Ability to re-push the Secfix Security Training to users who already completed them
The reason is that if you have a security incident, it is useful (and good proof for the auditor) to reinforce people to do the training again, for a refresh of information. Admins should be able to request that employees complete the training again.
Anita Luca 13 days ago
Feature Request
Ability to re-push the Secfix Security Training to users who already completed them
The reason is that if you have a security incident, it is useful (and good proof for the auditor) to reinforce people to do the training again, for a refresh of information. Admins should be able to request that employees complete the training again.
Anita Luca 13 days ago
Feature Request
Complete
Trust collaborator role
A Trust Center collaborator needs access only to the Trust Center dashboard to review, approve, or reject access requests. Typically, a trust center collaborator doesn’t have any other responsibilities in Secfix beyond handling Trust Center requests.
Jakub Wanat About 1 month ago
Feature Request
Complete
Trust collaborator role
A Trust Center collaborator needs access only to the Trust Center dashboard to review, approve, or reject access requests. Typically, a trust center collaborator doesn’t have any other responsibilities in Secfix beyond handling Trust Center requests.
Jakub Wanat About 1 month ago
Feature Request
Provide secure development trainings
Some of our customers and prospects are increasingly asking whether our engineers have completed secure coding training. This topic is becoming more relevant for companies, especially in the context of security frameworks and customer security requirements. To help address these requests, it would be very valuable if Secfix could provide a secure coding training directly within the Secfix platform. Ideally, this training would be targeted at developers and aligned with relevant security best practices and frameworks (e.g., ISO 27002). Having such training available in the platform would help us demonstrate that our engineers are trained in secure development practices and make it easier to meet security expectations from customers and prospects.
Andreas Offermann 16 days ago
Feature Request
Provide secure development trainings
Some of our customers and prospects are increasingly asking whether our engineers have completed secure coding training. This topic is becoming more relevant for companies, especially in the context of security frameworks and customer security requirements. To help address these requests, it would be very valuable if Secfix could provide a secure coding training directly within the Secfix platform. Ideally, this training would be targeted at developers and aligned with relevant security best practices and frameworks (e.g., ISO 27002). Having such training available in the platform would help us demonstrate that our engineers are trained in secure development practices and make it easier to meet security expectations from customers and prospects.
Andreas Offermann 16 days ago
Feature Request
Complete
Ability to undo "mark as not a person" action on employees page
I think if we (an admin) mark someone as "not a person", there should be an option to also "unmark" them. It can be done by mistake, or for testing, and it needs to be reversible.
Anita Luca 13 days ago
Feature Request
Complete
Ability to undo "mark as not a person" action on employees page
I think if we (an admin) mark someone as "not a person", there should be an option to also "unmark" them. It can be done by mistake, or for testing, and it needs to be reversible.
Anita Luca 13 days ago
Feature Request
Export functionality for Access Review data
Context / problem: Currently, we cannot export the access review data (list of users & permissions) from the platform. This creates friction especially for larger customers like us. Customer impact: Manually copying the data into the access review template is time-consuming and error-prone. Proposed solution: Introduce an export functionality (e.g. CSV/Excel) for access review data directly from the Access section.
Frank Tiex About 4 hours ago
Feature Request
Export functionality for Access Review data
Context / problem: Currently, we cannot export the access review data (list of users & permissions) from the platform. This creates friction especially for larger customers like us. Customer impact: Manually copying the data into the access review template is time-consuming and error-prone. Proposed solution: Introduce an export functionality (e.g. CSV/Excel) for access review data directly from the Access section.
Frank Tiex About 4 hours ago
Feature Request
Ability to re-push the Secfix Policies to users who already accepted them
The reason is that if you have a security incident, it is useful (and good proof for the auditor) to reinforce people to read the policy again, for a refresh of information. Admins should be able to request that employees accept the policy again.
Lilian Xalter 2 days ago
Feature Request
Ability to re-push the Secfix Policies to users who already accepted them
The reason is that if you have a security incident, it is useful (and good proof for the auditor) to reinforce people to read the policy again, for a refresh of information. Admins should be able to request that employees accept the policy again.
Lilian Xalter 2 days ago
Feature Request
Add a location/ entity category to Inventory
Context: We needed to add our locations/entities to the Secfix Platform. Currently, this is only possible by creating them under “Custom Assets.” Problem: Locations/entities are conceptually different from other assets, but they are currently mixed within the Custom Assets section, which makes management and visibility less clear. Requirement: Introduce a dedicated section in the Inventory for Locations/Entities, separate from Custom Assets. Expected Benefit: Clearer structure and separation of asset types Improved usability and navigation Better alignment with real-world organizational structures
Martin Trachsel 6 days ago
Feature Request
Add a location/ entity category to Inventory
Context: We needed to add our locations/entities to the Secfix Platform. Currently, this is only possible by creating them under “Custom Assets.” Problem: Locations/entities are conceptually different from other assets, but they are currently mixed within the Custom Assets section, which makes management and visibility less clear. Requirement: Introduce a dedicated section in the Inventory for Locations/Entities, separate from Custom Assets. Expected Benefit: Clearer structure and separation of asset types Improved usability and navigation Better alignment with real-world organizational structures
Martin Trachsel 6 days ago
Feature Request
Manual Evidences: Manual Status Change & "Work in Progress"
When adding files to a manual evidence, the status is automatically set to “Completed” although in some cases, not all documents or links were added yet. Therefore it would be helpful to be able to change back the status manually and also to have a third status “Work in Progress” to mark this and not to loose overview.
Frank Tiex 22 days ago
Manual evidence
Feature Request
Manual Evidences: Manual Status Change & "Work in Progress"
When adding files to a manual evidence, the status is automatically set to “Completed” although in some cases, not all documents or links were added yet. Therefore it would be helpful to be able to change back the status manually and also to have a third status “Work in Progress” to mark this and not to loose overview.
Frank Tiex 22 days ago
Manual evidence
Feature Request
In Progress
Option to sort the Vendors list by "Data stored"
This could be helpful to find all PII-related software quickly.
Frank Tiex 10 days ago
Feature Request
In Progress
Option to sort the Vendors list by "Data stored"
This could be helpful to find all PII-related software quickly.
Frank Tiex 10 days ago
Feature Request
Filter Computers by Installed Apps
It would be very helpful to identify the computers having installed a given app with a filter.
Frank Tiex 13 days ago
Computers
Feature Request
Filter Computers by Installed Apps
It would be very helpful to identify the computers having installed a given app with a filter.
Frank Tiex 13 days ago
Computers
Feature Request
Complete
Show Owner Info on mouseover
it would be helpful, if on the Vendors and Inventory page the owner info is shown already when moving the mouse over the bubble, as it is already implemented for the risk register. Today you need to click on the bubble and then the name is partially covered by the edit dialog.
Frank Tiex 13 days ago
Inventory
Feature Request
Complete
Show Owner Info on mouseover
it would be helpful, if on the Vendors and Inventory page the owner info is shown already when moving the mouse over the bubble, as it is already implemented for the risk register. Today you need to click on the bubble and then the name is partially covered by the edit dialog.
Frank Tiex 13 days ago
Inventory
Feature Request
Under Review
Frameworks export needs Owner + Due Date (CSV/Excel) or Customizable fields to export
Right now, when we export the frameworks report, we only see the control details and status. We can’t see who owns the control or when it’s due. Since people tend to ignore email reminders, we often have to follow up manually — and without that information in the export, it’s hard to get a clean overview of what needs attention and who to chase. It would be great if you could extend the current export to include additional columns for Owner and Due date / Expiry date, so we can easily filter and manage follow-ups in Excel - even comments. Please update the frameworks export (CSV/Excel) to include at least: Control ID, Control Title, Status, Owner, and Due Date/Expiry Date. This would make weekly follow-ups and audit prep much easier for us. Or even better, to have the export customizable to whichever fields you need.
Yevheniia Hovorova About 1 month ago
Frameworks page
Feature Request
Under Review
Frameworks export needs Owner + Due Date (CSV/Excel) or Customizable fields to export
Right now, when we export the frameworks report, we only see the control details and status. We can’t see who owns the control or when it’s due. Since people tend to ignore email reminders, we often have to follow up manually — and without that information in the export, it’s hard to get a clean overview of what needs attention and who to chase. It would be great if you could extend the current export to include additional columns for Owner and Due date / Expiry date, so we can easily filter and manage follow-ups in Excel - even comments. Please update the frameworks export (CSV/Excel) to include at least: Control ID, Control Title, Status, Owner, and Due Date/Expiry Date. This would make weekly follow-ups and audit prep much easier for us. Or even better, to have the export customizable to whichever fields you need.
Yevheniia Hovorova About 1 month ago
Frameworks page
Feature Request
Under Review
Allow vendors to be reviewed without selecting an authentication method
Currently in the Vendors review flow, selecting a login/authentication method is mandatory to mark a vendor as Reviewed. However, not all vendors provide software or platforms that require authentication. Context Some vendors (e.g. law firms or consultants) do not offer any system requiring a login. In these cases, we are forced to select an incorrect authentication method just to complete the review. Proposed solution Add a “No authentication required / Not applicable” option that allows vendors to be marked as Reviewed without selecting a login method.
Frank Tiex About 2 months ago
Vendor management
Feature Request
Under Review
Allow vendors to be reviewed without selecting an authentication method
Currently in the Vendors review flow, selecting a login/authentication method is mandatory to mark a vendor as Reviewed. However, not all vendors provide software or platforms that require authentication. Context Some vendors (e.g. law firms or consultants) do not offer any system requiring a login. In these cases, we are forced to select an incorrect authentication method just to complete the review. Proposed solution Add a “No authentication required / Not applicable” option that allows vendors to be marked as Reviewed without selecting a login method.
Frank Tiex About 2 months ago
Vendor management
Feature Request
No notifications for self-triggered events
For example, if you assign a manual verification to yourself, you will subsequently receive an email stating that you have assigned this manual verification to yourself. It would be good if you only received notifications when the activity was performed by someone else.
Bernhard Krämer 16 days ago
Low Priority
Feature Request
No notifications for self-triggered events
For example, if you assign a manual verification to yourself, you will subsequently receive an email stating that you have assigned this manual verification to yourself. It would be good if you only received notifications when the activity was performed by someone else.
Bernhard Krämer 16 days ago
Low Priority
Feature Request
Complete
Ability to see all accounts that an employee has signed up for
I recently switched from another tool to Secfix, so I'm looking for a feature they offer, and I wish I had a screenshot to show you. Somehow, they are able to list all of the SaaS accounts that an email in our domain has signed up for. For example, instead of just Google, I know that x person has access to ChatGPT, Cursor, Atlassian, Docker, Microsoft, Notion, Zoom, Figma, etc., etc. I want to access this information for every employee instantly. It is very helpful for access reviews as required for SOC2 compliance.
Rich Bard 21 days ago
Feature Request
Complete
Ability to see all accounts that an employee has signed up for
I recently switched from another tool to Secfix, so I'm looking for a feature they offer, and I wish I had a screenshot to show you. Somehow, they are able to list all of the SaaS accounts that an email in our domain has signed up for. For example, instead of just Google, I know that x person has access to ChatGPT, Cursor, Atlassian, Docker, Microsoft, Notion, Zoom, Figma, etc., etc. I want to access this information for every employee instantly. It is very helpful for access reviews as required for SOC2 compliance.
Rich Bard 21 days ago
Feature Request
Open
In-app Notifications Tab
After receiving an email with tasks assigned to them(via manual tasks), the user would like to log into Secfix and see their specific tasks to do in one view - in a Notifications tab.
Elisabeth Fockel - LANOS 2 months ago
Feature Request
Open
In-app Notifications Tab
After receiving an email with tasks assigned to them(via manual tasks), the user would like to log into Secfix and see their specific tasks to do in one view - in a Notifications tab.
Elisabeth Fockel - LANOS 2 months ago
Feature Request
In-app quarterly reminders for access reviews and ability to attach proof
Today I have to create a calendar for my planned access reviews for example, so it is a simple list with actions and dates, that remind me to do it. I added this in Asana, but this might be interesting to be added in Secfix, giving me a reminder every quarter to do the review and providing the proof too.
Bart Slaets 24 days ago
Feature Request
In-app quarterly reminders for access reviews and ability to attach proof
Today I have to create a calendar for my planned access reviews for example, so it is a simple list with actions and dates, that remind me to do it. I added this in Asana, but this might be interesting to be added in Secfix, giving me a reminder every quarter to do the review and providing the proof too.
Bart Slaets 24 days ago
Feature Request