What can we help you with?

Marketplace Security Program

 

Data Protection and Information Privacy are highly important concerns for us and for our customers. As such, we are proud to introduce our new Marketplace Security Program.

 

What is it?

In addition to the security checks that every app must pass in order to be public in our marketplace, we came up with the new and advanced Marketplace Security Program. The purpose of this program is to increase security awareness, improve security practices, and strengthen your confidence in our marketplace apps!

 

How does it work?

When a partner has successfully completed the Marketplace Security Program, they will be awarded a Security Badge. In order to pass the program's requirements and successfully receive the Security Badge, the marketplace partner must provide sufficient answers to our advanced security questionnaire.

 

The advanced security questionnaire includes:

 

The advanced security questionnaire includes:
  • Data Segregation
  • Advanced Security Patches
  • Security Breach Mechanism
  • CSRF Protection
  • XSS Encoding and Sanitization
  • Customer Data Protection
  • Multi-Factor Authentication (for internal employee access)
  • Prevention from storing secrets or PII
  • Protection against "Mass Parameter Assignment" attacks.
  • Redirection to secured and trusted destinations only

 

All answers will be carefully reviewed by monday.com Review & Security teams. After review, the Security Badge will only be granted to marketplace partners who meet our stringent requirements.

Disclaimer: While the partner's App may have obtained the Security Badge based on the marketplace partner's answers, monday.com does not make any representation or grant any warranty regarding the safety and/or reliability of the App and/or any interaction by you with the Marketplace Partner or their App.

 

FAQs

Q: If an app does not have the Security Badge, does that mean the app is not secured?

A: Not at all. In order to be public in monday.com Apps Marketplace, all apps must pass a series of security checks and an advanced automated security scan. The Marketplace Security Program is a more advanced initiative which aims to improve the apps' security efforts even more than before.

 

Q: What's the difference between the security measures that every app must comply with and the Marketplace Security Program measures?

A: While the security measures that every app must comply with are obligatory, the Marketplace Security Program is optional and indicates better and more advanced security handling.

 

Q: How can I know if the information that was provided by the developer is up-to-date?

A: monday.com's Review and Security teams will carefully validate every piece of information that was provided by the marketplace partner. Validation checks will take place once a year.

 

 

If you have any questions regarding the Marketplace Security Program or the Security Badge, please contact appsupport@monday.com.

Have more questions? Submit a request