Cloud Security | Mendix

Skip to main content

Site Search

Contact Sales
Try for Free
Print

Cloud Security

What Kind of Security Controls Are Available in the Mendix Cloud?

Our cloud security architecture ensures the highest levels of data protection, application security, and operational transparency. This document outlines how our cloud infrastructure is designed to maintain security at every layer—from development and deployment to runtime and monitoring—using a comprehensive stack of industry best practices and tools.
A diagram showing the available security controls
Security controls for the Mendix Cloud include various levels of encryption, transport layer security (TLS), access restrictions and protection from malicious and unwanted internet traffic. The sections below describe these security controls in detail.

How Is Data in Transit Secured?

The Mendix Runtime that is running in a container is accessed via a load-balanced routing layer of clustered front-facing web servers that routes traffic to the relevant app environment, whereby the web server is responsible for the TLS connections. In addition, all common access and security services from the IaaS provider are used for the traffic that goes to their infrastructure. The TLS connection starting from the browser terminates at the web server service on the load-balanced routing layer. This ensures that data is encrypted end to end, so other app environments cannot intercept any data from the target app environment.

For more information on data security, refer to the Data Security section.

How Is Access Restricted for Incoming Requests?

Within the Mendix Cloud, it is possible to restrict access for incoming requests using multiple controls, by configuring access restrictions, you have fine-grained control over the external access to your application.

Restricting access within the Mendix Cloud is configured by access restriction profiles. An access restriction profile can contain any number of IPv4 and IPv6 address ranges, or a client certificate authority, or both.

What Kind of Encryption Is Provided in the Mendix Cloud?

Mendix offers encryption for data at rest and in transit for app environments out of the box. For more encryption control, customers can add an additional encryption layer for datasets in the database using platform-supported modules.

For details on routing and network encryption, refer to the section How Is Data in Transit Secured? above. For details on application data encryption, refer the Data Security section.

How Does Mendix Ensure Security Through Penetration Testing and Responsible Disclosure?

The platform operates a responsible disclosure program in collaboration with an external bug bounty provider. This enables ethical hackers to safely report vulnerabilities, helping to strengthen the platform’s security posture.

In addition to the ongoing community-driven security efforts, the Mendix platform is subject to regular penetration testing performed by certified independent security firms. These assessments occur multiple times per year and include a combination of black-box testing, white-box analysis, and red teaming exercises to thoroughly evaluate the platform’s resilience against real-world attack scenarios.

Penetration testing is a key component of the Mendix platform’s security assurance program and is regularly conducted by certified independent security firms. Their effectiveness is validated through annual audits and documented in Mendix security certifications and attestations, including the SOC 2 Type II report, PCI DSS Level 1 Service Provider Attestation of Compliance, ISO/IEC 27001:2013, ISO/IEC 27017:2015, and NEN 7510-1:2017 certification.

Which DDoS Controls Are in Place for the Mendix Cloud?

All Mendix apps hosted in Mendix Cloud v4 are behind AWS Shield Advanced and are defended against the most common and frequently-occurring network and transport layer DDoS attacks. In addition to this protection, the Mendix Cloud has extra detection and mitigation of large and sophisticated DDoS attacks, near real-time visibility of DDoS attacks, and 24⁄7 access to the AWS DDoS Response Team.

How is Threat Detection and Incident Response Managed Across the Platform?

Security operations for the platform are supported by the Siemens Cyber Defense Center, which provides continuous security monitoring, threat detection, and incident response capabilities.
This center operates 24/7 and is responsible for analyzing security events, coordinating incident handling, and ensuring rapid mitigation of threats across the entire cloud and application environment.

Supporting these efforts, an Endpoint Detection and Response (EDR) platform delivers data-driven analysis of the cloud infrastructure, enabling detection of anomalous behavior, policy violations, and emerging threats.

In parallel, a Cloud-Native Application Protection Platform (CNAPP) continuously evaluates infrastructure for misconfigurations, exposed services, and vulnerabilities at runtime—allowing for early detection and timely remediation of risks.

Additionally, a vulnerability management platform continuously scans the environment for known vulnerabilities, configuration weaknesses, and exposed assets—enabling proactive risk identification and prioritization.

This integrated approach ensures that all layers of the platform—from infrastructure to runtime—are proactively protected against evolving cyber threats.

How are Vulnerabilities Tracked, Assessed, and Disclosed for the Platform?

Mendix publishes security advisories by leveraging Siemens ProductCERT, which is a dedicated team of seasoned security experts that manages the receipt, investigation, internal coordination, and public reporting of security issues related to Siemens products, solutions, and services.

Mendix adds the Common Vulnerability Scoring System (CVSS) score and CVSS vector for security vulnerabilities described in the Studio Pro release notes. Mendix also adds the Mendix-specific CVE IDs when they become available.

How Does the Mendix Cloud Protect My App from Malicious and Unwanted Internet Traffic?

All Mendix apps hosted in Mendix Cloud v4 are protected by an AWS Web Application Firewall (WAF).

WAF is a security service that protects your applications from malicious and unwanted internet traffic without modifying your application code. WAF addresses various attack categories including many high risk and commonly occurring vulnerabilities described in OWASP publications such as OWASP Top 10. These include, but are not limited to:

  • Cross site scripting
  • HTTP protocol violations
  • Bots, crawlers, and scanners
  • HTTP Denial of Service
  • Server-side request forgery
  • Local File inclusion
  • Log4j remote code execution

The Mendix Cloud supports a variety of configurable HTTP response headers to protect your Mendix application. For more information, see Environment Details in the Mendix Portal Guide.

Which Physical Security Controls Are in Place for the Mendix Cloud?

Mendix Cloud is hosted on Amazon Web Services (AWS), leveraging AWS’s industry-leading data centers that meet the highest standards for physical and environmental security. These facilities hold a wide range of third-party certifications and assurance reports, including, but not limited to ISO/IEC 27001:2013, SOC 2, and PCI DSS. In addition, Mendix’s certified Information Security Officers review the cloud hosting environment bi-annually to ensure continued compliance with Mendix security requirements and industry best practices.

How Does Mendix Support Business Continuity and Disaster Recovery?

Business continuity and disaster recovery are integral components of the Mendix security framework and are aligned with ISO 22301, the international standard for business continuity management. To ensure that customer services can be rapidly restored in the event of a disruption, Mendix has implemented a formal disaster recovery procedure, which is tested quarterly to validate effectiveness. In addition, Mendix offers robust disaster recovery capabilities, including high availability across multiple availability zones, horizontal scaling of application environments, and automated recovery mechanisms to minimize downtime during unexpected outages. This approach ensures resilience and continuity of critical services across a wide range of deployment scenarios.

For more information on the Mendix Cloud architecture, see Cloud Architecture.

What Backup Functionality Is Provided by Mendix?

A backup of all data (model, database, and file storage) is made on a daily basis for all of your environments. Backups are stored in secured locations that are geographically dispersed.

Backups are available for restore as follows:

  • Nightly backups – maximum 2 weeks history (counted from the day before the request)
  • Sunday backups – maximum 3 months history (counted from the day before the request)
  • Monthly backups (first Sunday of each month) – maximum 1 year history (counted from the day before the request)

Both production data and backup data utilize cloud storage and are subject to the storage limit associated with the Mendix Platform subscription purchased. Companies are advised to set up an internal protocol for the usage and testing of backups. Administrators can download backups from the Mendix Portal or develop automated downloads of backups using the Mendix Platform REST API. Mendix also offers the option to use live data replication in order to enable a fallback environment.

Does Mendix Establish and Maintain Baseline Configurations for Hardening?

The Mendix Security team maintains a robust hardening baseline aligned with internationally recognized standards such as SANS and CIS Benchmarks. Cloud environments are continuously monitored and scanned to ensure compliance with these baseline configurations.

Hardening controls are subject to regular evaluation by independent third-party auditors. Their effectiveness is validated through annual audits and documented in Mendix security certifications and attestations, including the SOC 2 Type II report, PCI DSS Level 1 Service Provider Attestation of Compliance, ISO/IEC 27001:2013, ISO/IEC 27017:2015, and NEN 7510-1:2017 certification.

For more information, see Which Third-Party Security Certifications & Assurance Reports Does Mendix Have?.

How Does the Mendix Cloud Support DTAP Environments?

Mendix Cloud inherently supports and encourages the DTAP methodology through the following environment management features:

  • Dedicated environments per application:
    • For every Mendix application you deploy to the Mendix Cloud, you can easily provision multiple, distinct environments. Typically, you’d set up at least Acceptance and Production environments for each app. New environments can be provisioned self-service via Control Center.
    • Each of these environments is a separate instance of your application, running independently.
  • Isolated databases:
    • Crucially, each environment usually comes with its own isolated database. This means that you can populate your Test and Acceptance environments with specific test data without affecting your live application. Data from your development tests won’t interfere with your production data, and vice-versa.
  • Seamless deployment pipeline:
    • Mendix Studio Pro (the IDE) integrates directly with the Mendix Cloud Portal. This allows developers to deploy new versions of their application from their local machine to the Test or Acceptance environment with just a few clicks.
    • Once in the cloud, the Mendix Cloud Portal provides a user-friendly interface to promote your application versions through the DTAP pipeline (for example, from Test to Acceptance, and then to Production). This “one-click deployment” between environments simplifies the release process significantly.
    • With Mendix Pipelines, you can automate the deployment process easily. An application can be promoted through the DTAP pipeline, while keeping control over the quality of the code using quality and testing gateways.
  • Version control integration (Mendix Team Server):
    • Mendix applications are tightly integrated with the Mendix Team Server (a built-in version control system based on SVN or Git).
    • When you deploy to an environment, you’re deploying a specific revision of your application from the Team Server. This ensures that you know exactly which version is running in each environment, aiding in traceability and rollback if needed.
  • Environment-specific configurations:
    • App settings – Different API keys, external service endpoints, or feature flags can be set per environment.
    • Scheduled events – You might have different schedules for batch processes in Development versus Production.
    • User roles and security – While the core security model is part of the app, specific user accounts or integrations might differ.
    • Resources – Production environments can be scaled with more memory, CPU, and network resources than Development environments, reflecting their different performance requirements.
  • Monitoring and logging:
    • The Mendix Cloud Portal provides monitoring tools and logs for each individual environment. This allows you to track the performance, health, and user activity of your application at each stage, helping you identify and resolve issues before they reach production.
  • Security and access control:
      • Access to manage and deploy to different environments can be controlled through user roles within the Mendix Cloud Portal, ensuring that only authorized personnel can make changes to critical environments like Production.

Benefits of Mendix Cloud’s DTAP Support

  • Reduced risk: Isolating environments prevents development changes from impacting live users prematurely.
  • Faster release cycles: The streamlined deployment process between environments accelerates the path from development to production.
  • Improved quality: Dedicated testing and acceptance stages lead to more thoroughly vetted applications.
  • Better collaboration: Clear separation of duties for developers, testers, and business users.
  • Scalability and flexibility: Easily scale resources for each environment independently based on its specific needs.

In essence, the Mendix Cloud provides a structured, integrated, and user-friendly platform that makes implementing and managing a robust DTAP strategy not just possible, but intuitive for Mendix developers and operations teams.

Does Mendix Support Custom Domains?

Yes. For situations where pinning is required, you can set up a custom domain where you are in full control of updating the certificate. For connections from the internet to your Mendix Cloud applications, we provide a .mendixcloud.com or .mxapps.io domain with a certificate managed by Mendix.

Choose your language