Meeting the highest standards

Cvent logo at the center of a connected node diagram highlighting security and compliance certifications.

Certifications and proof you can trust

Independent audits and global privacy frameworks mean you can move faster with confidence.

  • ISO/IEC 27001 and ISO/IEC 27701
  • SOC 1 Type II and SOC 2 Type II
  • PCI DSS
  • Cloud Security Alliance (CSA)
  • Cyber Essentials & Cyber Essentials Plus (Venue Directory)
  • Privacy alignment with GDPR, CCPA, and PDPL
  • TXRamp (select products)
  • Data Privacy Framework
  • APEC and Global Privacy Frameworks (PRP and CBPR)
Close-up of hands using a tablet, framed by abstract blue and purple shapes with floating security and privacy icons.”

Security built into every product

We bake security into how we design, build, and test—making security part of the product, not an afterthought.

  • Vulnerability Disclosure Program
  • Secure Code Training
  • Secure Design Reviews & Threat Modeling
  • Automated Security Testing
  • Penetration Testing
Three colleagues collaborating at a computer with overlaid analytics charts and data, framed by abstract blue‑purple shapes and security icons

Your data, protected and under control

From identity to deletion, we protect your data throughout its lifecycle across our cloud. 

  • Strong Perimeter & System Defense
  • Identity & Access Management
  • Data Deletion
  • Military-Grade Data Protection 
A support person infront of digital screen surrounded by icons like threat security and 24x7 support

Always-on security

Our teams and tooling monitor continuously and are ready to respond if something goes wrong. 

  • Threat Intelligence Program
  • 24x7 Security Monitoring
  • Security Incident Response Program
Video
 

Hear what our customers have to say

“Cvent is a massive company with a lot of resources that they have put into security and privacy. They’ve already done all the legwork and we can feel confident that the data we are storing in Cvent systems are secure and meet all our regulatory requirements.” 

Jeremy Dyken  |  Director of IT and Application Development  |  Fox World Travel 

Read more

A blue blob with cvent iq written on it surrounded by icons for on/off privacy settings and icon for device privacy security

CVENTIQTM 

AI at Cvent: Smart, secure, and in your control

  • CventIQ runs on trusted third‑party models
  • We don’t use your prompts or responses to train any models
  • We follow our AI Security Standard and AI Development Policy, aligned with SOC 2, ISO 27001, and ISO 27701
  • We opt out of Microsoft storing or logging prompts and completions
  • We keep AI interaction logs for 30 days for quality checks, then delete them
  • You can turn AI off entirely or enable only the features you want

 

Read the full CventIQ FAQ

Frequently asked questions

Does Cvent have an Information Security Policy?

Yes. Cvent has a comprehensive Information Security Policy and maintains over 30+ different policies and procedures covering multiple areas such as Security Awareness & Training, Encryption Management, Disaster Recovery, Business Continuity, Change Management, Password Policy, Security Logging and more. All policies and procedures can be found on our Trust Center.

Does Cvent encrypt all data at-rest and in-transit?

Yes. Cvent encrypts all customer data in-transit via TLS v1.2 encryption and at-rest via AES-256 encryption. In addition, Cvent offers field-level encryption for any field designed to contain potentially sensitive information, such as Date of Birth, Social Security Number, Passport ID, and more.

Does Cvent maintain a Business Continuity and Disaster Recovery Program?

Yes. Cvent maintains both programs to ensure that customer data is secured and available in the event of any type of disaster that may occur or to allow Cvent to quickly recover in the event of unexpected downtime. Both policies are available for review on our Trust Center.

Where does Cvent process/store customer data?

Cvent utilizes AWS for all customer data storage needs. Data will be processed/stored within AWS US-East and AWS US-West for all North American-based customers, and AWS Frankfurt and AWS Dublin for all EU-based customers and customers in other parts of the world.

Will Cvent notify me of any security incidents and/or security breaches?

Yes. Cvent will notify customers who are directly impacted by a security breach/incident within 48 hours of confirmation.

Does Cvent perform penetration testing on their products/services?

Yes. Cvent performs internal testing on all of our products/services and also works with independent third-party vendors to perform additional testing. The results of this testing are shared with us as an Executive Summary report, which can be shared with our customers upon request.

Does Cvent support SSO with their products/services?

Yes. The majority of our products will support SSO out of the box and additionally we offer APIs that can be configured to work with your preferred solution. Please visit out Developer Portal for more information on our SSO offerings.

Can Cvent provide additional security information upon request?

Yes. Cvent completes detailed security assessments and reviews them annually to ensure they are current.  Examples of assessments that we offer are a Standardized Information Gathering (SIG), the Consensus Assessments Initiative Questionnaire (CAIQ), architecture and data flow diagrams, and more. All of this information can be found on our Trust Center.