-
Notifications
You must be signed in to change notification settings - Fork 792
Final NIST cleanups and fixes #11524
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from all commits
Commits
Show all changes
2 commits
Select commit
Hold shift + click to select a range
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
42 changes: 42 additions & 0 deletions
42
content/en/docs/private-platform/nist-controls/ac/pmp-nist-ac0202.md
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,42 @@ | ||
| --- | ||
| title: "AC-02 (02) Account Management - Removal Of Temporary / Emergency Accounts" | ||
| linktitle: "AC-02 (02)" | ||
| url: /private-mendix-platform/nist-controls/ac-0202/ | ||
| description: "Documents the Private Mendix Platform's compliance with the AC-02 (02) control of the NIST 800-53 framework." | ||
| weight: 20 | ||
| --- | ||
|
|
||
| ## Introduction | ||
|
|
||
| This document describes how Private Mendix Platform fulfills the AC-02 (02) control. | ||
|
|
||
| | Control ID | AC-02 (02) | | ||
| | --- | --- | | ||
| | Control category | AC - Access Control | | ||
| | Requirement baseline | FEDRAMP MODERATE | | ||
| | Responsibility and ownership | Customer - Org | | ||
|
|
||
| ## Control | ||
|
|
||
| The information system automatically removes or; disables temporary and emergency accounts after an: organization-defined time period for each type of account. | ||
|
|
||
| ### Supplemental Guidance | ||
|
|
||
| This control enhancement requires the removal of both temporary and emergency accounts automatically after a predefined period of time has elapsed, rather than at the convenience of the systems administrator. | ||
|
|
||
| ## Responsibility | ||
|
|
||
| ### Customer Responsibility | ||
|
|
||
| Private Mendix Platform does not provision temporary or emergency accounts outside of normal pre-provisioning and login (SSO) mechanisms. | ||
|
|
||
| ## Guidance | ||
|
|
||
| ### Customer Responsibility | ||
|
|
||
| To effectively manage temporary and emergency accounts, organizations should: | ||
|
|
||
| * Define specific time limits for each type of account based on operational needs and security requirements. | ||
| * Configure the information system to automatically disable or remove these accounts once the defined period expires. | ||
| * Regularly review account activity and ensure that no temporary or emergency account remains active beyond its authorized timeframe. | ||
| * Document the procedures for account creation, monitoring, and removal to ensure compliance and accountability. |
71 changes: 71 additions & 0 deletions
71
content/en/docs/private-platform/nist-controls/ac/pmp-nist-ac0207.md
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,71 @@ | ||
| --- | ||
| title: "AC-02 (07) Account Management - Role-Based Schemes" | ||
| linktitle: "AC-02 (07)" | ||
| url: /private-mendix-platform/nist-controls/ac-0207/ | ||
| description: "Documents the Private Mendix Platform's compliance with the AC-02 (07) control of the NIST 800-53 framework." | ||
| weight: 20 | ||
| --- | ||
|
|
||
| ## Introduction | ||
|
|
||
| This document describes how Private Mendix Platform fulfills the AC-02 (07) control. | ||
|
|
||
| | Control ID | AC-02 (07) | | ||
| | --- | --- | | ||
| | Control category | AC - Access Control | | ||
| | Requirement baseline | FEDRAMP MODERATE | | ||
| | Responsibility and ownership | Customer - Org | | ||
|
|
||
| ## Control | ||
|
|
||
| The organization: | ||
|
|
||
| * Establishes and administers privileged user accounts in accordance with a role-based access scheme that organizes allowed information system access and privileges into roles. | ||
| * Monitors privileged role assignments. | ||
| * Takes organization-defined actions when privileged role assignments are no longer appropriate. | ||
|
|
||
| ### Supplemental Guidance | ||
|
|
||
| Privileged roles are organization-defined roles assigned to individuals that allow those individuals to perform certain security-relevant functions that ordinary users are not authorized to perform. These privileged roles include, for example, key management, account management, network and system administration, database administration, and web administration. | ||
|
|
||
| ## Responsibility | ||
|
|
||
| ### Customer Responsibility | ||
|
|
||
| Customers are responsible for defining and documenting their organization-specific privileged roles in alignment with job functions and the principle of least privilege, establishing formal processes for requesting, approving, and provisioning privileged access within Private Mendix Platform. They must conduct periodic access reviews to ensure role assignments remain appropriate, and supplement the platform's built-in monitoring audit logging tools to capture a complete trail of privileged role changes. | ||
|
|
||
| Additionally, customers are responsible for defining and enforcing actions when privileged access is no longer appropriate — including integrating role revocation with Identity Provider (IdP) workflows to ensure timely de-provisioning upon employee offboarding or role changes, and establishing internal SLAs to govern the timeliness of such actions. | ||
|
|
||
| ## Guidance | ||
|
|
||
| ### Customer Responsibility | ||
|
|
||
| Privileged access to Private Mendix Platform is controlled through Role-Based Access Control (RBAC) that is driven by the customer's Identity Provider (IdP): | ||
|
|
||
| #### Authentication | ||
|
|
||
| Users authenticate through the customer's IdP (for example, Azure AD, Entra ID, or other SAML 2.0 or OIDC-compliant provider). The platform does not maintain independent credential stores for end users. | ||
|
|
||
| #### Role Assignment through IdP Claims or Groups | ||
|
|
||
| The customer's IdP asserts group memberships or role claims during authentication. These IdP groups or claims are mapped to corresponding Private Mendix Platform roles. This ensures that the customer retains centralized control over who holds privileged roles. | ||
|
|
||
| #### Access Enforcement | ||
|
|
||
| Upon authentication, the platform evaluates the user's IdP-asserted roles and grants or denies access to privileged actions accordingly. Users without the required privileged role mapping cannot access or execute privileged functions. | ||
|
|
||
| #### Lifecycle Management | ||
|
|
||
| When a user's group membership or role claim is modified or removed in the customer's IdP, their privileged access within Private Mendix Platform and Mendix applications is updated at the next authentication event. This ensures that privilege revocation is handled centrally through the IdP. | ||
|
|
||
| ## Proof and Remarks | ||
|
|
||
| For more information on how Private Mendix Platform manages dynamic roles and groups, see [Dynamic Role Management in Private Mendix Platform](/private-mendix-platform/dynamic-role-management/#role-editing). | ||
|
|
||
| {{< figure src="/attachments/private-platform/nist-ac/nist-ac-0207-1.png" class="no-border" >}} | ||
|
|
||
| {{< figure src="/attachments/private-platform/nist-ac/nist-ac-0207-2.png" class="no-border" >}} | ||
|
|
||
| {{< figure src="/attachments/private-platform/nist-ac/nist-ac-0207-3.png" class="no-border" >}} | ||
|
|
||
| {{< figure src="/attachments/private-platform/nist-ac/nist-ac-0207-4.png" class="no-border" >}} | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
56 changes: 56 additions & 0 deletions
56
content/en/docs/private-platform/nist-controls/au/pmp-nist-au0902.md
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,56 @@ | ||
| --- | ||
| title: "AU-09 (02) Protection of Audit Information - Audit Backup on Separate Physical Systems or Components" | ||
| linktitle: "AU-09 (02)" | ||
| url: /private-mendix-platform/nist-controls/au-0902/ | ||
| description: "Documents the Private Mendix Platform's compliance with the AU-09 (02) control of the NIST 800-53 framework." | ||
| weight: 20 | ||
| --- | ||
|
|
||
| ## Introduction | ||
|
|
||
| This document describes how Private Mendix Platform fulfills the AU-09 (02) control. | ||
|
|
||
| | Control ID | AU-09 (02) | | ||
| | --- | --- | | ||
| | Requirement baseline | FEDRAMP MODERATE | | ||
| | Responsibility and ownership | Customer - Org, Customer - Infra | | ||
|
|
||
| ## Control | ||
|
|
||
| The information system backs up audit records at an organization-defined frequency onto a physically different system or system component than the system or component being audited. | ||
|
|
||
| ### Supplemental Guidance | ||
|
|
||
| This control enhancement helps to ensure that a compromise of the information system being audited does not also result in a compromise of the audit records. | ||
|
|
||
| The following controls are related to this control: | ||
|
|
||
| * AU-04 | ||
| * AU-05 | ||
| * AU-11 | ||
|
|
||
| ## Responsibility | ||
|
|
||
| ### Customer Responsibility | ||
|
|
||
| The customer is responsible for implementing this control in an appropriate manner in their organization. This includes establishing audit record backup policies and procedures that ensure logs are regularly replicated to a physically separate system to comply with federal requirements. The customer must ensure that backup destinations, frequencies, and retention periods for audit records are documented, reviewed, and enforced within their environment. | ||
|
|
||
| ## Guidance | ||
|
|
||
| ### Customer Responsibility | ||
|
|
||
| This control is governed by NIST SP 800-53 Rev 4 and NIST SP 800-92, which establish requirements for the protection and backup of audit information for federal information systems. Customers operating within a FedRAMP or DoD SRG environment must ensure their audit record backup mechanisms meet the baseline requirements for physical separation and data integrity. | ||
|
|
||
| To meet these requirements, the customer must carry out the following actions: | ||
|
|
||
| 1. Define audit record backup destinations and frequency. | ||
|
|
||
| Establish and document where audit records and logs should be backed up to, ensuring the backup target is on a physically different system or system component than the one being audited. The customer must dictate backup frequency, retention periods, and acceptable storage locations in accordance with NIST SP 800-92 guidelines for log management. | ||
|
|
||
| 2. Ensure infrastructure-level backup configuration. | ||
|
|
||
| Direct the Infra Implementer to ensure that audit record backups are properly created, configured, and populated on the designated physically separate system. This includes verifying that backup processes are automated, monitored for failures, and aligned with the organization's contingency planning requirements per NIST SP 800-34. | ||
|
|
||
| 3. Ensure application-level audit log backup. | ||
|
|
||
| Direct the App Implementer to ensure that the Mendix App's custom audit logs are properly directed to the backup system as dictated by the Customer. This includes configuring log forwarding mechanisms within the application to target the designated backup infrastructure and validating that all auditable events are captured in the backup trail. |
15 changes: 15 additions & 0 deletions
15
content/en/docs/private-platform/nist-controls/ca/_index.md
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| --- | ||
| title: "NIST 800-53 Security Assessment and Authorization for Private Mendix Platform" | ||
| linktitle: "Security Assessment and Authorization" | ||
| url: /private-mendix-platform/nist-controls-ca/ | ||
| description: "Documents the Private Mendix Platform's compliance with the Security Assessment and Authorization (CA) category of the NIST 800-53 security framework." | ||
| weight: 10 | ||
| no_list: false | ||
| simple_list: true | ||
| --- | ||
|
|
||
| ## Introduction | ||
|
|
||
| Documents in this section provide more information about Private Mendix Platform's compliance with the Security Assessment and Authorization (CA) category of the [NIST 800-53](https://csrc.nist.gov/pubs/sp/800/53/r5/upd1/final) security framework. For each applicable control, we have listed which party (Mendix or the customer) is responsible for which component or aspect. | ||
|
|
||
| In general, Mendix is responsible for the Private Mendix Platform, Mendix Operator, Mendix Studio Pro, Mendix Runtime, and so on. Customer responsibilities are related to infra and organization processes. For more information, refer to detailed documentation below. |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🚫 [vale] reported by reviewdog 🐶
[Mendix.Dashes] Remove spaces around the em dash (—). Or, to set off a list item intro or number range, use an en dash (–) instead.