// Trust & Security Report

    Workato, Inc. logo

    Workato, Inc.

    Enterprise integration-platform-as-a-service (iPaaS) that has expanded into agentic AI orchestration: core Workato iPaaS/workflow automation, Enterprise MCP (turns workflows into governed MCP servers for AI agents), Agent Studio / Genies (AI agent builder), embedded integrations for SaaS platforms, API management, and Data Hub/MDM.

    Certifications held

    11

    Maturity

    Enterprise

    Trains on your data

    No

    Trust center

    Yes

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    SOC 2 Type II
    HELD

    SOC 2 Type II certification is aligned with the American Institute of CPAs (AICPA) Trust Services Criteria

    Verify on docs.workato.com
    SOC 1 Type II
    HELD

    SOC 1 Type II certification evaluates Workato's controls related to customers' financial reporting

    Verify on docs.workato.com
    SOC 3
    HELD

    SOC 3 certification provides independent validation of Workato's controls based on the same AICPA Trust Services Criteria

    Verify on docs.workato.com
    ISO 27001
    HELD

    ISO 27001 certification specifies controls for establishing, implementing, and improving information security

    Verify on docs.workato.com
    ISO 27701 (Privacy Information Management)
    HELD

    ISO 27701 extends ISO 27001 for Privacy Information Management Systems (PIMS), addressing the requirements for handling Personally Identifiable Information (PII)

    Verify on docs.workato.com
    ISO 42001 (AI Management System)
    HELD

    "ISO 42001" is listed on the Workato Trust Center security-posture badge grid alongside ISO 27001 and ISO 27701; docs.workato.com states "Workato aligns with ISO/IEC 42001 by governing AI through defined oversight, lifecycle-based risk management, and responsible AI practices" (alignment language, not an explicit certificate number, so confirm formal certification scope via the gated trust center).

    Verify on trust.workato.com
    GDPR
    HELD

    We comply with GDPR, which imposes stringent data privacy and security standards for organizations that target and/or collect data from people living in the EU.

    Verify on workato.com
    HIPAA
    HELD

    As a Business Associate, Workato is compliant with HIPAA standards, safeguarding Protected Health Information (PHI) for customers in healthcare, and can sign Business Associate Agreements (BAA) and undergo an annual HIPAA attestation from an independent auditing firm.

    Verify on docs.workato.com
    PCI DSS (Level 1 Service Provider, v4.0.1)
    HELD

    PCI-DSS v4.0.1 − Level 1 service provider with annual QSA assessments for cardholder data protection.

    Verify on docs.workato.com
    IRAP (Australian Government ISM)
    HELD

    Workato has successfully completed an IRAP assessment, demonstrating compliance with Australian government ISM standards at the PROTECTED level.

    Verify on docs.workato.com
    NIST SP 800-171A Rev 2
    HELD

    Workato has successfully achieved attestation for compliance with NIST Special Publication 800-171A Revision 2 for handling Controlled Unclassified Information.

    Verify on docs.workato.com
    > Show 1 unconfirmed / not-held certifications
    FedRAMP
    NOT CONFIRMED

    No public evidence of FedRAMP authorization; not listed on trust.workato.com badge grid or in security documentation reviewed. Workato instead cites IRAP (Australian government) and NIST 800-171A r2 (CUI/federal contractor scope) for government-adjacent workloads.

    source: trust.workato.com

    // Privacy & AI training

    Trains on customer data

    No

    Data processing agreement

    Offered

    Data region

    Regional data centers in the United States, EU (Frankfurt, Germany), Singapore, Japan, Australia, and Israel; data is stated to be processed within the customer's selected region for US/EMEA and APAC.

    Workato's own docs state "AI by Workato doesn't use user data for training purposes." AI by Workato is built on models from Anthropic and OpenAI (with region-specific routing, e.g. the Israel data center uses OpenAI's GPT-4o mini). A separate AI feature addendum must be accepted to use AI features, and AI features are stated as not available in China for regulatory reasons. Agent Studio/Genie models are hosted in US, EU, and APAC regions with data residency respected where possible. No tier-specific opt-out language was found beyond the addendum acceptance; this should be confirmed directly with Workato for enterprise contracts.

    // Security controls

    Encryption

    End-to-end data encryption; dedicated encryption key per account; hourly key rotation; customer-managed BYOK/EKM option; secure key vault (RAFT storage).

    workato.com

    Architecture model

    Describes itself as built on Zero Trust principles with defense-in-depth, and states every workflow/agent action is authenticated, authorized, and auditable.

    trust.workato.com

    Data residency

    Regional data centers (US, EU/Frankfurt, Singapore, Japan, Australia, Israel) supporting data localization.

    workato.com

    Subprocessors

    Published subprocessor list includes AWS (cloud infrastructure), Intercom (chat), Stripe (payments), MessageBird/SparkPost (email), with per-processor usage and location disclosed.

    trust.workato.com

    Vulnerability/supply-chain monitoring

    Trust Center publishes ongoing security advisories on third-party supply-chain incidents (e.g. npm, PyPI, CVE disclosures affecting the broader ecosystem), indicating an active security monitoring program.

    trust.workato.com

    // Products & data scope

    Workato Enterprise iPaaSIntegration platform / workflow automation

    data: Broad access to connected SaaS/on-prem systems via 1200+ connectors; processes and transforms customer business data in transit and at rest per account encryption keys.

    Core, longest-established product; primary subject of the SOC/ISO/HIPAA/PCI attestations.

    Enterprise MCPAgentic AI orchestration layer

    data: Exposes governed business actions/workflows as MCP servers to AI agents (Claude, OpenAI, Copilot, etc.); adds authentication, authorization, and audit trail layer on top of iPaaS.

    Newest flagship offering (per home page positioning); inherits platform-level security controls, but is new enough that agent-specific incident history is limited.

    Agent Studio / GeniesAI agent builder

    data: Uses customer documents/knowledge bases plus Anthropic and OpenAI models to power configurable AI agents ("Genies"); role-based access control for genies and knowledge bases.

    Stated not to train models on user data; requires accepting a separate AI feature addendum; unavailable in China.

    Embedded Integrations / API ManagementEmbedded iPaaS for SaaS platforms

    data: Lets a SaaS vendor embed Workato's integration and agent capabilities into its own product, extending Workato's security perimeter to the embedding vendor's end customers.

    Enterprise-tier governance and security features; scope/liability boundary between Workato and the embedding vendor should be reviewed contractually.

    // What to watch

    • Cert list (SOC 1/2/3, ISO 27001/27701/42001, HIPAA, PCI, IRAP, NIST, GDPR posture, etc.) is corroborated across three independent vendor-domain pages (trust.workato.com badge grid, docs.workato.com/security/security-compliance.html, www.workato.com/platform/security), but full attestation documents themselves sit behind a gated "Get Access" request on the trust center, so exact scope/period/auditor could not be independently confirmed from public pages alone.
    • Enterprise MCP and Agent Studio/Genies are newly marketed AI-agent products; while the vendor states platform-level certs extend to them and that AI features do not train on customer data, no dedicated third-party attestation specific to the agentic products was found (as distinct from the core iPaaS attestations) - worth flagging as an area to re-verify as these products mature.
    • AI training opt-out is stated as a blanket "doesn't use user data for training" policy rather than a documented per-tier opt-out control; recommend confirming contractual language directly for enterprise deals.
    • No FedRAMP authorization found; do not list FedRAMP for this vendor despite public-sector-adjacent certs (IRAP, NIST 800-171A) that could be mistaken for it.

    // At a glance

    Pricing model

    Custom/quote-based enterprise pricing ("Talk to sales"), with a free starter tier ("Start for free"); no public self-serve price list found in evidence gathered.

    Self-hostable

    No

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on Workato, Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    trust.workato.com

    > Browse all vendor trust reports