Trust Center

Start your security review

View & download sensitive information

Overview

Welcome to Aptos's Trust Center. Our commitment to data privacy and security is embedded in every part of our business. Use this Trust Center to learn about our security posture and request access to our security documentation.

Compliance

PCI DSS v4.0.1

SOC 1

SOC 2 Type 2

Documents

COMPLIANCEPCI DSS v4.0.1

COMPLIANCESOC 1

COMPLIANCESOC 2 Type 2

Access Control

Access is tightly monitored and controlled at our company. Strong authentication measures are enforced, and access rights are reviewed regularly and revoked promptly when no longer required.

App Security

We take application security seriously and are putting together a program to monitor internal apps.

Asset Management

We have strict asset management policies in place to ensure that all assets are accounted for and secure.

BC/DR

We have a business continuity plan in place to ensure that we can continue to operate in the event of a disaster.

Change Management

We have a change and configuration management process in place to ensure that changes are properly reviewed and approved.

Continuous Monitoring

We continuously monitor our systems for security threats and vulnerabilities. Monitoring activities are regularly reviewed to ensure the ongoing effectiveness of security controls and timely response to emerging risks.

Corporate Security

We implement internal measures and practices to maintain a high standard of security.

Data Privacy

Privacy of customer data is top of mind. We follow industry best practices and follow all applicable privacy regulations.

Data Security

Customer data is protected through layered safeguards within hosted environment to ensure confidentiality, integrity, and availability.

Endpoint Security

We follow industry best practices for endpoint security. All devices accessing company systems are centrally managed and required to meet defined security standards.

ESG

We prioritize and take environmental, social, and governance (ESG) considerations seriously in our operations and decision-making processes.

Incident Response

We maintain a documented incident response process with defined roles, escalation paths, and communication procedures.

Infrastructure

Our infrastructure is designed with layered safeguards to prevent unauthorized access and ensure system reliability. It is continuously monitored and regularly reviewed to maintain the protection and availability of customer data.

Legal

We take legal matters seriously and we always engage our legal counsel to review all commercial activities. Please contact us if you have any questions.

Network Security

We protect our corporate network against external & internal threats.

Policies

We maintain a comprehensive Information Security Program aligned with SOC 2 and PCI DSS requirements.

Product Security

Security is embedded into our product design, development, and operations. Strong access controls and controlled release processes protect customer data and ensure system integrity and availability.

Reports

Independent third-party audits validate the effectiveness of our security controls and compliance with recognized industry standards, including SOC 2 and PCI DSS.

Risk Management

We operate a formal risk management program to systematically identify, assess and mitigate security and compliance risks.

Self-Assessments

We perform regular internal security and compliance assessments to evaluate the effectiveness of our controls, identify gaps, and drive continuous improvement across our environment.

Training

We provide security awareness training to all employees to ensure that they are aware of security best practices.

If you need help using this Trust Center, please contact us.

Contact support