Appwrite undertakes regular penetration testing and vulnerability assessments conducted by third-party agencies to attest our security standing. These penetration tests and vulnerability assessments are performed periodically. Penetration tests performed by a third-party helps identify vulnerabilities and suggest action plans to constantly improve Appwrite's security.
Appwrite has processes for external and internal information security risk management that seek to identify, assess and address risks using a risk treatment plan to implement recommendations and decisions. The risk assessment methodologies utilized include pen-test practices.
See the "Data Processing" addendum of Appwrite's DPA for further details.