Appian Protect: Security monitoring, end-to-end encryption, and more

Appian Protect provides security and monitoring to protect sensitive and regulated data across healthcare, financial services, government, and more.

Ready to talk? Contact us

Appian Protect meets the strictest security standards:

A+ in Security

Qualys SSL Labs

Qualys SSL Labs provides deep analysis of the security configuration of web servers on the Internet, specifically the SSL/TLS configuration. Appian Cloud’s web-tier is rated as an A+.

See how Qualys SSL Labs grades us right now

Compliance and certifications

SOC 2 Type II
SOC 3
PCI DSS
HIPAA
FDA 21 CFR Part 11
DoD Impact Levels 4 and 5 in US Federal
FedRAMP
StateRAMP
HITRUST
Canada Protected B
UK Cyber Essentials Plus
Spain’s National Security Framework (ENS)
NIST

View the full list

Strong security out of the box for all users

Distributed denial-of-service (DDoS) protection
Data loss prevention (DLP)
Incident response
24/7/365 monitoring with security orchestration, automation, and response (SOAR), built as an Appian app
Real-time intrusion detection and monitoring
Comprehensive antivirus scans
Enterprise-ready authentication and authorization with single sign-on (SSO)
Integration authentication
Inbound API authentication
Encrypt sensitive data fields in user interfaces
Row-level data fabric security with user access preview

View full list of security features

Advanced security features aligned to premium tiers

Custom TLS policies
Trusted IP allow lists
AWS PrivateLink (inbound and outbound)
Multiple private connectivity options including VPN (inbound and outbound, dynamic and fault tolerant)
Bring your own key (BYOK)
Database encryption
Log streaming
Enhanced business continuity
Dedicated virtual private cloud (VPC)
Annual customer audit
Site data audit requests
Annual security questionnaire

View full list of security features

Encryption and data isolation

Transport Layer Security (TLS) for end-user connections
Disk encryption to secure data at rest
Customer data backups are encrypted
Secure connection channels with customer data sources
Each customer is allocated a virtual server(s) and virtual drive(s) for application server, Appian application, and database use—and these are never shared with other customers

Continuous monitoring

Monitoring for advanced threats using our proprietary SOAR platform (built on Appian)
Security notifications
Performance and health
Platform response times
Uptime/availability
Compliance auditing

Security controls aligned to leading frameworks

Access controls and authentication
Audit and accountability
Contingency planning
Incident response
Personnel and physical security
Risk assessment
System acquisition and integrity
Systems communication protection

Appian’s tenancy and data storage protocol

Local geography hosting
Data segmentation
Application segmentation
Data replication within the same region
Tenant instance isolation
Regulatory compliance

Defense-in-depth protection

Network intrusion detection system (IDS)
Host IDS
Web application firewall
Network layer firewalls
File integrity monitoring
Strict access controls between infrastructure tiers

Third-party vulnerability testing and security reviews

Vulnerability scanning
Internal penetration testing
External penetration testing
Isolation architecture exploitation
Customers are encouraged to perform their own vulnerability testing.

Personnel policies for globally distributed teams

Appian Cloud personnel located in the United States, Canada, United Kingdom, Spain, Germany Italy, Australia, Japan, and India (expected 2023)
Formal screening process that includes a required background check
Extensive cloud security training
Continuous training on operational practices

Security incident reporting

All submissions are investigated by the Security Incident Response Team
Appian takes appropriate action in the form of hotfixes, upgrades, or published mitigation information
Appian notifies affected customers

Report a Vulnerability

Report an Incident

Appian Protect offers one basic tier for all customers and three premium support tiers for advanced security:

Appian Protect
Feature	Basic	Essential	Advanced	Enterprise
World-class platform security monitoring and response by the Appian security team using Appian's proprietary security orchestration, automation, and response (SOAR) solution	✅	✅	✅	✅
Data loss prevention (DLP)	✅	✅	✅	✅
Real-time intrusion detection monitoring and response for the Appian Platform	✅	✅	✅	✅
Comprehensive antivirus scanning	✅	✅	✅	✅
Enterprise-ready authentication and authorization with SSO (built-in or connect to your LDAP, SAML, OpenID Connect, Login.gov, PIEE)^†	✅	✅	✅	✅
Integration authentication (OAuth 2.0, Google Service Account authentication, AWS Signature v4 authentication)^†	✅	✅	✅	✅
Inbound web API authentication (API keys, OAuth 2.0)^†	✅	✅	✅	✅
Encrypt sensitive data fields in user interfaces^†	✅	✅	✅	✅
Row-level data fabric security with user access preview^†	✅	✅	✅	✅
VPN (inbound and outbound, dynamic and fault-tolerant)		✅	✅	✅
AWS PrivateLink (inbound and outbound)		✅	✅	✅
Trusted IPs		✅	✅	✅
Custom TLS policies		✅	✅	✅
Bring your own key (AWS HSM or AWS KMS)			✅	✅
Appian Cloud database encryption with AWS KMS			✅	✅
Log streaming			✅	✅
Enhanced business continuity			✅	✅
Dedicated VPC				✅
Annual customer audit				✅
Site data audit requests				✅
Annual security questionnaire				✅

†Available to both Appian Cloud and self-managed customers.

Report an issue.

We work hard to maintain the highest levels of security. Help us continue to provide premium security by reporting any security concerns you might have. We investigate every report.