Secureframe Raises $4.5M to Automate SOC 2 and ISO 27001 Compliance

Share Article

Building Quickbooks for SOC 2 and ISO 27001, Secureframe secures investment from Base10 Partners and Gradient Ventures, Google’s AI-focused fund

Secureframe, the leading provider of SOC 2 and ISO 27001 compliance automation software, has raised a $4.5M seed round co-led by Base10 Partners and Gradient Ventures, Google’s AI-focused venture capital fund, with participation from BoxGroup, Village Global, Soma Capital, Liquid2, Chapter One, Worklife Ventures, and Backend Capital. Secureframe provides automated compliance audits and ongoing compliance monitoring, enabling companies globally to easily obtain and maintain SOC 2 and ISO 27001 certification. Secureframe will use this funding to execute on its long-term vision to provide automated solutions for companies to obtain and maintain compliance with all standards, including PCI and HIPAA.

Secureframe allows companies to become SOC 2 compliant within weeks, rather than months, with a comprehensive software platform that monitors 25+ services, including Amazon Web Services, Google Cloud, Microsoft Azure, Github, and JAMF. Obtaining SOC 2 compliance typically takes six to twelve months and requires companies to regularly revisit their systems to ensure compliance standards are continuously met. Regularly conducted audits to ensure security and compliance are table stakes for companies working with other businesses or any type of customer data. New legislation has increased business compliance costs and most companies lack the expertise or budget to ensure compliance with these new laws.

“Much of SOC 2 compliance is administrative manual work that is necessary but slows companies down,” said Shrav Mehta, co-founder and CEO of Secureframe. “In the same way that companies use Quickbooks to prepare their books, Secureframe is hoping to do the same with security and compliance standards, starting with SOC 2 and ISO 27001.”

Secureframe co-founders Shrav Mehta and Natasja Nielsen experienced these compliance inefficiencies most companies struggle with in previous roles. SOC 2 is now a global standard that every business is expected to meet and maintain at least annually, a time and capital intensive endeavor which is now within the grasp of every organization with Secureframe’s platform.

“With scale comes complexity. Every time a company adds a new employee, customer, or vendor, compliance overhead increases,” noted Natasja Nielsen, co-founder and CTO of Secureframe. “But being complicated doesn’t have to go hand-in-hand with being difficult. Secureframe is making SOC 2 and ISO 27001 compliance simple. Secureframe’s software guides companies to get compliant, complete audits, and monitor controls intelligently.”

Secureframe also announced that some of its initial customers — Stream, Hasura, and Benepass — saved hundreds of hours with Secureframe’s solution, unlocking growth and demonstrating a commitment to integrity and security.

“We believe it is our core responsibility to be fully transparent with how we operate. Completing our SOC 2 Type I audit was one of many steps we planned to provide next-level communication to our customers, and Secureframe helped us get compliant quickly and easily,” said Tommaso Barbugli, CTO and co-founder of Stream. “Secureframe was a pivotal partner so that Stream can continue to be at the forefront of protecting our customers' data.”

Secureframe went through the fundraising process right at the beginning of the COVID-19 lockdown, meeting investors from Base10 Partners and Gradient Ventures over video calls and signing a term sheet completely remotely. Base10’s investing thesis centers around identifying and pursuing companies that are on the cusp of inflecting trends. The fund’s identification of the SOC 2 and ISO 27001 trend in the security and compliance space attracted investors to Secureframe.

“Security remains top-of-mind for many companies, and we heard so many security leaders at the beginning of COVID declare that securely accessing data, running onboarding, and all those processes would be impossible with the move to remote work,” said TJ Nahigian, co-founder and Managing Partner at Base10 Partners. “Secureframe is building an elegant solution that companies can trust and get them the security they need, when they need it. We’re thrilled to be partnering with this team that’s disrupting the privacy software market.”

“Automated compliance is a multi-billion dollar market currently served by a mix of legal teams and outsourced security auditors,” said Darian Shirazi, General Partner at Gradient Ventures. “We’re excited to partner with Secureframe as they streamline the process for any company to obtain compliance standards necessary to grow their businesses and solidify trust with their customers.”

Potential customers can learn more at

About Secureframe
Secureframe is the platform for automated compliance. Secureframe enables organizations to obtain and maintain global compliance standards through product integrations with core services such as AWS, Google Cloud, Azure, Github, JAMF, and Okta. Secureframe continuously collects audit evidence, runs security awareness training, manages security questionnaires, and monitors infrastructure — all automatically. Get compliant the smart way at

About Base10 Partners
Base10 is a San Francisco-based early-stage venture firm investing in Automation for the Real Economy. Founded by Adeyemi Ajao and TJ Nahigian, the firm invests in technology companies that are bringing automation to sectors of the Real Economy, including industrial logistics, consumer logistics, restaurants, financial services, and sales & customer service. Portfolio companies include ThePillClub, Virtual Kitchen Company, Acquire, PopMenu, and others. Connect via

About Gradient Ventures
Gradient Ventures is Google’s AI-focused venture fund - investing in and connecting early-stage startups with resources, innovation, and technical leadership in artificial intelligence. The fund focuses on helping founders navigate the challenges in developing new technology products, using the latest best-practices in recruiting, marketing, design, and engineering so that great ideas can come to life. Gradient was founded in 2017 and is based in Palo Alto, California. For more information, visit

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Kelsey Cullen
+1 (415) 323-0132
Email >
since: 01/2020
Follow >
Like >
Visit website