Security Foundation

AppDynamics SaaS is comprised of a diverse and cross-functional team that designs, builds, deploys, operates, and maintains tools, technologies, and processes that provide our customers with a strong foundational security platform. This mission is carried out in conjunction with Cisco, our parent company, and the largest cybersecurity vendor in the world.

The security function leverages an array of layered operational and architectural controls designed to further secure our customer environments.

Our security operations team is responsible for continuously monitoring the day-to-day security of the SaaS solution. From endpoints to networks, cross-functional teams are continuously observing the operational environments for anomalous events, behaviors, and malware. As threats emerge, the focus shifts to investigating suspicious alerts, events, and incidents. We are vigilant about keeping your data and systems secure.

Our security operations team acts quickly to remediate issues if and when they are detected, while keeping customer resiliency top of mind.

We have established a secure-by-design approach by working closely with our developers, product managers, and operations engineers early on to embed security and privacy into software development processes. From threat modeling to secure design reviews, we assist and empower development and operations teams to hone their security skills. By providing the tools, education, and metrics we quickly derive a common understanding of what needs to be done along the way to continuously drive and scale security into the design fabric.

We follow a “DevSecOps” model that enables us to develop security automation that scales directly alongside our deployment methods so that we can ensure security standardization and architectural strength at scale.

Our vulnerability management process seeks to continuously identify and remediate vulnerabilities in our infrastructure and our software. This is accomplished through regular inspection of our code and monitoring of our infrastructure for vulnerabilities using a variety of automated and manual methods to keep abreast of any changing conditions.

Dedicated team members evaluate our security capabilities on an ongoing basis, conducting in-depth reviews of AppDynamics SaaS service components. Their job is to ensure the correct people, processes, and technical controls are in place and are working to protect the privacy and security of customer data.

Security Features

The AppDynamics SaaS solution is shielded by a wide-range of security features and safeguards. Some of those features are native to the software itself and can be controlled by customers, while others are part of the operational and technical security fabric used to maintain visibility and control of the environment.

We offer native standards-based integration with identity providers, and role-based access controls that allow our customers to restrict access to specific software features, data, analytics queries, and APIs.

AppDynamics ensures the confidentiality and integrity of data for our SaaS environment while it is en route to our platform or stored there. For encryption of data in transit, all AppDynamics endpoints support TLS and AppDynamics encrypts all inter-tier communication over public and non-AppDynamics controlled networks. For encryption of data at rest, AppDynamics SaaS encrypts all customer-identifiable and personally-identifiable data, including backups. AppDynamics leverages AES 256 for encryption of customer-identifiable and personally-identifiable data at rest.

Customers can configure AppDynamics SaaS to protect data in the software. You can set the environment to filter data, enable data suppression, toggle data collectors, and mask data in log files.

To help customers comply with regulatory requirements, we provide data privacy policy reminders in the form of a customizable UI dialogue that appears in all areas where you can configure data collection.

For customers who wish to audit SaaS environmental activities, audit log data for user behavior and configuration changes is retained and made available. It is also accessible by API.

Report a Security Issue Here

AppDynamics is committed to providing strong levels of security assurance for our customers, our partners, and our community. While we continually work hard to prevent and remove vulnerabilities from our software, there always remains the possibility of their existence. If you believe you have discovered a vulnerability in one of AppDynamics’ products, services, websites or other infrastructure, or to report a suspected abuse issue, please contact security@appdynamics.com.

Upon receipt of your inquiry, our security team will triage and respond to your request. We ask for your cooperation on any disclosure surrounding the issue and working responsibly with us toward a common goal of protecting our customers.

We encourage using the AppDynamics Security team’s PGP/GPG key to encrypt communication.

Explore the Trust Center

See your applications like never before