Trust Center
At AvidXchange, privacy and security are embedded in everything we do. We earn trust by treating customer data like we would our data. We layer in security across every area of our business, ensuring that private customer data stays private. Explore this portal to learn about our security practices and request access to official security documentation.
Not a customer? Book your demo now! Request a Demo
Brazos Valley Schools Credit Union
Colliers International
Hampton Golf
San Antonio Zoo
SmartBank
Westport ConstructionAvidAscend Customers
AvidAscend Customers
AvidAscend Customers, please request access for additional documentation.
Bridge Letters Now Available on AvidXchange’s Trust Center
We’re pleased to announce that our latest bridge letters are now available on the AvidXchange Trust Center. These letters provide assurance during the period between our most recent SOC audit reports and the next scheduled audit, reinforcing our commitment to transparency and data security.
You can request the bridge letters under the Featured Documents section of the AvidXchange Trust Center: trust.avidxchange.com.
2025 SOC Reports Available
We are pleased to announce that our latest SOC 1 Type II and SOC 2 Type II audit reports, conducted by Forvis Mazars LLP, are now available on AvidXchange’s Trust Center. This update reflects our continued commitment to safeguarding your data and ensuring compliance with industry standards and best practices.
The reports can be requested under the Featured Documents section of AvidXchange’s Trust Center: trust.avidxchange.com
F5 Device Vulnerability
AvidXchange has reviewed and investigated the potential impact of the critical vulnerabilities in F5 devices (https://www.cisa.gov/news-events/news/cisa-issues-emergency-directive-address-critical-vulnerabilit…). AvidXchange is not affected and does not leverage F5 devices or software.
AvidXchange monitors security information resources for vulnerability announcements, patch and non-patch remediation change, security events and incidents, and emerging threats that correspond to the software and hardware within AvidXchange’s system inventory. Patches are regularly applied per our Vulnerability Management Standard, which includes applying patches monthly at minimum. Advanced Malware Protection controls are deployed to all corporate-issued endpoints. These controls receive updates in real-time in alignment with best practices.
Salesloft Drift Compromise Impacting Salesforce Integrations
AvidXchange has reviewed and investigated the indicators of compromise of the Salesloft Drift compromise impacting Salesforce integrations. AvidXchange does not currently leverage Salesloft but has not found any of these indicators within our logs or evidence of a related successful attack from AvidXchange's prior usage of Salesloft. Our Security Operations team will remain active in monitoring any potential vulnerabilities and IOCs related to this event.
AvidXchange monitors security information resources for vulnerability announcements, patch and non-patch remediation change, security events and incidents, and emerging threats that correspond to the software and hardware within AvidXchange’s system inventory. Patches are regularly applied per our Vulnerability Management Standard, which includes applying patches monthly at minimum. Advanced Malware Protection controls are deployed to all corporate-issued endpoints. These controls receive updates in real-time in alignment with best practices.