Apromore has been named a Leader in the

2023 Gartner® Magic Quadrant™ for Process Mining Tools report

Read More Here


Security and Trust

Your data security is our priority.


Security is always at the core of our development. We strive to meet the highest standards while giving you the flexibility to choose between several options, to meet your corporate security requirements. Our key security features are listed below. If you require more information, please reach out.

Compliance with Industry Standards

We are continuously monitoring our compliance with industry standards. We are ISO 27001 certified and our security controls are in-line with SOC 2. We are compliant for the Security, Availability and Confidentiality trust criteria.


For SaaS deployments, we use Amazon Web Services (AWS). Your individual virtual instance is hosted close to you (Ireland for EMEA customers, Australia for APAC customers and Ohio for the Americas).

Data Encryption

All your data is encrypted in transit (HTTPS TLS 1.2 or above) and at rest (AES-256). Decryption of your data will never occur other than as a part of the automated on-the-fly decryption to provide access to Apromore to authorized users, or for troubleshooting purposes with your written consent.

Authentication & Access Control

We provide password-protected access with two-factor authentication and integration with your identity management system (Single Sign-On via SAML, OpenID Connect or LDAP). To reduce the risk of unauthorized access, we can also restrict access to a range of whitelisted IP addresses.

Deep Security

Access to Apromore is additionally secured by enforcing Web application firewall rules (AWS WAF) in a dedicated application load balancer. Industry-standard system hardening procedures include Network layer 7, 4 and 3 level security. In addition, AWS GuardDuty provides intelligent threat protection and continuous monitoring against malicious activity and intruders.

Monitoring & Auditing

User logins and operations are automatically logged for monitoring and auditing purposes.

Third-Party Penetration Testing

We perform external penetration tests via CREST-certified third parties at least once a year. Moreover, we do pre and post production internal penetration tests on a regular basis.


All virtual instances are backed up weekly to ensure your data is safe. Backups are automatically encrypted using industry standards and held for up to four weeks by Apromore’s storage systems. Seek more backups? No problem. Customized backups can be enabled at any time.

Data Deletion

If you wish to delete your data, you can do so at any time via Apromore’s Portal. In-line with our retention policy, regular backups are automatically deleted as an added protection.

Update Cycles

Patches and hotfixes are applied immediately via a continuous delivery pipeline. You will be informed of new versions, and authorize us to upgrade your instance on an agreed-upon timeframe. We use DNS remapping and backup validation to allow safe rollback. We take extra care to protect your information and minimize impact on business operations during upgrades.


Do you have a question?
Ask us.

Contact us

Our interactive demo shows how
Apromore can work for you.

Request a demo

Sign up for a free 30-day trial.
No strings attached.

Start free trial

Subscribe to our newsletter

By subscribing, I agree with Apromore Pty Ltd's Privacy Policy and Terms & Conditions.