NIST updates

content/en/docs/private-platform/nist-controls/si/_index.md

@@ -0,0 +1,15 @@
+---
+title: "NIST 800-53 System and Information Integrity Compliance for Private Mendix Platform"
+linktitle: "System and Information Integrity"
+url: /private-mendix-platform/nist-controls-si/
+description: "Documents the Private Mendix Platform's compliance with the System and Information Integrity (SI) category of the NIST 800-53 security framework."
+weight: 10
+no_list: false 
+simple_list: true
+---
+
+## Introduction
+
+Documents in this section provide more information about Private Mendix Platform's compliance with the System and Information Integrity (SI) category of the [NIST 800-53](https://csrc.nist.gov/pubs/sp/800/53/r5/upd1/final) security framework. For each applicable control, we have listed which party (Mendix or the customer) is responsible for which component or aspect.
+
+In general, Mendix is responsible for the Private Mendix Platform, Mendix Operator, Mendix Studio Pro, Mendix Runtime, and so on. Customer responsibilities are related to infra and organization processes. For more information, refer to detailed documentation below.

content/en/docs/private-platform/nist-controls/si/pmp-nist-si02.md

@@ -0,0 +1,71 @@
+---
+title: "SI-02 Flaw Remediation"
+linktitle: "SI-02"
+url: /private-mendix-platform/nist-controls/si-02/
+description: "Documents the Private Mendix Platform's compliance with the SI-02 control of the NIST 800-53 framework."
+weight: 20
+---
+
+## Introduction
+
+This document describes how Private Mendix Platform fulfills the SI-02 control.
+
+| Control ID | SI-02 |
+| --- | --- |
+| Control category | SI - System and Information Integrity |
+| Requirement baseline | FEDRAMP MODERATE |
+| Responsibility and ownership | Customer - Infra, Customer - Org |
+
+## Control
+
+The organization: 
+
+* Identifies, reports, and corrects information system flaws.
+* Tests software and firmware updates related to flaw remediation for effectiveness and potential side effects before installation.
+* Installs security-relevant software and firmware updates within an organization-defined time period of the release of the updates.
+* Incorporates flaw remediation into the organizational configuration management process.
+
+### Supplemental Guidance
+
+Organizations identify information systems affected by announced software flaws including potential vulnerabilities resulting from those flaws, and report this information to designated organizational personnel with information security responsibilities. Security-relevant software updates include patches, service packs, hot fixes, and anti-virus signatures. Organizations also address flaws discovered during security assessments, continuous monitoring, incident response activities, and system error handling. 
+
+Organizations take advantage of available resources such as the Common Weakness Enumeration (CWE) or Common Vulnerabilities and Exposures (CVE) databases in remediating flaws discovered in organizational information systems. By incorporating flaw remediation into ongoing configuration management processes, required/anticipated remediation actions can be tracked and verified. Flaw remediation actions that can be tracked and verified include, for example, determining whether organizations follow US-CERT guidance and Information Assurance Vulnerability Alerts.
+
+## Responsibility
+
+### Customer Responsibility
+
+This is not a Mendix responsibility beyond the previously documented Mendix update and release cycle, which addresses flaws in the Mendix products.
+
+## Guidance
+
+### Customer Responsibility
+
+The customer is responsible for establishing and implementing a flaw remediation process for their custom implementation of Private Mendix Platform as well as applications built using Mendix, including:
+
+* Identifying and tracking security flaws in infrastructure components, custom code, and third-party dependencies
+* Testing software and firmware updates for effectiveness and potential side effects before deployment
+* Defining time periods for installing security-relevant updates (for example, critical patches within 30 days)
+* Incorporating flaw remediation into the configuration management process
+* Monitoring vulnerability databases (CVE, CWE, US-CERT) for relevant security advisories
+
+#### Implementer and Operator Responsibilities
+
+* Infra Implementer - Establish vulnerability scanning and patch management processes for infrastructure.
+* App Implementer - Implement vulnerability scanning for custom application code and dependencies.
+* Infra Operator - Apply infrastructure patches and updates in accordance with customer timelines.
+* App Operator - Apply application updates and remediate identified vulnerabilities in accordance with customer policies.
+
+#### Mendix Product Updates
+
+Mendix maintains a documented update and release cycle for its products (Runtime, Operator, Private Mendix Platform, Studio Pro). Security flaws in Mendix products are addressed through regular updates and security patches. Customers should monitor Mendix release notes and security advisories to stay informed of available updates.
+
+## Proof and Remarks
+
+* [Mendix Security Advisory](/releasenotes/security-advisories/)
+* [Mendix Release Policy](/releasenotes/studio-pro/lts-mts/)
+* Releases with new features, bug fixes, improvements, known issues, deprecations:
+
+    * [Studio Pro](/releasenotes/studio-pro/)
+    * [Private Mendix Platform](/releasenotes/private-platform/)
+    * [Mendix Operator and Mendix on Kubernetes](/releasenotes/developer-portal/mendix-for-private-cloud/)

content/en/docs/private-platform/nist-controls/si/pmp-nist-si0701.md

@@ -0,0 +1,47 @@
+---
+title: "SI-07 (01) Software, Firmware, and Information Integrity - Integrity Checks"
+linktitle: "SI-07 (01)"
+url: /private-mendix-platform/nist-controls/si-0701/
+description: "Documents the Private Mendix Platform's compliance with the SI-07 (01) control of the NIST 800-53 framework."
+weight: 20
+---
+
+## Introduction
+
+This document describes how Private Mendix Platform fulfills the SI-07 (01) control.
+
+| Control ID | SI-07 (01) |
+| --- | --- |
+| Control category | SI - System and Information Integrity |
+| Requirement baseline | FEDRAMP MODERATE |
+| Responsibility and ownership | Mendix - Private Mendix Platform, Mendix - Studio Pro/Runtime, Customer - Infra, Customer - Org |
+
+## Control
+
+The information system performs an integrity check of organization-defined software, firmware, and information at one or more of the following: 
+
+* At startup
+* At organization-defined transitional states or security-relevant events
+* At an organization-defined frequency.
+
+### Supplemental Guidance
+
+Security-relevant events include the identification of a new threat to which organizational information systems are susceptible, and the installation of new hardware, software, or firmware. Transitional states include system startup, restart, shutdown, and abort.
+
+The following controls are related to this control:
+
+* AC-4. 
+
+## Responsibility
+
+### Customer Responsibility
+
+The customer is responsible for defining the scope, frequency, and mechanisms for integrity verification checks and ensuring their implementation and ongoing operation within the environment.
+
+## Guidance
+
+### Customer Responsibility
+
+The customer is responsible for defining the scope and execution of integrity verification activities in accordance with organizational security policies and risk management objectives. This includes identifying the software, firmware, and information subject to integrity checks; determining when such checks are performed (for example, at system startup, on demand, or at defined intervals); selecting appropriate integrity verification mechanisms such as cryptographic checksums or digital signatures; and establishing procedures for investigation, notification, and remediation when integrity violations are detected.
+
+Infra Implementers and Operators support the customer-defined requirements by executing and maintaining the integrity verification mechanisms within the environment. The Infrastructure Implementer is responsible for implementing integrity checks for infrastructure components and container images, while the Application Implementer applies integrity controls to application code and dependencies as required. The Infrastructure Operator and Application Operator are responsible for monitoring integrity check results, responding to detected failures, and ensuring continued operation of integrity monitoring in alignment with customer-defined procedures.

content/en/docs/private-platform/nist-controls/si/pmp-nist-si10.md

@@ -0,0 +1,61 @@
+---
+title: "SI-10 Information Input Validation"
+linktitle: "SI-10"
+url: /private-mendix-platform/nist-controls/si-10/
+description: "Documents the Private Mendix Platform's compliance with the SI-10 control of the NIST 800-53 framework."
+weight: 20
+---
+
+## Introduction
+
+This document describes how Private Mendix Platform fulfills the SI-10 control.
+
+| Control ID | SI-10 |
+| --- | --- |
+| Control category | SI - System and Information Integrity |
+| Requirement baseline | FEDRAMP MODERATE |
+| Responsibility and ownership | Mendix - Studio Pro/Runtime, Customer - Infra, Customer - Org |
+
+## Control
+
+The information system checks the validity of organization-defined information inputs.
+
+### Supplemental Guidance
+
+Checking the valid syntax and semantics of information system inputs (for example, character set, length, numerical range, and acceptable values) verifies that inputs match specified definitions for format and content. Software applications typically follow well-defined protocols that use structured messages (that is, commands or queries) to communicate between software modules or system components. Structured messages can contain raw or unstructured data interspersed with metadata or control information. If software applications use attacker-supplied inputs to construct structured messages without properly encoding such messages, then the attacker could insert malicious commands or special characters that can cause the data to be interpreted as control information or metadata. Consequently, the module or component that receives the tainted output will perform the wrong operations or otherwise interpret the data incorrectly. Prescreening inputs prior to passing to interpreters prevents the content from being unintentionally interpreted as commands. Input validation helps to ensure accurate and correct inputs and prevent attacks such as cross-site scripting and a variety of injection attacks.
+
+The following controls are related to this control:
+
+* AC-2
+* AC-3
+* AC-4
+* AC-5
+* AC-6.
+
+## Responsibility
+
+### Mendix Responsibility
+
+Mendix provides rich input validation capabilities through Studio Pro.
+
+### Customer Responsibility
+
+The customer and App Implementer are responsible for defining and implementing appropriate input validations.
+
+## Guidance
+
+### Mendix Responsibility
+
+Mendix provides built‑in input validation capabilities through Studio Pro and enforces them at runtime to ensure predictable and secure handling of invalid inputs. Validation mechanisms support data type, format, length, range, pattern, required‑field, and custom logic validations, and are applied at both the domain model and page levels to ensure defense in depth. The Mendix Runtime enforces these validations consistently, preventing invalid inputs from being processed and ensuring that applications transition to known, safe states without exposing sensitive system information or bypassing security controls.
+
+### Customer Responsibility
+
+The customer is responsible for defining input validation requirements based on data sensitivity and security needs, including acceptable values, character sets, and protections against injection attacks. The App Implementer must configure and maintain appropriate validation rules within the Mendix application using Studio Pro, including custom validation logic where necessary, and ensure predictable error handling for invalid inputs. The App Operator ensures that input validations remain current by reviewing, testing, and updating validation rules as the application evolves and by monitoring for anomalous input behavior.
+
+## Proof and Remarks
+
+Entity-level validation rules are editable in the domain model in Studio Pro.
+
+{{< figure src="/attachments/private-platform/nist-si/nist-si-10-1.png" class="no-border" >}}
+
+For more information, see [Setting Up Data Validation: Data Validation on Entity Level](/refguide/setting-up-data-validation/#data-validation-on-entity-level).

content/en/docs/private-platform/nist-controls/si/pmp-nist-si1003.md

@@ -0,0 +1,67 @@
+---
+title: "SI-10 (03) Information Input Validation - Predictable Behavior"
+linktitle: "SI-10 (03)"
+url: /private-mendix-platform/nist-controls/si-1003/
+description: "Documents the Private Mendix Platform's compliance with the SI-10 (03) control of the NIST 800-53 framework."
+weight: 20
+---
+
+## Introduction
+
+This document describes how Private Mendix Platform fulfills the SI-10 (03) control.
+
+| Control ID | SI-10 (03) |
+| --- | --- |
+| Control category | SI - System and Information Integrity |
+| Requirement baseline | DOD IMPACT LEVEL 4 |
+| Responsibility and ownership | Mendix - Private Mendix Platform, Mendix - Studio Pro/Runtime, Customer - Infra |
+
+## Control
+
+The information system behaves in a predictable and documented manner that reflects organizational and system objectives when invalid inputs are received.
+
+### Supplemental Guidance
+
+A common vulnerability in organizational information systems is unpredictable behavior when invalid inputs are received. This control enhancement ensures that there is predictable behavior in the face of invalid inputs by specifying information system responses that facilitate transitioning the system to known states without adverse, unintended side effects.
+
+The following controls are related to this control:
+
+* AC-3.
+
+## Responsibility
+
+### Mendix Responsibility
+
+The Private Mendix Platform provides Platform‑ and Runtime‑level protections to ensure predictable system behavior when invalid inputs are received. The Mendix Runtime and Private Mendix Platform enforce structured input handling and validation to prevent unintended execution paths and ensure the system transitions to known, safe states.
+
+### Customer Responsibility
+
+The customer, through the App Implementer and App Operator roles, ensures that Mendix applications apply appropriate input validation on all fields and maintain predictable behavior as applications evolve by keeping validation rules up to date.
+
+## Guidance
+
+### Mendix Responsibility
+
+The Mendix Runtime and Private Mendix Platform implement Platform‑level protections to ensure predictable behavior when invalid inputs are received. Input validation is enforced across multiple layers, ensuring invalid inputs are rejected before processing and the system transitions to known, safe states. The runtime returns well‑defined error responses for invalid inputs while suppressing stack traces and sensitive technical details, preventing application crashes, unintended data modification, privilege escalation, bypass of security controls, or exposure of sensitive information.
+
+### Customer Responsibility
+
+The App Implementer ensures that Mendix applications apply appropriate input validation on all fields and define predictable, documented behavior when invalid inputs are received, including error handling and default responses. Input validations must be tested and kept up to date as the application evolves. The App Operator supports ongoing compliance by monitoring application behavior and logs for anomalous input patterns and updating input validation rules as new attack techniques or usage patterns emerge.
+
+## Proof and Remarks
+
+{{< figure src="/attachments/private-platform/nist-si/nist-si-1003-1.png" class="no-border" >}}
+
+{{< figure src="/attachments/private-platform/nist-si/nist-si-1003-2.png" class="no-border" >}}
+
+{{< figure src="/attachments/private-platform/nist-si/nist-si-1003-3.png" class="no-border" >}}
+
+For more information, see [Setting Up Data Validation](/refguide/setting-up-data-validation/).
+
+Example entity‑level input validation configured in Mendix Studio Pro, where validation rules are enforced before data is committed to ensure predictable handling of invalid inputs:
+
+{{< figure src="/attachments/private-platform/nist-si/nist-si-1003-4.png" class="no-border" >}}
+
+UI input validation on pages in Mendix Studio Pro using required fields and validation messages:
+
+{{< figure src="/attachments/private-platform/nist-si/nist-si-1003-5.png" class="no-border" >}}