Question

What does SecureFrame cost?

Has anyone used SecureFrame for their SOC 2 and ISO 27001 compliance?

I'm wondering what are the approximate costs as they are not providing it on their site.

Mentioned
#Security #Vanta #Capiche
Share
AndyDentPerth's avatar
3 months ago

I hear Vanta advertise regularly on This Week in Startups and think I remember them being interviewed recently on the pod saying cost was $5K to $10K for typical startups, vs $30K for other companies providing SOC2.

Note the podcast has an offer _ TWiST listeners can get $1,000 off for a limited time at vanta.com/twist_

3 points
Christinac's avatar
3 months ago

Andy’s right on Vanta pricing — just mention you read about Vanta on Capiche and we’ll make sure you get the friends and family discount.

This isn’t being marketed yet, but we are running an ISO beta — just ask to be added to that. And then on SOC 2, we’ve had folks go from new user onboarding to SOC 2 report in hand in 18 days (actually, not hyperbole) so have your back there as well.

3 points
dregar's avatar
3 months ago

Haven't looked at SecureFrame yet, but you may want to look at heylaika.com. Their basic package starts around $15K/year.

3 points
shrav's avatar
3 months ago

Secureframe's pricing starts at $12,000 for companies under 50 employees. We offer SOC 2 and ISO 27001 today and are launching end-to-end HIPAA and PCI out of beta soon and many more soon.

Our ISO 27001 product is a lot more than just a readiness report, it's end-to-end. ISO 27001 is more prescriptive than SOC 2, requires independent internal audits, and typically has more legwork. It's also split up into two stages. Secureframe helps with all these pieces and is the only security compliance platform with its own SOC 2 Report and ISO 27001 certification (https://secureframe.com/security).

Secureframe has more automation and more integrations than any other platform (https://secureframe.com/integrations). And this allows us to get SOC 2 audits for our customers as low as $7,500.

3 points
emart's avatar
3 months ago

Hi @gabriel - vendors in this space tend to price based on their level of automation and the depth of their partner audit network.

I can't speak for others, but Vanta pricing starts at $15k for companies with 1-20 employees (and goes down the better you negotiate). :)

2 points
emart's avatar
@emart (replying to @emart )
3 months ago

Vanta's CEO Christia Cacioppo was interviewed on Capiche.FM back in December.

Recording link here: https://capiche.fm/saas/vanta-chat-with-christina-cacioppo

2 points
Vendr's avatar
3 months ago

We just wrapped up our SOC2 type 2 at Vendr and we used a combination of software + services.

SaaS: Vanta. No brainer. Makes the process seamless and cheaper because of the automated test coverage. @Christinac huge fans :)
Services: We used https://www.darata.com/ for the audit. They were great and happy to make an intro for anyone interested.

In terms of price, the audit will depend on your size/sophistication. For a company like ours (~2yrs old; 65 ppl), I'd estimate $11k-18k for the services portion of the audit.

2 points
adammarkowitz's avatar
2 months ago

A couple of Drata’s customers pointed us to this thread, so happy and appreciative to add a note here…

Trust the absolute core value at Drata, the world’s fastest growing SOC 2 automation platform. Trust dictates how we build product, how we hire, how we market, and how we deliver for our customers.

Drata is the only SOC 2 automation company with its pricing publicly available on its website (https://drata.com/pricing). No internet forums or threads just to learn what something costs. No games of who can negotiate best. Just simple, honest engagement with our customers and prospects.

Drata is also the only single-tenant architected system in this space, which means customer data never touches the data of another customer. This is your security posture data after all. Again, all decisions come back to a simple, honest core value of TRUST.

Feel free to learn more from the most important voice at the table here, the customer (https://drata.com/customers)

2 points
What are your favorite tools to build an MVP?

I've used Airtable extensively to build simple internal apps as minimal viable products, but would love to build something bigger without coding. What are your favorite tools to build MVPs?

What's your knowledge processing pipeline, and how do you fill it?

My Knowledge Processing Pipeline looks like this: Instapaper → Readwise → Roam Research. Recently I struggled with discovering quality content to pipe through the line. What’s your way to fill yo...

The community for power users.