specific area of concern

If you choose to download as JSON, it will contain details for all of the resources associated with the test. This will help you get as much or as little information as you need to remediate issues in your cloud infrastructure and maintain compliance. Learn more about exporting tests as JSON here.

April 2023

New features & updates

Upload PDF Policies

This month, we introduced the ability to upload PDF policies to Secureframe, giving our customers flexibility during the onboarding experience. Policies are governing documents describing what an organization does to ensure security and compliance. 

Now users have the ability to directly upload one or multiple PDF policies, in addition to using the inline editor. Find more information on creating and editing policies here.

New Secureframe Training Lessons

Secureframe Training automates training for SOC 2, HIPAA, PCI DSS, GDPR, and more – so organizations can quickly meet security and privacy compliance requirements and save time assigning, tracking, and reporting on required training.

This month we introduced two new lessons to our Security Awareness Training module: Anti-Counterfeiting and Privacy. Find the new lessons in Employee Onboarding > Training, or reach out to learn more about how you can easily deploy and track required employee training with Secureframe.

March 2023

New features & updates

Manage Test Updates on the Test Activity Dashboard

In March we launched an exciting new feature that improves automation and helps with continuous compliance: Test Activity Dashboard. This new experience allows Secureframe to keep your tests up-to-date with the latest automation enhancements and compliance checks.

New or updated tests appear on the dashboard depending on the frameworks you have signed up for. Keep your tests in their current state if you have an upcoming audit and want to wait to switch to the new/updated test. For any new/updated tests, you have a Required Action Date that is at least 3 weeks after the test is introduced into your account. 

If you don’t take any action, the new/updated tests will be automatically introduced into your account on the required action date. Future releases for test changes happen on a periodic basis on the last Friday of each month. 

Learn more here.

February 2023

New features & updates

Real-Time Support Through Live Chat

Now you can chat in real-time with a Secureframe Customer Experience Representative! Just as before, if you need help you can go to “Help & Support > Chat. Once a chat is initiated, if you want to chat online with a Secureframe representative, you will be offered the option “I still need support”. If you click this button, you will be able to speak to a Secureframe Customer Experience rep. Our representatives are available Monday - Friday from 9AM - 7PM ET. 

Learn more here.

Announcing Secureframe for MSPs

We are excited to expand the Secureframe Trusted Partner Program to include our world-class MSP Partner Program and launch our multi-tenant portal to make it easy for service providers to bring the power of Secureframe’s compliance automation platform to their clients. Secureframe for MSPs offers:

  • Centralized account management: Purpose-built to help service providers manage their customers’ end-to-end compliance journey, Secureframe’s multi-tenant portal centralizes all activities related to each customer’s security and privacy compliance into a single pane of glass.
  • Streamlined deal management and support: Secureframe’s partner portal (PRM) enables service providers to register deals and gain access to marketing, sales, technical support, and other resources to close deals, serve clients, and grow revenue.
  • Enhanced revenue earning potential: Secureframe’s partner program unlocks new revenue streams through its referral, reseller, security consultants, and MSP/MSSP options where partners can function as any or all partner types depending on their business model and preference
  • DattoRMM integration: Secureframe’s integration to DattoRMM, used by MSPs to remotely secure, monitor, and manage endpoints, automates evidence gathering for antivirus software, asset inventory intelligence, and more.

January 2023

New features & updates

Secureframe Questionnaires

Secureframe’s machine learning-powered automation makes the tedious process of responding to RFPs and security questionnaires fast and easy for organizations of all sizes. Our innovative solution suggests responses to RFP and questionnaire questions using content and context from the Secureframe platform along with approved prior responses to deliver 90%+ accuracy. 

You have the ability to edit answers to reflect updates in your security and privacy posture, as well as collaborate with your in-house subject matter experts to ensure answers are kept current in the Secureframe Knowledge Base as your security, privacy, and compliance system of record. And with the availability of a Google Chrome extension, you can quickly and easily access the Secureframe Knowledge Base from your browser.

December 2022

New features & updates

Secureframe Training

Training employees on security and privacy awareness is a key requirement of most compliance frameworks, including SOC 2. Secureframe Training, our in-platform training product with modern and engaging content, now includes Security Awareness Training. This adds to our existing, comprehensive set of training that includes HIPAA, GDPR, CCPA, PCI, and Secure Coding.

Make training your workforce easy and automatic with content that’s kept up-to-date by our compliance experts. You can review the available training modules in the Personnel > Settings > Onboarding section of the app.

Interested in adding privacy and security training? Ask your customer success manager or email contact@secureframe to add Secureframe Training or get a demo.

November 2022

New features & updates

Knowledge Base Scheduled Reviews

Keep your Knowledge Base content fresh by scheduling regular review cycles. 

Fully customize these review settings and receive automated email notifications when your content expires. Learn more about this new feature in our Help Center article.

Expanded Trusted Partner Program + Launch Partners for the Secureframe Trust API

You need the flexibility to customize your security and privacy compliance program to the unique needs of your business.

That’s why Secureframe provides 100+ pre-built integrations with the most popular applications across cloud services, identity providers, background checks, HR and people management, device management, developer tools, single sign-on, and more that you’re already using every day. Rootly, Electric, Basis Theory, and Indent are now joining our industry-leading trusted partner ecosystem to help our mutual customers further automate and streamline compliance. 

Learn more by reading our blog announcement.

October 2022

New features & updates

New Comments Tab on Tests Page

Collaborate with other users at your company using the new comments section. You can leave shared notes, work through remediation steps, and chat with your fellow team members, making it easier and faster to pass tests.

Click on any test and navigate to the "Comments" tab to get started.

Custom Knowledge Base Tags

Manage your content from uploaded security questionnaires and RFPs with custom tags.

Create and mark records for different teams, topics, or specialty areas. You can then filter on these tags for easy access the next time you are looking for content.

September 2022

New features & updates

Test update notifications

Integration Tests can now have a tolerance window! Sometimes configurations are tricky to figure out. Now you can set a tolerance window so that the test will not fail right away after Secureframe detects an incorrect configuration.  

When a tolerance is set, Tests will first show an "at risk" status so that the owners know that something needs to be fixed. Learn how to set a tolerance window for a test in our Help Center.

Due dates for uploaded tests

You can now set due dates for Upload Tests! Every time you go through an audit there is evidence to refresh. Now, you can set due dates to remind you to do these tasks. 

When you set a due date, you can also set a test interval so that the Test will auto-increment to the next due date after it has been refreshed with new evidence. See how to set a due date for a Test in our Help Center article.

Automate responding to security questionnaires and RFPs with Secureframe

Responding to security questionnaires and RFPs has long been a manual, tedious process with forms that vary from customer to customer with no standardized format, set, or order of questions. Even if you are SOC 2 or ISO 27001 compliant, many companies will still require a security questionnaire to be filled out. 

That’s why we’re excited to introduce Secureframe Questionnaires, a machine-learning-powered solution that makes it fast and easy to respond to customer questionnaires. When you receive an RFP or security questionnaire, simply upload it to Secureframe, tag the questions and answer fields, verify Secureframe’s suggested answers from the Secureframe Knowledge Base, export the completed document to the original format, and send it back to your customer. 

Read the blog post to learn more.

Secureframe adds 12 new frameworks, including NIST, ISO 27701, CMMC, and more

We are excited to announce that we’ve added these new frameworks to help you achieve and maintain compliance:

  • NIST SP 800-53 
  • CMMC
  • NIST 800-171 
  • PCI DSS SAQ-A and -D
  • NIST Privacy
  • ISO 27701
  • NIST CSF 
  • Microsoft SSPA 
  • MSVP

 Read the blog post to learn more.

With these additions, Secureframe’s modern, all-in-one governance, risk, and compliance (GRC) platform can do more to help your organization and compliance teams to quickly understand requirements, manage controls, streamline workflows, and stay up-to-date with the latest security, privacy, and compliance standards.

JIRA integration update

The updated JIRA integration automates compliance checks and evidence collection for five existing requirements. To learn more, read our Help Desk Article.

Vendor page update

We’ve updated our Vendors page so it is easier to filter and sort. Now you can quickly skim your vendors list, identify which ones are high-risk, and review vendors that you own.

July 2022

New features & updates

New tests page 

We’ve created a new page to view your compliance journey designed around tests. This page allows you to manage all your company tests in one easy-to-organize place:

  • Set custom and saved filter views
  • View test details
  • View framework mappings
  • Remediate tests

For more information on how the Test Page works, take a look at our Help Center article.

June 2022

New features & updates

Custom Upload Tests

We have added the ability to author your own Custom Upload Tests. If existing Secureframe-authored tests do not meet your company’s criteria, you can now create a new test or new set of tests that accept file uploads as evidence.

For more details, read our Help Desk Article on Custom Upload tests.