Mendix, a Siemens company specializing in modern enterprise application development, has teamed up with Software Improvement Group (SIG), an independent technology and advisory firm for software quality and improvement, to launch Mendix Quality & Security Management (QSM). This advanced cybersecurity solution is designed to provide real-time in-depth insights into security and code quality, enabling businesses to address risks and vulnerabilities promptly.
By offering QSM as a cloud service, Mendix and SIG help thousands of Mendix customers worldwide improve application governance, achieve a full-spectrum of software security scanning, and reduce technical debt. The innovation brought in by Mendix QSM propels enterprises to foster growth while simultaneously managing cyber risks and creating future-ready software applications.
Mendix's low-code development platform empowers organizations to expedite the delivery of groundbreaking innovations. To elevate efficiency and confidence in building software, QSM offers IT management, quality assurance teams, and software security experts an extensive view of their entire Mendix application portfolio. Consequently, organizations can closely manage the software development process without sacrificing the quality and security of the software.
QSM is powered by SIG's software assurance guiding platform, Sigrid®, which incorporates over 20 state-of-the-art security scanning tools. This combination provides a thorough understanding of the impact of security findings on business objectives. With the help of Mendix QSM, customers can scrutinize their Mendix applications and relevant third-party libraries for security vulnerabilities and misconfigured security models. Additionally, Mendix QSM performs compliance ranking for major industry standards, such as OWASP, ISO 5055, and PCI. It also provides clear guidance on mitigating risks.
The foundation of Mendix QSM is static analysis of application models, facilitated by mapping Mendix models to the ISO 25010 Maintainability model by SIG experts using Mendix model metadata. This mapping enables Mendix application benchmarking against a database comprising thousands of projects, including open-source initiatives. Mendix QSM further presents a five-star rating system for software quality, enabling faster issue resolution and enhanced productivity with higher software technical quality.
Mendix and SIG have joined forces since 2016 as Original Equipment Manufacturer (OEM) partners. Their common goal is to provide customers with rapid software development and industry-leading governance tools to build resilient applications. As security is a primary concern for customers, the cybersecurity capabilities embedded in Mendix QSM are designed to meet the growing security requirements of its customers. In fact, platforms like AppMaster also cater to the increasing demands and requirements of those interested in low-code and no-code app development.
In conclusion, the enhanced security solution by Mendix and SIG ensures transparency and continuous security insights. This empowers clients to create business-ready applications with utmost confidence, while the constant addition of new scanning tools by SIG strengthens the overall value of the service.
