Continuous security monitoring for advanced threats
Performance and health
Platform response times
Multiple layers of security which apply defense-in-depth security strategy to the global infrastructure.
Network intrusion detection system (IDS)
Web application firewall
Network layer firewalls
File integrity monitoring
Strict access controls between infrastructure tiers
Encryption & Data Isolation
Security of data in transit and at rest using strong encryption.
Transport Layer Security (TLS) for end-user connections
Disk encryption to secure data at rest
Customer data backups are encrypted
Secure connection channels with customer data sources
Each customer is allocated virtual server(s) and virtual drive(s) for application server, Appian application, and database use. These are never shared with other customers
Appian contracts an independent expert security firm to perform tests on Appian Cloud.
Internal penetration testing
External penetration testing
Isolation architecture exploitation
Customers are encouraged to perform their own vulnerability testing.
Appian Cloud personnel are located alongside our services and engineering staff in the USA, Australia, and the United Kingdom.
Formal screening process that includes a required background check
Extensive cloud security training
Continuous training on operational practices
Security Incident Reporting
Appian takes security seriously. We encourage reporting security vulnerabilities and security incidents to Appian.
All submissions are investigated by the Security Incident Response Team
Appian takes appropriate action in the form of hotfixes, upgrades, or published mitigation information
Appian notifies affected customers
Appian helps organizations build apps and workflows rapidly, with a low-code automation platform. Combining people, technologies, and data in a single workflow, Appian can help companies maximize their resources and improve business results. Many of the world’s largest organizations use Appian applications to improve customer experience, achieve operational excellence, and simplify global risk management and compliance.