Appian Cloud is built from the ground up for security, scalability, and reliability, and meets multiple industry security standards for compliance and data privacy.
Qualys SSL Labs provides deep analysis of the security configuration of web servers on the Internet, specifically the SSL/TLS configuration. Appian Cloud’s web-tier is rated as an A+.
Continuous security monitoring for advanced threats
Security notifications
Performance and health
Platform response times
Uptime/availability
Compliance auditing
Defense-in-Depth Protection
Multiple layers of security which apply defense-in-depth security strategy to the global infrastructure.
Network intrusion detection system (IDS)
Host IDS
Web application firewall
Network layer firewalls
File integrity monitoring
Strict access controls between infrastructure tiers
Encryption & Data Isolation
Security of data in transit and at rest using strong encryption.
Transport Layer Security (TLS) for end-user connections
Disk encryption to secure data at rest
Customer data backups are encrypted
Secure connection channels with customer data sources
Each customer is allocated virtual server(s) and virtual drive(s) for application server, Appian application, and database use. These are never shared with other customers
Vulnerability Testing
Appian contracts an independent expert security firm to perform tests on Appian Cloud.
Vulnerability scanning
Internal penetration testing
External penetration testing
Isolation architecture exploitation
Customers are encouraged to perform their own vulnerability testing.
Personnel
Appian Cloud personnel are located in the United States, Canada, United Kingdom, Spain, Germany, Australia, Japan and India (expected in 2023).
Formal screening process that includes a required background check
Extensive cloud security training
Continuous training on operational practices
Security Incident Reporting
Appian takes security seriously. We encourage reporting security vulnerabilities and security incidents to Appian.
All submissions are investigated by the Security Incident Response Team
Appian takes appropriate action in the form of hotfixes, upgrades, or published mitigation information
Appian is the unified platform for change. We accelerate customers’ businesses by discovering, designing, and automating their most important processes. The Appian Low-Code Platform combines the key capabilities needed to get work done faster, Process Mining + Workflow + Automation, in a unified low-code platform. Appian is open, enterprise-grade, and trusted by industry leaders.