Customer Experience Representative

Secureframe expands Comply with User Access Reviews for automated governance. Secureframe has announced the launch of User Access Reviews, a new capability within Secureframe Comply. Access reviews are the primary mechanism organizations use to validate that the right people have the appropriate access, but the process has historically been manual, fragmented, and difficult to audit. Most teams still conduct access reviews using exported spreadsheets and email threads, creating accountability gaps and leaving security incidents waiting to happen. User Access Reviews eliminates that risk. The new capability replaces the manual, error-prone process with a structured, automated workflow so teams can assign reviewers, evaluate permissions, document decisions, and track remediation from a single platform, with a complete audit trail built in. "Access reviews are one of the most important security controls organizations have, but they're still often managed through spreadsheets and email threads," said Shrav Mehta, Founder and CEO of Secureframe. "User Access Reviews gives teams a simple way to evaluate access, document decisions, and ensure follow-through without turning the process into a coordination headache." Recent findings from Secureframe's 2026 Cybersecurity & Compliance Benchmark Report show that nearly one quarter of security and compliance leaders cite audit preparation as their single biggest challenge in 2026, with teams spending about eight hours per week on manual compliance tasks like evidence collection and documentation. Secureframe's User Access Reviews addresses all three dimensions of a mature access program in a single, streamlined dashboard: establishing governance frameworks that define who should have access and why, surfacing misplaced or outdated permissions before they become a liability, and generating defensible audit evidence on demand. Key capabilities: * Centralized review management. Pull user data from integrated systems or via CSV upload, scope reviews by application, assign reviewers, and complete the entire process within a single platform. * Accountable, access decisions. Reviewers confirm ownership and make explicit account-level decisions to maintain, modify, revoke, or mark access out of scope. Follow-up tasks can be created directly within the review workflow and sync with connected ticketing tools. * Automated scheduling and reminders. Configure recurring review cycles, designate reviewers per system, and rely on automated reminders and status indicators to keep reviews on track without manual follow-up. * Audit-ready documentation. Every review captures reviewer identity, decisions made, and remediation actions taken. Exportable summaries provide structured documentation that can be shared during audits, eliminating the need to reconstruct evidence from emails or spreadsheets. Security and privacy investment is accelerating: 99% of organizations report tangible benefits from their privacy programs, and 38% spent $5 million or more in the past year alone. Yet resources remain stretched. Meanwhile, 80% of AI leaders cite cybersecurity as the single greatest barrier to their AI strategy, and data leaks tied to generative AI are the top security concern heading into 2026. Secureframe Comply helps organizations turn these pressures into an advantage by pairing User Access Reviews with a comprehensive GRC automation platform that: * Supports compliance with leading security and privacy frameworks, including SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR, NIST, and custom frameworks, so teams can manage access reviews in the same system they use to manage controls, evidence, and policies. * Continuously monitors for misconfigurations and failing controls, flagging issues in real time and providing tailored remediation guidance to help organizations maintain a strong security posture between audits. * Automates vendor risk management, employee training, and evidence collection, including AI-assisted policy development through Comply AI for Policies, giving teams more time to focus on higher-value work like tightening access to sensitive systems. "I saw how easy it was to use and how easy it would be to have a central location where we would keep all policies and documents. Secureframe would take care of pulling evidence from our cloud environment, authentication, and HR systems. Before Secureframe, our compliance team had to obtain evidence manually from each third party system," said Jair Basso, VP of Security, Wealth.com. More about

Secureframe unveils new platform to cut defense cyber certification timelines to weeks. Compliance automation platform provider Secureframe Inc. today announced the launch of Secureframe Defense, an artificial intelligence-powered, end-to-end platform that helps defense industrial base contractors achieve and maintain Cybersecurity Maturity Model Certification compliance. Secureframe Defense is designed to deliver secure infrastructure deployment, AI-built System Security Plans, policies and comprehensive monitoring that DIB organizations need to achieve and maintain the certification faster, without unnecessary cost or complexity. CMMC is a U.S. Department of Defense framework that requires defense contractors and subcontractors to implement specific cybersecurity controls to protect controlled unclassified information, or CUI. The DOD estimates nearly 80,000 organizations will ultimately require CMMC Level 2 certification, yet fewer than 800 organizations have achieved certification as of January. Gaining the certification is not cheap, however. Many DIB organizations spend more than a year and $100,000 to $300,000 or more preparing for CMMC Level 2 certification. That's where Secureframe Defense steps in. "Secureframe Defense reflects everything we learned going through our own CMMC Level 2 assessment and the feedback we received from our partner Certified Third-Party Assessment Organizations about the real problems organizations face," said founder and Chief Executive Shrav Mehta. "Our AI-powered platform can take organizations with zero infrastructure to assessment-ready in less than eight weeks." Secureframe Defense guides organizations through three critical stages. Stage one is the deployment of secure CUI environments, with organizations now able to deploy a compliant enclave for handling CUI in under 30 minutes. The platform automatically configures environments such as Google Workspace or Microsoft GCC High with required CMMC controls, provisions Azure virtual desktops and applies secure device management baselines. Stage two involves AI-driven documentation and program management, in which Secureframe's Defense Navigator translates CMMC requirements into guided workflows. An AI engine generates tailored system security plans and policies, manages risk assessments and vendor reviews, assigns policies and delivers continuous control monitoring. The third stage includes certification support and ongoing compliance, with an audit module that automatically compiles documentation and evidence artifacts. According to Secureframe, the new offering reduces overall certification timelines from 12 to 18 months down to four to eight weeks, cutting readiness time significantly compared wit manual processes or point solutions. Secureframe is a venture capital-backed startup that has raised $79 million over three rounds, including a round of $18 million in March 2021. Investors in the company include Accomplice VC, Kleiner Perkins Caufield & Byers, Optum Ventures, Kaiser Foundation Health Plan Inc., Gradient Ventures, Soma Capital Management, Flexport Inc., Gaingels and Impatient Ventures. Image: Secureframe. A message from John Furrier, co-founder of SiliconANGLE: Support its mission to keep content open and free by engaging with theCUBE community. Join theCUBE's Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities. * 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more * 11.4k+ theCUBE alumni - Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network. About SiliconANGLE Media SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios - with flagship locations in Silicon Valley and the New York Stock Exchange - SiliconANGLE Media operates at the intersection of media, technology and AI. Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Its new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.