<-- Back

Security scanning options for Mendix applications

Introduction

This article provides an overview of the security scanning options available for applications developed using Mendix. It explains which types of security scans are supported, the tools that can be used, and whether they can be integrated directly with the Mendix platform or require exported artifacts, such as application metadata or Java bytecode, for offline analysis.

Environment

Applications hosted in Mendix Cloud

Details

Mendix uses QSM (Quality and Security Management) for performing security and quality analysis scans on applications developed with Mendix. It is specifically designed to work with the Mendix low-code model rather than traditional source code.

  • Integration with the Mendix platform: QSM can be integrated directly with the Mendix platform. There is no need to manually export metadata, Java bytecode, or other artifacts to perform the analysis offline. 
  • Note on traditional scanning tools: Standard source code scanners may not be directly applicable to Mendix applications due to the low-code nature of the platform. It is recommended to use tools that are aware of the Mendix model structure, such as QSM.

Internal information related

  • 282589
  • G01EQTEP83G/p1783478376440549

Additional information

NA

 

Have more questions? Submit a request

0 Comments

Article is closed for comments.

To provide feedback, please open a ticket here. Don't forget to include the article's URL along with the feedback you would like to provide.