Appian Knowledge Base

KB-2385 Plugin Review & Security Scanning FAQ

Ryan Good — Wed, 27 May 2026 18:11:29 GMT

Current Revision posted to Appian Knowledge Base by Ryan Good on 5/27/2026 6:11:29 PM

All plugins submitted to Appian for use on Appian Cloud require review and approval. This article aims to answer common questions about the plugin review process.

For more information on plugin and AppMarket policies, refer to the AppMarket Submission Policies documentation and the AppMarket Submissions Agreement.

Table of Contents:

How are plugin security reviews performed?
What specific tooling is used?
How often are reviews performed?
What happens to plugins that are flagged by security scans?
Can Appian provide the scan results?
What happens to plugins that are flagged by security scans?
How long do I have to remediate a finding in my plugin?
My plugin submission was previously approved. Why is my latest update not approved?
I need to use my plugin on Appian Cloud ASAP. Can I bypass security review temporarily?

How are plugin security reviews performed?

Security scanning is first performed during all submissions of new and updated plugins to Appian. Subsequent reviews are also performed on a routine basis after initial approval.
Scans such as Static Application Security Testing (SAST), Software composition analysis (SCA), and other security related checks are in place.

What specific tooling is used?

Appian utilizes custom tooling, open source software, and commercial off the shelf software to perform the automated security scanning.
Appian does not publish the specific software used to review plugins.

How often are reviews performed?

Reviews are always performed upon plugin submission. Post-approval, additional security reviews are performed regularly.
Appian reserves the right to perform security reviews at any time.

Do security reviews apply to private plugins?

Yes. As stated in the AppMarket Submission Policies, All plug-ins, whether intended for public use on the AppMarket or private use within an organization, must receive approval before deployment.

Can Appian provide the scan results?

Appian does not publish or share the results of security scans.
Plugin authors are notified directly when one of their submissions is flagged by a security scan.

What happens to plugins that are flagged by security scans?

Plugin authors are notified directly when one of their submissions is flagged by a security scan.
Plugins which are not updated may be removed from the AppMarket. Appian reserves the right to reject or stop hosting plug-ins at any time.

How long do I have to remediate a finding in my plugin?

Appian will provide a timeline for remediation when notifying you of a finding.
Appian reserves the right to modify plug-in remediation timelines at any time.

My plugin submission was previously approved. Why is my latest update not approved?

Every submitted version of a plugin is reviewed in full.
Approval of a plugin does not guarantee approval of subsequent versions.
Appian reserves the right to modify plugin security policies at any time.

I need to use my plugin on Appian Cloud ASAP. Can I bypass security review temporarily?

Plugin submissions cannot bypass security review; only fully approved submissions can be deployed on Appian Cloud.
If a plug-in requires expedited review, please include that context and justification in the submission.
If you subscribe to a Signature Appian Success Plan, let your Lead Engineer know of your urgent request.

Affected Versions

This article applies to all versions of Appian.

Last Reviewed: May 2026

Tags: FAQ, plugins

KB-2384 Appian's Response to AI-Accelerated Threats (Mythos, Daybreak, MDASH)

Kaushal Patel — Wed, 27 May 2026 16:49:21 GMT

Current Revision posted to Appian Knowledge Base by Kaushal Patel on 5/27/2026 4:49:21 PM

Executive Summary

Appian understands the concerns surrounding new, highly capable frontier models, such as Anthropic’s Claude Mythos Preview, and their potential to accelerate the discovery and exploitation of software vulnerabilities. Our position is that the core principles of robust cloud security continue to generate the most effective defense. Appian's security posture, built upon secure-by-design architecture, strict operational rigor, and deep partnership with Amazon Web Services (AWS), Chainguard, and others is actively managed to mitigate the risks introduced by AI-accelerated threats, ensuring the continued security and compliance of customer environments.

What is Mythos?

Claude Mythos Preview is a new large language model developed by Anthropic. It has demonstrated advanced capabilities in computer security tasks, particularly in identifying, analyzing, and potentially exploiting vulnerabilities in software. The critical industry insight regarding Mythos is not that it introduces fundamentally new vulnerability classes, but that it significantly reduces the time and expertise required for malicious actors to execute an AI-accelerated offensive, compressing traditional exploitation timelines.

What is Daybreak?

Daybreak is an OpenAI-developed frontier model, often discussed alongside Anthropic’s Mythos, associated with advanced AI reasoning capabilities. It is related to OpenAI's reasoning models like "o1" and "o3-mini" which are optimized for complex tasks such as programming. Like other frontier models, Daybreak's significance is its potential to accelerate AI-driven offense by making the discovery and exploitation of software vulnerabilities faster.

What is MDASH?

MDASH (which stands for Multi-model Dynamic/Agentic Scanning Harness or Multi-model Agentic Scanning Harness) is a highly advanced, AI-powered vulnerability discovery system developed by Microsoft. This system is designed for defensive use, rapidly identifying and addressing software vulnerabilities to help organizations 'defend at AI speed,' reflecting the industry-wide shift toward using AI to compress vulnerability discovery and exploitation timelines. This is what organizations today are doing relative to vulnerability discovery and remediation in code.

Appian’s Perspective

Appian’s position as a leading security organization is aligned with the community behind the Cloud Security Alliance (CSA) and Amazon Web Services (AWS): The appropriate response to AI-accelerated offense is an increased focus on foundational security controls. The CSA Mythos paper emphasizes that organizations must prioritize patch management, vulnerability remediation, and continuous monitoring to reduce the attack surface. Appian aligns with the AWS view that security is a shared responsibility, and that defense at scale requires continuous evolution of operational rigor, not reactive technology adoption. Our strategy is built on monitoring these developments and immediately integrating defensive learnings.

We’ve gained perspective with the industry surrounding frontier models, including effective use of existing foundational models for security purposes. These tools are good at recursive reading and discovery; their findings will reflect your own organization's security maturity. If you have “skeletons” in the closet, don’t enforce MFA, don’t enforce a good SDLC, don’t upgrade to the latest patches, these are the equivalent of leaving your home unlocked and windows open for a burglar.

We are actively engaged using tools available to us today, and take the opportunity that AI presents very seriously on behalf of Appian, you (our customers), and your customers. More on this below.

Appian’s Position

Appian’s approach to security is predictive, proactive, systematic, and aligned with the highest industry standards, providing essential mitigation against AI-accelerated threats. We jointly align with customers towards best practices to mitigate potential emergent threats and risks - AI or otherwise.

Secure-by-Design Infrastructure

Appian Cloud leverages the extensive security capabilities of AWS, relying on their expertise in securing the underlying cloud infrastructure. Our deep partnership ensures that Appian environments benefit from AWS’s scale, rigorous security controls, and immediate response capabilities. This includes leveraging identity and access management (IAM), network segregation, and continuous configuration checks provided by the cloud service provider. Frontier LLMs are good at finding security flaws within logic and code that when applied to standards, protocols, kernel, and supply-chains are the emergent threat fundamental to system operations; layering mature practices and response actions are required to keep pace.

Differentiated Platform Architecture

The Appian Platform architecture is fundamentally designed to reduce inherent risk and exposure:

Zero-Trust: Appian's architecture is built on Zero Trust principles: never trust, assume breach, and verify every access request. This is implemented via a multi-control point lattice, shifting defenses from static perimeters to focus on users, assets, and resources. Core components include strong identity, device health, continuous re-authentication, hyper least privilege, and encryption everywhere. This resilient platform design provides consistent security regardless of user location or data sensitivity.
Identity-Aware Access: All customer applications and data interactions are governed by a robust, fine-grained identity and access framework.
Multi-Tenant Controls: Strong logical separation is enforced across all multi-tenant environments, isolating customer data and reducing the potential impact of a single vulnerability.
Policy Enforcement and Auditability: The platform enforces strict security policies at every layer, providing comprehensive audit trails that enhance detection and response capabilities.

Integrated Security Development: We leverage both deterministic and AI-assisted/agentic tools directly into our continuous integration pipeline to automatically flag and help developers remediate vulnerabilities before code is promoted. We are also adapting the frequency of AI-assisted secure code reviews for our entire code-base to proactively hunt vulnerabilities. Continuous 3rd party White-Hat Hackers and penetration testing are used to further enhance our posture.
Our active investments in GenAI-driven security ensure continuous protection at the speed of development:
- AI-Powered Secure Design: We are augmenting security tools with additional AI-powered tools for architecture review and threat modeling to identify and fix flaws continuously in the agentic SDLCs, preventing issues before they are coded.
- Agentic Code Scanning: Security services in our SDLC have already been created as agent accessible tools to scan and remediate vulnerabilities directly inside developer environment tooling) and centrally enforced in code pipelines.
- Supply Chain Hardening: We are seeking additional hardened components similar to our use of Chainguard. We are migrating to private, vendor-managed third-party libraries and in our centralized artifact repository which governs all components, ensuring the integrity and provenance of our software supply chain against AI-accelerated attacks.

Mature Vulnerability Management Program

Appian maintains a mature, risk-based vulnerability management program that adheres to industry standards and regulatory expectations:

Prioritization and Remediation: We leverage systems like CISA’s Known Exploited Vulnerabilities (KEV) database, and plan to include additional exploitability and reachability metrics to prioritize remediation based on real-world threat exposure, ensuring a focus on the most critical risks.
Operational Rigor: Appian is committed to aggressive patching SLAs and maintaining Plan of Action and Milestones (POA&M) discipline. We are continuously improving our ability to rapidly deploy patches, specifically to meet the accelerated timelines suggested by AI-enabled offense.
Supply Chain Security: To proactively counter supply chain risks, Appian is migrating to private, curated third-party libraries for components, ensuring all dependencies are current, patched, and malware-free. We partner with industry leading firms on pre-hardened and pre-patched assets in our supply chain where possible.

Scaling Vulnerability Management: We are preparing for an order-of-magnitude increase in discovered vulnerabilities. Our processes leverage automation and advanced prioritization to streamline triage and enable rapid remediation of high-exposure findings.

The Appian CSA Assessment

In light of the evolving threat landscape, Appian has rigorously evaluated the risks and strategic guidance associated with frontier models, specifically aligning our internal assessments with findings from the Cloud Security Alliance (CSA) Mythos paper. We ensure our posture remains anchored in foundational operational rigor (e.g. systems hardening, mature vulnerability remediation, and rapid incident response), while simultaneously incorporating agentic AI technologies to modernize and accelerate our defensive capabilities.

To reinforce Appian’s approach, our security investments (based on our risk assessments) are focused on:

AI-Enhanced Secure Architecture: To ensure issues are mitigated before they reach the codebase, we are reinforcing our agentic SDLCs by integrating AI-driven tools for continuous threat modeling and architectural reviews.
Agent-Integrated Vulnerability Scanning: We have transitioned security services into agent-accessible tools that operate directly within developer environments and are strictly enforced via central code pipelines to automate remediation.
Robust Supply Chain Protection: Appian is actively strengthening our software supply chain by moving to private, vendor-managed artifact repositories and incorporating hardened components, such as Chainguard, to maintain rigorous integrity against AI-driven exploitation.

Appian’s Offensive Defense: Turning AI-Accelerated Risk into Modernization Opportunity

The greatest defense against AI-accelerated offense is a fundamental shift in application strategy. The Mythos model highlights a critical moment where organizations must move beyond defensive patching toward architectural security by default.

Legacy or “vibe” code is now unsafe at any speed.
- Why & How with Appian: The speed of vulnerability discovery (now compressed to hours) means manual custom code development and patching cycles can no longer keep pace. Appian's low-code platform eliminates vast amounts of custom code, reducing the attack surface and enforcing secure patterns by design.
Due to the insecure nature of AI vibe coding, enterprises should replace it with spec-driven development on secure platforms like Appian.
- Why & How with Appian: Relying on large language models (LLMs) to generate "vibe code" introduces new supply chain and vulnerability risks from potentially unvetted code. Appian's low-code, spec-driven approach generates standardized, secure code from certified platform components, ensuring integrity and auditability.
Enterprises need to migrate custom and legacy apps to secure-by-default platforms like Appian.
- Why & How with Appian: Legacy apps are highly susceptible to this new shift. Appian provides a secure cloud architecture leveraging AWS's scale and security controls, offering continuous updates and a mature vulnerability management program.
Secure platforms that reduce your attack surface and centralize patching and monitoring are the best way to reduce workload on security teams.
- Why & How with Appian: Moving applications to Appian Cloud shifts the burden of infrastructure security, patching (aggressive SLAs), and continuous monitoring to Appian and AWS. This drastically reduces the operational overhead and allows internal security teams to focus on core business risks.
AI Agents need the guardrails and governance of secure process orchestration that Appian provides.
- Why & How with Appian: As autonomous AI agents become pervasive, constraining their actions is critical. Appian's process orchestration provides the necessary identity-aware framework, policy enforcement, and auditability to govern AI agents, ensuring they operate within defined, secure business processes.

Customer Changes: Required Actions

The speed of AI-accelerated threats requires immediate action to solidify your foundational security posture. We recommend customers prioritize the following actions:

Accelerate Platform Updates: Promptly prioritize and schedule upgrades to the latest Appian platform releases to benefit from our continuous security enhancements and keep pace with vulnerability remediation. Reach out to Appian Support with your organization's desired posture; we recommend taking the latest release as soon as feasible for your organization. We can patch at the speed of your mission needs.
Enforce MFA for All Accounts: With the release of additional MFA features in 26.1, audit your organizational requirements, ensure alignment and reach out to Appian Support if you need assistance. We recommend strong Multi-Factor Authentication (MFA) for all accounts (Appian or otherwise) to strengthen identity controls against AI-driven social engineering and credential misuse.
Modernize on Appian Cloud: Eliminate critical attack surface by migrating all custom and legacy applications to the latest version of Appian Cloud, which offers secure-by-default architecture, centralized patching, and continuous monitoring.
Adopt New Security Capabilities: Rapidly adopt key platform security features as they become available, such as Cloud Secure Link (when available) and Log Streaming (24.4/26.4) enhancements to meet your mission needs.

Callout on Further Action: If additional, environment-specific action is required for your sites, our Solution Engineering team will reach out directly; ensure your security and admin contacts are up-to-date.

Closing Statement

Appian’s security posture is built keeping in mind the speed and scale of AI-accelerated threat discovery by frontier models. Our response strategy aligns with the industry, shifting to Zero-Trust and high-velocity operational rigor that prioritizes foundational security controls: vulnerability remediation, continuous monitoring, and continuous testing. This architectural approach is the essential alternative to risky “AI Vibe coding”; replacing ad-hoc code generation with spec-driven development using standardized, certified platform components to ensure security and auditability. Furthermore, Appian's secure process orchestration provides the necessary guardrails and governance to ensure pervasive AI agents operate securely within defined business processes, using identity-aware access and policy enforcement. Ultimately, our platform enables customers to quickly modernize legacy applications—which are highly susceptible to this new threat—on a secure, continuously updated architecture. This accelerated threat landscape requires a joint effort.

To immediately strengthen your defenses and keep pace with AI-accelerated threats, we urge you to review and implement the Required Actions detailed above: Accelerate Platform Updates, Enforce MFA for All Accounts, Modernize on Appian Cloud, and Adopt New Security Capabilities.

This article applies to all supported versions of Appian.

Last reviewed: May 27, 2026

KB-2384 Appian's Response to AI-Accelerated Threats (Mythos, Daybreak, MDASH)

Kaushal Patel — Wed, 27 May 2026 16:48:50 GMT

Revision 1 posted to Appian Knowledge Base by Kaushal Patel on 5/27/2026 4:48:50 PM

Executive Summary

What is Mythos?

What is Daybreak?

What is MDASH?

Appian’s Perspective

We are actively engaged using tools available to us today, and take the opportunity that AI presents very seriously on behalf of Appian, you (our customers), and your customers. More on this below.

Appian’s Position

Secure-by-Design Infrastructure

Differentiated Platform Architecture

The Appian Platform architecture is fundamentally designed to reduce inherent risk and exposure:

Zero-Trust: Appian's architecture is built on Zero Trust principles: never trust, assume breach, and verify every access request. This is implemented via a multi-control point lattice, shifting defenses from static perimeters to focus on users, assets, and resources. Core components include strong identity, device health, continuous re-authentication, hyper least privilege, and encryption everywhere. This resilient platform design provides consistent security regardless of user location or data sensitivity.
Identity-Aware Access: All customer applications and data interactions are governed by a robust, fine-grained identity and access framework.
Multi-Tenant Controls: Strong logical separation is enforced across all multi-tenant environments, isolating customer data and reducing the potential impact of a single vulnerability.
Policy Enforcement and Auditability: The platform enforces strict security policies at every layer, providing comprehensive audit trails that enhance detection and response capabilities.

Integrated Security Development: We leverage both deterministic and AI-assisted/agentic tools directly into our continuous integration pipeline to automatically flag and help developers remediate vulnerabilities before code is promoted. We are also adapting the frequency of AI-assisted secure code reviews for our entire code-base to proactively hunt vulnerabilities. Continuous 3rd party White-Hat Hackers and penetration testing are used to further enhance our posture.
Our active investments in GenAI-driven security ensure continuous protection at the speed of development:
- AI-Powered Secure Design: We are augmenting security tools with additional AI-powered tools for architecture review and threat modeling to identify and fix flaws continuously in the agentic SDLCs, preventing issues before they are coded.
- Agentic Code Scanning: Security services in our SDLC have already been created as agent accessible tools to scan and remediate vulnerabilities directly inside developer environment tooling) and centrally enforced in code pipelines.
- Supply Chain Hardening: We are seeking additional hardened components similar to our use of Chainguard. We are migrating to private, vendor-managed third-party libraries and in our centralized artifact repository which governs all components, ensuring the integrity and provenance of our software supply chain against AI-accelerated attacks.

Mature Vulnerability Management Program

Appian maintains a mature, risk-based vulnerability management program that adheres to industry standards and regulatory expectations:

Prioritization and Remediation: We leverage systems like CISA’s Known Exploited Vulnerabilities (KEV) database, and plan to include additional exploitability and reachability metrics to prioritize remediation based on real-world threat exposure, ensuring a focus on the most critical risks.
Operational Rigor: Appian is committed to aggressive patching SLAs and maintaining Plan of Action and Milestones (POA&M) discipline. We are continuously improving our ability to rapidly deploy patches, specifically to meet the accelerated timelines suggested by AI-enabled offense.
Supply Chain Security: To proactively counter supply chain risks, Appian is migrating to private, curated third-party libraries for components, ensuring all dependencies are current, patched, and malware-free. We partner with industry leading firms on pre-hardened and pre-patched assets in our supply chain where possible.

Scaling Vulnerability Management: We are preparing for an order-of-magnitude increase in discovered vulnerabilities. Our processes leverage automation and advanced prioritization to streamline triage and enable rapid remediation of high-exposure findings.

The Appian CSA Assessment

To reinforce Appian’s approach, our security investments (based on our risk assessments) are focused on:

AI-Enhanced Secure Architecture: To ensure issues are mitigated before they reach the codebase, we are reinforcing our agentic SDLCs by integrating AI-driven tools for continuous threat modeling and architectural reviews.
Agent-Integrated Vulnerability Scanning: We have transitioned security services into agent-accessible tools that operate directly within developer environments and are strictly enforced via central code pipelines to automate remediation.
Robust Supply Chain Protection: Appian is actively strengthening our software supply chain by moving to private, vendor-managed artifact repositories and incorporating hardened components, such as Chainguard, to maintain rigorous integrity against AI-driven exploitation.

Appian’s Offensive Defense: Turning AI-Accelerated Risk into Modernization Opportunity

Legacy or “vibe” code is now unsafe at any speed.
- Why & How with Appian: The speed of vulnerability discovery (now compressed to hours) means manual custom code development and patching cycles can no longer keep pace. Appian's low-code platform eliminates vast amounts of custom code, reducing the attack surface and enforcing secure patterns by design.
Due to the insecure nature of AI vibe coding, enterprises should replace it with spec-driven development on secure platforms like Appian.
- Why & How with Appian: Relying on large language models (LLMs) to generate "vibe code" introduces new supply chain and vulnerability risks from potentially unvetted code. Appian's low-code, spec-driven approach generates standardized, secure code from certified platform components, ensuring integrity and auditability.
Enterprises need to migrate custom and legacy apps to secure-by-default platforms like Appian.
- Why & How with Appian: Legacy apps are highly susceptible to this new shift. Appian provides a secure cloud architecture leveraging AWS's scale and security controls, offering continuous updates and a mature vulnerability management program.
Secure platforms that reduce your attack surface and centralize patching and monitoring are the best way to reduce workload on security teams.
- Why & How with Appian: Moving applications to Appian Cloud shifts the burden of infrastructure security, patching (aggressive SLAs), and continuous monitoring to Appian and AWS. This drastically reduces the operational overhead and allows internal security teams to focus on core business risks.
AI Agents need the guardrails and governance of secure process orchestration that Appian provides.
- Why & How with Appian: As autonomous AI agents become pervasive, constraining their actions is critical. Appian's process orchestration provides the necessary identity-aware framework, policy enforcement, and auditability to govern AI agents, ensuring they operate within defined, secure business processes.

Customer Changes: Required Actions

The speed of AI-accelerated threats requires immediate action to solidify your foundational security posture. We recommend customers prioritize the following actions:

Accelerate Platform Updates: Promptly prioritize and schedule upgrades to the latest Appian platform releases to benefit from our continuous security enhancements and keep pace with vulnerability remediation. Reach out to Appian Support with your organization's desired posture; we recommend taking the latest release as soon as feasible for your organization. We can patch at the speed of your mission needs.
Enforce MFA for All Accounts: With the release of additional MFA features in 26.1, audit your organizational requirements, ensure alignment and reach out to Appian Support if you need assistance. We recommend strong Multi-Factor Authentication (MFA) for all accounts (Appian or otherwise) to strengthen identity controls against AI-driven social engineering and credential misuse.
Modernize on Appian Cloud: Eliminate critical attack surface by migrating all custom and legacy applications to the latest version of Appian Cloud, which offers secure-by-default architecture, centralized patching, and continuous monitoring.
Adopt New Security Capabilities: Rapidly adopt key platform security features as they become available, such as Cloud Secure Link (when available) and Log Streaming (24.4/26.4) enhancements to meet your mission needs.

Closing Statement

This article applies to all supported versions of Appian.

Last reviewed: May 27, 2026

[DRAFT SUPP-1654] Plugin Review & Security Scanning FAQ

Ryan Good — Wed, 27 May 2026 15:36:59 GMT

Revision 5 posted to Appian Knowledge Base by Ryan Good on 5/27/2026 3:36:59 PM

All plugins submitted to Appian for use on Appian Cloud require review and approval. This article aims to answer common questions about the plugin review process.

For more information on plugin and AppMarket policies, refer to the AppMarket Submission Policies documentation and the AppMarket Submissions Agreement.

Table of Contents:

How are plugin security reviews performed?
What specific tooling is used?
How often are reviews performed?
What happens to plugins that are flagged by security scans?
Can Appian provide the scan results?
What happens to plugins that are flagged by security scans?
How long do I have to remediate a finding in my plugin?
My plugin submission was previously approved. Why is my latest update not approved?
I need to use my plugin on Appian Cloud ASAP. Can I bypass security review temporarily?

How are plugin security reviews performed?

What specific tooling is used?

How often are reviews performed?

Reviews are always performed upon plugin submission. Post-approval, additional security reviews are performed regularly.
Appian reserves the right to perform security reviews at any time.

Do security reviews apply to private plugins?

Yes. As stated in the AppMarket Submission Policies, All plug-ins, whether intended for public use on the AppMarket or private use within an organization, must receive approval before deployment.

Can Appian provide the scan results?

Appian does not publish or share the results of security scans.
Plugin authors are notified directly when one of their submissions is flagged by a security scan.

What happens to plugins that are flagged by security scans?

How long do I have to remediate a finding in my plugin?

Appian will provide a timeline for remediation when notifying you of a finding.
Appian reserves the right to modify plug-in remediation timelines at any time.

My plugin submission was previously approved. Why is my latest update not approved?

I need to use my plugin on Appian Cloud ASAP. Can I bypass security review temporarily?

Affected Versions

This article applies to all versions of Appian.

Last Reviewed: May 2026

Tags: FAQ, plugins

KB-2383 Interactive SAIL Examples in Appian Documentation Fail to Execute

pauline.delacruz — Tue, 26 May 2026 16:01:08 GMT

Current Revision posted to Appian Knowledge Base by pauline.delacruz on 5/26/2026 4:01:08 PM

Symptoms

Interactive SAIL expression examples embedded in Appian documentation pages fail to execute. The browser displays the following error message:

The connection is blocked because it was initiated by a public page to connect to devices or servers on your local network.

This issue occurs in networks where the AWS API Gateway endpoint used by the documentation resolves to a private IP address.

Cause

Appian documentation pages use an AWS API Gateway endpoint with the domain *.execute-api.us-east-1.amazonaws.com to support execution of SAIL expressions. In enterprise networks AWS service endpoints may resolve to a private IP address. Modern browsers block requests where the originating page is treated as public and the target endpoint resolves to a private or local IP address. This is intentional browser behavior designed to prevent DNS rebinding and local network attacks.

Action

This is a known limitation that affects enterprise networks with private AWS networking configurations. Appian has added an enhancement to the documentation backlog to address this issue (Reference ticket: LCP-49998). No estimated time of availability is currently provided for this enhancement.

Workaround

Organizations may allow *.execute-api.us-east-1.amazonaws.com domains to resolve using public DNS controls to ensure the page loads properly.

Affected Versions

This article applies to all versions of Appian.

Last Reviewed: May 2026

Tags: web browser, infrastructure, Cloud

[DRAFT SUPP-2640] Interactive SAIL Examples in Appian Documentation Fail to Execute

pauline.delacruz — Wed, 20 May 2026 19:06:41 GMT

Revision 7 posted to Appian Knowledge Base by pauline.delacruz on 5/20/2026 7:06:41 PM

Symptoms

Interactive SAIL expression examples embedded in Appian documentation pages fail to execute. The browser displays the following error message:

The connection is blocked because it was initiated by a public page to connect to devices or servers on your local network.

This issue occurs in networks where the AWS API Gateway endpoint used by the documentation resolves to a private IP address.

Cause

Action

Workaround

Organizations may allow *.execute-api.us-east-1.amazonaws.com domains to resolve using public DNS controls to ensure the page loads properly.

Affected Versions

This article applies to all versions of Appian.

Last Reviewed: May 2026

Tags: web browser, infrastructure, Cloud

[DRAFT SUPP-2640] Interactive SAIL Examples in Appian Documentation Fail to Execute

Zack Mateja — Wed, 20 May 2026 18:58:57 GMT

Revision 6 posted to Appian Knowledge Base by Zack Mateja on 5/20/2026 6:58:57 PM

Symptoms

Interactive SAIL expression examples embedded in Appian documentation pages fail to execute. The browser displays the following error message:

The connection is blocked because it was initiated by a public page to connect to devices or servers on your local network.

This issue occurs in networks where the AWS API Gateway endpoint used by the documentation resolves to a private IP address.

Cause

Appian documentation pages use an AWS API Gateway endpoint with the domain *.execute-api.us-east-1.amazonaws.com to support execution of SAIL expressions. In enterprise networks AWS service endpoints may resolve to a private IP address. Modern browsers block requests where the originating page is treated as public and the target endpoint resolves to a private or local IP address. This is intentional browser behavior designed to prevent DNS rebinding and local network attacks.

Action

Workaround

Organizations may allow *.execute-api.us-east-1.amazonaws.com domains to resolve using public DNS controls to ensure the page loads properly.

Last Reviewed: May 2026

Tags: web browser, infrastructure, Cloud

[DRAFT SUPP-2640] Interactive SAIL Examples in Appian Documentation Fail to Execute

Zack Mateja — Wed, 20 May 2026 15:36:33 GMT

Revision 5 posted to Appian Knowledge Base by Zack Mateja on 5/20/2026 3:36:33 PM

Symptoms

Interactive SAIL expression examples embedded in Appian documentation pages fail to execute. The browser displays the following error message:

The connection is blocked because it was initiated by a public page to connect to devices or servers on your local network.

This issue occurs in networks where the AWS API Gateway endpoint used by the documentation resolves to a private IP address.

Cause

Action

Workaround

Organizations may allow *.execute-api.us-east-1.amazonaws.com domains to resolve using public DNS controls to ensure the page loads properly.

Last Reviewed: May 2026

Tags: web browser, infrastructure, Cloud

[DRAFT SUPP-2640] Using Interactive SAIL Boxes in Appian Documentation

Zack Mateja — Wed, 20 May 2026 15:35:59 GMT

Revision 4 posted to Appian Knowledge Base by Zack Mateja on 5/20/2026 3:35:59 PM

Interactive SAIL Examples in Appian Documentation Fail to Execute

Symptoms

Interactive SAIL expression examples embedded in Appian documentation pages fail to execute. The browser displays the following error message:

The connection is blocked because it was initiated by a public page to connect to devices or servers on your local network.

This issue occurs in networks where the AWS API Gateway endpoint used by the documentation resolves to a private IP address.

Cause

Action

Workaround

Organizations may allow *.execute-api.us-east-1.amazonaws.com domains to resolve using public DNS controls to ensure the page loads properly.

Last Reviewed: May 2026

Tags: web browser, infrastructure, Cloud

[DRAFT SUPP-2640] Using Interactive SAIL Boxes in Appian Documentation

Zack Mateja — Wed, 20 May 2026 15:35:42 GMT

Revision 3 posted to Appian Knowledge Base by Zack Mateja on 5/20/2026 3:35:42 PM

Interactive SAIL Examples in Appian Documentation Fail to Execute

Symptoms

Interactive SAIL expression examples embedded in Appian documentation pages fail to execute. The browser displays the following error message:

The connection is blocked because it was initiated by a public page to connect to devices or servers on your local network.

This issue occurs in networks where the AWS API Gateway endpoint used by the documentation resolves to a private IP address.

Cause

Action

Workaround

Organizations may allow *.execute-api.us-east-1.amazonaws.com domains to resolve using public DNS controls to ensure the page loads properly.

Preventative Actions

Be aware that interactive SAIL execution examples in Appian documentation rely on direct client-side calls to *.execute-api.amazonaws.com. These examples may fail in environments where those domains resolve privately or are blocked by the browser due to enterprise DNS and security configurations.

Last Reviewed: May 2026

Tags: web browser, infrastructure, Cloud

[DRAFT SUPP-2640] Using Interactive SAIL Boxes in Appian Documentation

Zack Mateja — Wed, 20 May 2026 15:35:09 GMT

Revision 2 posted to Appian Knowledge Base by Zack Mateja on 5/20/2026 3:35:09 PM

Interactive SAIL Examples in Appian Documentation Fail to Execute

Symptoms

Interactive SAIL expression examples embedded in Appian documentation pages fail to execute. The browser displays the following error message:

The connection is blocked because it was initiated by a public page to connect to devices or servers on your local network.

This issue occurs in networks where the AWS API Gateway endpoint used by the documentation resolves to a private IP address.

Cause

Action

This is a known limitation that affects enterprise networkswith private AWS networking configurations. Appian has added an enhancement to the documentation backlog to address this issue (Reference ticket: LCP-49998). No estimated time of availability is currently provided for this enhancement.

Workaround

Organizations may allow *.execute-api.us-east-1.amazonaws.com domains to resolve using public DNS controls to ensure the page loads properly.

Preventative Actions

Last Reviewed: May 2026

Tags: web browser, infrastructure, Cloud

[DRAFT SUPP-1654] Plugin Review & Security Scanning FAQ

Daniel DeVeau — Wed, 20 May 2026 14:15:38 GMT

Revision 4 posted to Appian Knowledge Base by Daniel DeVeau on 5/20/2026 2:15:38 PM

All plugins submitted to Appian for use on Appian Cloud require review and approval. This article aims to answer common questions about the plugin review process.

For more information on plugin and AppMarket policies, refer to the AppMarket Submission Policies documentation and the AppMarket Submissions Agreement.

Table of Contents:

How are plugin security reviews performed?

What specific tooling is used?

How often are reviews performed?

What happens to plugins that are flagged by security scans?

Can Appian provide the scan results?

What happens to plugins that are flagged by security scans?

How long do I have to remediate a finding in my plugin?

My plugin submission was previously approved. Why is my latest update not approved?

I need to use my plugin on Appian Cloud ASAP. Can I bypass security review temporarily?

How are plugin security reviews performed?

What specific tooling is used?

How often are reviews performed?

Reviews are always performed upon plugin submission. Post-approval, additional security reviews are performed regularly.
Appian reserves the right to perform security reviews at any time.

Do security reviews apply to private plugins?

Yes. As stated in the AppMarket Submission Policies, All plug-ins, whether intended for public use on the AppMarket or private use within an organization, must receive approval before deployment.

Can Appian provide the scan results?

Appian does not publish or share the results of security scans.
Plugin authors are notified directly when one of their submissions is flagged by a security scan.

What happens to plugins that are flagged by security scans?

How long do I have to remediate a finding in my plugin?

Appian will provide a timeline for remediation when notifying you of a finding.
Appian reserves the right to modify plug-in remediation timelines at any time.

My plugin submission was previously approved. Why is my latest update not approved?

I need to use my plugin on Appian Cloud ASAP. Can I bypass security review temporarily?

Affected Versions

This article applies to all versions of Appian.

Last Reviewed: May 2026

Tags: FAQ, plugins

[DRAFT SUPP-1654] Plugin Review & Security Scanning FAQ

Daniel DeVeau — Wed, 20 May 2026 14:12:16 GMT

Revision 3 posted to Appian Knowledge Base by Daniel DeVeau on 5/20/2026 2:12:16 PM

All plugins submitted to Appian for use on Appian Cloud require review and approval. This article aims to answer common questions about the plugin review process.

For more information on plugin and AppMarket policies, refer to the AppMarket Submission Policies documentation and the AppMarket Submissions Agreement.

Table of Contents:

How are plugin security reviews performed?

What specific tooling is used?

How often are reviews performed?

Can Appian provide the scan results?

What happens to plugins that are flagged by security scans?

How long do I have to remediate a finding in my plugin?

My plugin submission was previously approved. Why is my latest update not approved?

I need to use my plugin on Appian Cloud ASAP. Can I bypass security review temporarily?

How are plugin security reviews performed?

What specific tooling is used?

How often are reviews performed?

Reviews are always performed upon plugin submission. Post-approval, additional security reviews are performed regularly.
Appian reserves the right to perform security reviews at any time.

Do security reviews apply to private plugins?

Yes. As stated in the AppMarket Submission Policies, All plug-ins, whether intended for public use on the AppMarket or private use within an organization, must receive approval before deployment.

Can Appian provide the scan results?

Appian does not publish or share the results of security scans.
Plugin authors are notified directly when one of their submissions is flagged by a security scan.

What happens to plugins that are flagged by security scans?

How long do I have to remediate a finding in my plugin?

Appian will provide a timeline for remediation when notifying you of a finding.
Appian reserves the right to modify plug-in remediation timelines at any time.

My plugin submission was previously approved. Why is my latest update not approved?

I need to use my plugin on Appian Cloud ASAP. Can I bypass security review temporarily?

Affected Versions

This article applies to all versions of Appian.

Last Reviewed: May 2026

Tags: FAQ, plugins

[DRAFT SUPP-1654] Plugin Review & Security Scanning FAQ

Daniel DeVeau — Wed, 20 May 2026 14:07:51 GMT

Revision 2 posted to Appian Knowledge Base by Daniel DeVeau on 5/20/2026 2:07:51 PM

All plugins submitted to Appian for use on Appian Cloud require review and approval. This article aims to answer common questions about the plugin review process.

For more information on plugin and AppMarket policies, refer to the AppMarket Submission Policies documentation and the AppMarket Submissions Agreement.

Table of Contents:

How are plugin security reviews performed?

What specific tooling is used?

How often are reviews performed?

Can Appian provide the scan results?

What happens to plugins that are flagged by security scans?

How long do I have to remediate a finding in my plugin?

My plugin submission was previously approved. Why is my latest update not approved?

I need to use my plugin on Appian Cloud ASAP. Can I bypass security review temporarily?

How are plugin security reviews performed?

Security scanning is first performed during the submission of new and updated plugins to Appian.

Subsequent reviews are also performed on a routine basis after initial approval.

Scans such as Static Application Security Testing (SAST), Software composition analysis (SCA), and other security related checks are in place.

What specific tooling is used?

Appian utilizes custom tooling, open source software, and commercial off the shelf software to perform the automated security scanning.

Appian does not publish the specific software used to review plugins.

How often are reviews performed?

Reviews are always performed upon plugin submission. Post-approval, additional security reviews are performed regularly .

Appian reserves the right to perform security reviews at any time.

Can Appian provide the scan results?

Appian does not publish or share the results of security scans.

Plugin authors are notified directly when one of their submissions is flagged by a security scan.

Do security reviews apply to private plugins?

Yes. As stated in the AppMarket Submission Policies, All plug-ins, whether intended for public use on the AppMarket or private use within an organization, must receive approval before deployment.

What happens to plugins that are flagged by security scans?

Plugin authors are notified directly when one of their submissions is flagged by a security scan.

Plugins which are not updated may be removed from the AppMarket.

Appian reserves the right to reject or stop hosting plug-ins at any time.

How long do I have to remediate a finding in my plugin?

Appian will provide a timeline for remediation when notifying you of a finding.

Appian reserves the right to modify plug-in remediation timelines at any time.

My plugin submission was previously approved. Why is my latest update not approved?

Every submitted version of a plugin is reviewed in full.

Approval of a plugin does not guarantee approval of subsequent versions.

Appian reserves the right to modify plugin security policies at any time.

I need to use my plugin on Appian Cloud ASAP. Can I bypass security review temporarily?

Plugin submissions cannot bypass security review; only fully approved submissions can be deployed on Appian Cloud.

If a plug-in requires expedited review, please include that context and justification in the submission.

If you subscribe to a Signature Appian Success Plan, let your Lead Engineer know of your urgent request.

Affected Versions

This article applies to all versions of Appian.

Last Reviewed: May 2026

Tags: FAQ, plugins

KB-2382 Information about the Axios Supply Chain Compromise

Kaushal Patel — Wed, 13 May 2026 20:18:13 GMT

Current Revision posted to Appian Knowledge Base by Kaushal Patel on 5/13/2026 8:18:13 PM

On 11 May 2026, a coordinated supply chain attack was launched against the npm and PyPI ecosystems, targeting high-value developer tools and enterprise platforms. The campaign compromised a wide range of popular packages, including the @tanstack namespace (such as @tanstack/react-router), the official mistralai clients for TypeScript and Python, and AI safety tools like guardrails-ai.

Appian has investigated this vulnerability and affected services, and determined that it is not impacted, as no vulnerable versions of the packages are used in the Appian Cloud environment or any of Appian’s products. We will continue to monitor the situation and provide any updates as appropriate.

Supporting Documentation:

Affected Versions

This article applies to all supported versions of Appian.

Last reviewed: May 13, 2026

KB-2381 How to fix a corrupted database table index using phpMyAdmin

Kaushal Patel — Thu, 07 May 2026 15:22:49 GMT

Current Revision posted to Appian Knowledge Base by Kaushal Patel on 5/7/2026 3:22:49 PM

Purpose

A corrupted index can make the associated table inaccessible. This can cause any queries, applications, or automated processes that rely on the table to fail until the index is repaired. This article outlines how to repair the affected index.

Instructions

Open the phpMyAdmin interface.
Using the index definition from the table, drop and recreate the affected index using the following commands.
1. Check the table to confirm the affected index: CHECK TABLE <table_name>;
2. Identify the affected index and column information: SHOW CREATE TABLE <table_name>;
3. Drop the affected index: ALTER TABLE <table_name> DROP INDEX <index_name>;
4. Recreate the affected index: ALTER TABLE <table_name> ADD INDEX <index_name>(cols);
5. Confirm the issue was resolved: CHECK TABLE <table_name>;

Affected Versions

This article applies to all versions of Appian Cloud.

Last Reviewed: April 2026

Tags: phpmyadmin, database, how-to, index

KB-2381 How to fix a corrupted database table index using phpMyAdmin

Kaushal Patel — Thu, 07 May 2026 15:22:49 GMT

Revision 16 posted to Appian Knowledge Base by Kaushal Patel on 5/7/2026 3:22:49 PM

Purpose

Instructions

Open the phpMyAdmin interface.
Using the index definition from the table, drop and recreate the affected index using the following commands.
1. Check the table to confirm the affected index: CHECK TABLE <table_name>;
2. Identify the affected index and column information: SHOW CREATE TABLE <table_name>;
3. Drop the affected index: ALTER TABLE <table_name> DROP INDEX <index_name>;
4. Recreate the affected index: ALTER TABLE <table_name> ADD INDEX <index_name>(cols);
5. Confirm the issue was resolved: CHECK TABLE <table_name>;

Affected Versions

This article applies to all versions of Appian Cloud.

Last Reviewed: April 2026

Tags: phpmyadmin, database, how-to, index

[DRAFT][NEW] KB-XXXX How to fix a corrupted database table index using phpMyAdmin

Kaushal Patel — Thu, 07 May 2026 14:16:14 GMT

Revision 15 posted to Appian Knowledge Base by Kaushal Patel on 5/7/2026 2:16:14 PM

Purpose

Instructions

Open the phpMyAdmin interface.
Using the index definition from the table, drop and recreate the affected index using the following commands.
1. Check the table to confirm the affected index: CHECK TABLE <table_name>;
2. Identify the affected index and column information: SHOW CREATE TABLE <table_name>;
3. Drop the affected index: ALTER TABLE <table_name> DROP INDEX <index_name>;
4. Recreate the affected index: ALTER TABLE <table_name> ADD INDEX <index_name>(cols);
5. Confirm the issue was resolved: CHECK TABLE <table_name>;

Affected Versions

This article applies to all versions of Appian Cloud.

Last Reviewed: April 2026

[DRAFT][NEW] KB-XXXX How to fix a corrupted database table index using phpMyAdmin

Kaushal Patel — Thu, 07 May 2026 14:15:36 GMT

Revision 14 posted to Appian Knowledge Base by Kaushal Patel on 5/7/2026 2:15:36 PM

Purpose

Instructions

Open the phpMyAdmin interface.
Using the index definition from the table, drop and recreate the affected index using the following commands.
1. Check the table to confirm the affected index: CHECK TABLE <table_name>;
2. Identify the affected index and column information: SHOW CREATE TABLE <table_name>;
3. Drop the affected index: ALTER TABLE <table_name> DROP INDEX <index_name>;
4. Recreate the affected index: ALTER TABLE <table_name> ADD INDEX <index_name>(cols);
5. Confirm the issue was resolved: CHECK TABLE <table_name>;

Affected Versions

This article applies to all versions of Appian Cloud.

Last Reviewed: April 2026

KB-1831 Cloning Appian Cloud Sites FAQ

Kaushal Patel — Thu, 30 Apr 2026 13:55:25 GMT

Current Revision posted to Appian Knowledge Base by Kaushal Patel on 4/30/2026 1:55:25 PM

Purpose

The purpose of this article is to answer common questions involved with cloning an Appian Cloud site for troubleshooting purposes.

What is a clone?
A clone is a replica of an existing Appian Cloud site. A new AWS instance is started, and a snapshot from an existing (host) Appian Cloud site is used to populate data on the new instance(s) creating a new separate site. All Appian Cloud clones are hosted in the same secure infrastructure as other Appian Cloud sites and are subject to the same security compliance protocols and controls.

Why does Appian Support request to create a clone?
Appian Support requests to clone a site for troubleshooting purposes. When investigating certain issues, it is sometimes necessary to test and debug directly to better understand the nature and scope of the behavior. In order to eliminate the risk of impact to an actual Appian Cloud site, it is necessary to run these tests on a clone of the environment.

What data will be cloned?
As a clone is created from a snapshot of a host site, all data as it exists at the time of the snapshot on the host site will be copied and present on the clone. For example, all Appian objects will be included, but not data hosted externally in customer databases.

Who has access to the code/data hosted in the clone?
Access to the code/data hosted in the clone is restricted to the following groups and is never shared with any third parties to ensure data integrity:

Those who have access to the original Appian Cloud site.
Team members from Appian Support and/or Appian's Product team that are involved in diagnosing and troubleshooting the issue(s) reported by the customer.

Do clones have any impact on the host Appian Cloud site or other existing environments?
No, clone sites exist separately outside of the host site and other existing Appian Cloud environments. Furthermore, outbound activity (emails, traffic, etc.) will be disabled as to not interfere with external systems.

How long is the clone and its data persisted?
The clone is persisted as long as the investigation into the current issue persists. Once the investigation is complete or no longer requires access to the clone, Appian will shut down the clone and delete its corresponding data. The clone can also be shut down at any time at the customer's discretion.

Affected Versions

This article applies to all versions of Appian Cloud.

Last Reviewed: April 2026

Tags: administration, Security, infrastructure, Cloud