Security by Design

Vigilance matched with experience

Security Foundation

AppDynamics SaaS is comprised of a diverse and cross-functional team that designs, builds, deploys, operates, and maintains tools, technologies, and processes that provide our customers with a strong foundational security platform. This mission is carried out in conjunction with Cisco, our parent company, and the largest cybersecurity vendor in the world.

 

Architectural and Technical Controls

Architectural and Technical Controls

The security function leverages an array of layered operational and architectural controls designed to further secure our customer environments.

Continuous Monitoring

Continuous Monitoring

Our security operations team is responsible for continuously monitoring the day-to-day security of the SaaS solution. From endpoints to networks, cross-functional teams are continuously observing the operational environments for anomalous events, behaviors, and malware. As threats emerge, the focus shifts to investigating suspicious alerts, events, and incidents. We are vigilant about keeping your data and systems secure.

Incident Response

Incident Response

Our security operations team acts quickly to remediate issues if and when they are detected, while keeping customer resiliency top of mind.

Secure Development Lifecycle

Secure Development Lifecycle

We have established a secure-by-design approach by working closely with our developers, product managers, and operations engineers early on to embed security and privacy into software development processes. From threat modeling to secure design reviews, we assist and empower development and operations teams to hone their security skills. By providing the tools, education, and metrics we quickly derive a common understanding of what needs to be done along the way to continuously drive and scale security into the design fabric.

Security Automation

Security Automation

We follow a “DevSecOps” model that enables us to develop security automation that scales directly alongside our deployment methods so that we can ensure security standardization and architectural strength at scale.

Vulnerability Management

Vulnerability Management

Our vulnerability management process seeks to continuously identify and remediate vulnerabilities in our infrastructure and our software. This is accomplished through regular inspection of our code and monitoring of our infrastructure for vulnerabilities using a variety of automated and manual methods to keep abreast of any changing conditions.

Testing and Verification

Testing and Verification

Dedicated team members evaluate our security capabilities on an ongoing basis, conducting in-depth reviews of AppDynamics SaaS service components. Their job is to ensure the correct people, processes, and technical controls are in place and are working to protect the privacy and security of customer data.

Security Features

The AppDynamics SaaS solution is shielded by a wide-range of security features and safeguards. Some of those features are native to the software itself and can be controlled by customers, while others are part of the operational and technical security fabric used to maintain visibility and control of the environment.

Authentication and Access Controls

Authentication and Access Controls

We offer native standards-based integration with identity providers, and role-based access controls that allow our customers to restrict access to specific software features, data, analytics queries, and APIs.

Encryption

Encryption

AppDynamics ensures the confidentiality and integrity of data for our SaaS environment while it is en route to our platform or stored there. For encryption of data in transit, all AppDynamics endpoints support TLS and AppDynamics encrypts all inter-tier communication over public and non-AppDynamics controlled networks. For encryption of data at rest, AppDynamics SaaS encrypts all customer-identifiable and personally-identifiable data, including backups. AppDynamics leverages AES 256 for encryption of customer-identifiable and personally-identifiable data at rest.

Data Protection Controls

Data Protection Controls

Customers can configure AppDynamics SaaS to protect data in the software. You can set the environment to filter data, enable data suppression, toggle data collectors, and mask data in log files.

Privacy Reminders

Privacy Reminders

To help customers comply with regulatory requirements, we provide data privacy policy reminders in the form of a customizable UI dialogue that appears in all areas where you can configure data collection.

Logging and Audit Controls

Logging and Audit Controls

For customers who wish to audit SaaS environmental activities, audit log data for user behavior and configuration changes is retained and made available. It is also accessible by API.

 

Report a Security Issue Here

AppDynamics is committed to providing strong levels of security assurance for our customers, our partners, and our community. While we continually work hard to prevent and remove vulnerabilities from our software, there always remains the possibility of their existence. If you believe you have discovered a vulnerability in one of AppDynamics’ products, services, websites or other infrastructure, or to report a suspected abuse issue, please contact security@appdynamics.com.

Upon receipt of your inquiry, our security team will triage and respond to your request. We ask for your cooperation on any disclosure surrounding the issue and working responsibly with us toward a common goal of protecting our customers.

We encourage using the AppDynamics Security team’s PGP/GPG key to encrypt communication.

Explore the Trust Center

Resilient Operations

Reliable, available, scalable, and performant

Security by Design

Vigilance matched with experience 

Compliance and Privacy Assurance

Stewards of your data

See your applications like never before