Truth in IT
    • Sign In
    • Register
        • Videos
        • Channels
        • Pages
        • Galleries
        • News
        • Events
        • All
Truth in IT Truth in IT
  • Data Management ▼
    • Converged Infrastructure
    • DevOps
    • Networking
    • Storage
    • Virtualization
  • Cybersecurity ▼
    • Application Security
    • Backup & Recovery
    • Data Security
    • Identity & Access Management (IAM)
    • Zero Trust
    • Compliance & GRC
    • Endpoint Security
  • Cloud ▼
    • Hybrid Cloud
    • Private Cloud
    • Public Cloud
  • Webinar Library
  • TiPs
  • DRAW

Secureframe: Compliance Without Crying

Truth in IT
05/07/2025
1 (100%)
Share
  • Comments
  • Download
  • Transcript
Report Like Favorite
  • Share/Embed
  • Email
Link
Embed

Transcript


Mike Matchett Small World Big Data. We are here at Rsac 2025. We are prowling the floor looking for the latest and greatest cybersecurity vendors with innovative solutions for cybersecurity. We are here with Mark today. And we're going to talk about compliance a little bit. So let's start off with compliance is a big world right. And there's a lot of stages to it. What is your kind of unique approach to compliance. Yeah. So SecureFrame. Um, yeah. We our biggest value prop when it comes to compliance is automation. So compliance is a very manual process where organizations are needing to pull evidence. They need to meet and monitor these controls and requirements. And they have been doing that using spreadsheets and screenshots and things like this. Right. So what what SecureFrame is doing is we're enabling these organizations to integrate their technology into our platform, where we pull that configuration data and run tests against that, that data that allows those organizations to continuously monitor their compliance instead of only dealing with it when it comes time for the audit. Yeah. So let me ask you a more particular question. If we're talking about compliance in terms of filling out all the forms and helping them, that's one thing. Actually helping someone be more compliant and secure is another thing. Are you finding that your customers are getting a better security posture out of this at the end of the day? I absolutely do think so. What our platform does is it enables smaller companies who don't have the budget or don't have the resources to begin their foray into cybersecurity and compliance. Um, typically it's it's quite difficult to get to get prepared for an audit without the use of a tool like SecureFrame, where the small businesses that are using modern technology, like cloud service providers, they're building software. Our platform makes it a lot easier for them to integrate those tools into a solution, see exactly what's compliant, what's not. What changes they need to make, and do all of that with without the need for hiring cybersecurity folks or using consultants or things like that. One of the trends I've noticed here at Rsac, talking to a bunch of folks who are in related spaces to compliance and remediation even, is that some of those worlds are colliding a little bit. Like compliance can no longer be something you do once a year. So it tends to work down the stack to being more operational. But if you're a smaller company, you don't have the bandwidth to do that all the time. So what would your advice be to someone looking at that situation? Yeah, I think definitely embracing software, automation, AI, any sort of technologies that you can to make manual processes more automated and efficient. That's what I would recommend for any company. And that's what our value prop is at SecureFrame. I mean, we are spending a lot of effort to build our platform to really embrace these changes and make all of these different manual processes more automated and streamlined for these companies. So if you look around at the at the themes that you're seeing here at Rsac and you're hearing from people, what would you say is one of the bigger things you're talking about and what would your advice be to them? Yeah, I think one of the biggest themes that I'm seeing is the industry is finally adopting this automation thing. SecureFrame has been building this tool for the last five years, just trying to convince organizations, audit assessment firms, the industry as a whole that automation is the future. And what we're seeing is that finally, the light bulb is like clicking for a lot of these industry partners, regulatory bodies, audit firms to adopt a lot of this software and just make the entire compliance process more efficient from beginning to end. I noticed your whole panoply of compliance regs here. We could get into some details about which ones and how fast and how responsive. But I just really want to say you haven't yet to say the words I. Do you have any thoughts about that? Yeah, so I did. Yeah. I did mention AI a little bit. We do. We are building some AI functionality in our platform. Um, because there's a lot of opportunity to use AI to make things more efficient. One thing is through, like building and editing policies and procedures. Ai does a great job when it comes to that. We have AI built into the platform which reviews configurations, what can be changed, and then provides like specific remediation guidance based on the findings in SecureFrame. So I really think AI is is the future. Um, and when when it comes to AI, it's important to look at security as well. So it's easy to adopt AI into your platforms. It's hard to ensure that the privacy of the data that is being sent is in place, and then the security of the implementation is there as well. If you look around the 25,000 people that are here and you'd want to get one message out to them about compliance, what would that be? Yeah, embrace the automation and do it sooner than later. Um, if you have any sort of manual processes when it comes to meeting, maintaining, organizing compliance through your next audit, if you're having a really hard time, uh, I would take a look at a tool like SecureFrame to help you manage and monitor that process. All right. If someone wants to get a little bit more information about SecureFrame, you probably have a website. But for the RSA crowd, is there anything specific you'd point at folks to to get started? Yeah. Um, if you're an organization that's seeking Assessments and audits and you deal with compliance internally. Definitely feel free to reach out to SecureFrame via our website. We also offer a platform for MSPs and service providers consultants Vsos. If you're looking for an easier way to manage your customer's compliance environment, that's what SecureFrame is really good for. And we have a partner signup form on our website as well. Yeah, we didn't talk much about the supply chain in terms of being compliant up and down the supply chain, but this sounds like it has a play there too. Absolutely, yeah. If you're a service provider and you provide a security function for your customers and they need to be audited, then they're going to be looking at you to make sure that you have your controls in place when it comes to your customers. I mean, it's really become an interlinked web of dependencies all around for security. And that's, I think, one of the major themes I'm seeing in addition to AI folks. Thank you so much, Mark, for talking to us today. Yeah. Of course Mike. Yeah. Thanks for having me. All right. Take care, folks.

Secureframe transforms compliance from a dreaded annual chore into a streamlined, automated workflow. Their platform continuously pulls and tests configuration data, making audits easier—and security stronger—especially for resource-strapped companies.

Categories:
  • » Small World Big Data
  • » Cybersecurity
  • » Cloud
  • » Cybersecurity » Compliance & GRC
Channels:
  • Mike Matchett: Small World Big Data
News:
Events:
Tags:
  • rsac2025
  • cybersecurity
  • matchett
  • secureframe
  • compliance
  • automation
  • continuous
  • monitoring
  • ai
  • remediation
  • audit
  • readiness
  • cloud
  • compliance
  • msp
  • solutions
Show more Show less

Browse videos

  • Related
  • Featured
  • By date
  • Most viewed
  • Top rated
  •  

              Video's comments: Secureframe: Compliance Without Crying

              Upcoming Webinar Calendar

              • 07/09/2026
                01:00 PM
                07/09/2026
                The HUMAN Experience: Empowering Agentic Trust in Practice
                https://www.truthinit.com/index.php/channel/2026/the-human-experience-empowering-agentic-trust-in-practice/
              • 07/14/2026
                01:00 PM
                07/14/2026
                Crafting an Elite Security Team to Achieve Championship-Level Defense
                https://www.truthinit.com/index.php/channel/2025/crafting-an-elite-security-team-to-achieve-championship-level-defense/
              • 07/14/2026
                02:00 PM
                07/14/2026
                Understanding the Crucial Role of Context in AI Data
                https://www.truthinit.com/index.php/channel/2037/understanding-the-crucial-role-of-context-in-ai-data/
              • 07/21/2026
                04:00 AM
                07/21/2026
                Strategies for Managing AI Governance and Securing App-to-LLM API Traffic
                https://www.truthinit.com/index.php/channel/1967/strategies-for-managing-ai-governance-and-securing-app-to-llm-api-traffic/
              • 07/21/2026
                01:00 PM
                07/21/2026
                HUMAN Dialogue: Insights from Attackers During the FIFA World Cup
                https://www.truthinit.com/index.php/channel/2029/human-dialogue-insights-from-attackers-during-the-fifa-world-cup/
              • 07/22/2026
                06:30 AM
                07/22/2026
                Insights and Strategies for Mastering the DPDP Framework
                https://www.truthinit.com/index.php/channel/2000/insights-and-strategies-for-mastering-the-dpdp-framework/
              • 07/28/2026
                01:00 PM
                07/28/2026
                Illumio + Netskope: Zero Trust in the Age of AI Autonomy
                https://www.truthinit.com/index.php/channel/2031/illumio-netskope-zero-trust-in-the-age-of-ai-autonomy/
              • 07/29/2026
                04:00 AM
                07/29/2026
                Real-Time Strategies for Safeguarding Against Prompt Injections
                https://www.truthinit.com/index.php/channel/1968/real-time-strategies-for-safeguarding-against-prompt-injections/
              • 08/19/2026
                12:00 PM
                08/19/2026
                Becoming Agent Ready: Insights from Cyera's Expertise
                https://www.truthinit.com/index.php/channel/2036/becoming-agent-ready-insights-from-cyeras-expertise/
              • 09/30/2026
                04:00 AM
                09/30/2026
                AI Command Center: Optimizing Visibility and Control in Your Operations
                https://www.truthinit.com/index.php/channel/2024/ai-command-center-optimizing-visibility-and-control-in-your-operations/

              Upcoming Events

              • Jul
                09

                The HUMAN Experience: Empowering Agentic Trust in Practice

                07/09/202601:00 PM ET
                • Jul
                  14

                  Crafting an Elite Security Team to Achieve Championship-Level Defense

                  07/14/202601:00 PM ET
                  • Jul
                    14

                    Understanding the Crucial Role of Context in AI Data

                    07/14/202602:00 PM ET
                    • Jul
                      21

                      Strategies for Managing AI Governance and Securing App-to-LLM API Traffic

                      07/21/202604:00 AM ET
                      • Jul
                        21

                        HUMAN Dialogue: Insights from Attackers During the FIFA World Cup

                        07/21/202601:00 PM ET
                        More events
                        Truth in IT
                        • Sponsor
                        • About Us
                        • Terms of Service
                        • Privacy Policy
                        • Contact Us
                        • Preference Management
                        Desktop version
                        Standard version