ApprovalMax Security 3rd Party Test — Done!

The security of our users and their data is of the utmost importance to ApprovalMax.

That’s why we are incredibly proactive when it comes to weeding out any potential security flaws or vulnerabilities with our own platform.

All parts of the solution – including the workflow engine, the web application you see in your browser, the connection to the accounting software (be it Xero or QuickBooks), and the mobile applications – are developed according to the latest security best practices.

To that end, we recently worked with renowned application security firm Cigital to run an independent test to make sure our security measures were as robust as possible.

Cigital put ApprovalMax through its paces with some rigorous penetration testing. Read on to find out what that means.

What was this test all about?

A penetration test – or ‘pen test’ – is designed to eliminate vulnerabilities in server-side applications and APIs (application programming interfaces).

It is essentially a deliberate attack on a computer system so as to pinpoint any and all security weaknesses that may lead to the system’s features and data becoming compromised.

The test can help determine whether a system is vulnerable to attack, if its defenses are sufficient, and which defenses (if any) the test defeated.

When Cigital got to work pen testing ApprovalMax, they sought to replicate the steps taken by a potential threat agent in an attempt to flag any vulnerabilities present within our system.

Their goal was to demonstrate the impact of these issues, and provide clear guidance as to how we could fix them.

Following the tests carried out by Cigital, we promptly introduced a number of new and enhanced security measures designed to safeguard our customers’ sensitive data and keep fraudsters at bay.

All in all, we now have 3rd party proof that ApprovalMax matches the highest industrial security standards.

And we will continue to work with companies such as Cigital to improve our security measures. We want to make sure our users feel confident each and every single time they log in, and can focus on the task at hand.

Your Data’s Secure with ApprovalMax

As a financial workflow platform, it goes without saying that your sensitive data must be kept secure.

So, in order to safeguard your data, we rely on the enterprise-class platform Microsoft Azure (which itself matches the highest industrial security standards). The data is stored in a datacentre in Dublin, Ireland, and is secured under strong European privacy and data security regulations.

To learn more about our data storage and safety, please refer to our Privacy Policy.

If you’d like to find out more about ApprovalMax and its features, click here. And if you’d like to give it a go, sign up for your no-risk 30 day free trial here.

Do you have questions? Email us at

Find us on Facebook and Twitter.
Read our knowledge base on Uservoice.


ApprovalMax Team