Omnext Quality- and Security analysis (SAST)

Content Type: Solution
Categories: Extensions

Overview

Software Quality- and Security Analysis

Development speed can come at the cost of quality and security or vice versa, especially with low-code platforms such as Mendix. But this does not have to be the case. Omnext offers the capability to analyse and safeguard the technical quality and security of your apps in a fully automated way. Have your applications analysed every month, every sprint or even every day as part of your CI/CD pipeline or at a click of a button. Staying in control over your software quality has never been this easy.

 

  1. Security Analysis. Idendify security vulnerabilities in a heartbeat by automatically checking your app against  The S-Unit Top 10 security guidelines.
  2. Open Source Analysis. Detect vulnerabilities in your third party components instantly.
  3. Access Rule Analysis. Gain insight in implemented Access Rules and create full CRUDE overviews to audit User Roles, Module Roles, Entity Access and many more. 
  4. Quality Analysis. Measure your app gainst Mendix industry best practices regarding Maintainability, Reliability and Performance. 
  5. Module Dependencies. Gain insight in your app's architecture and module dependencies using advanced visualisations. 
  6. Set your own policies. Determine your own organization wide quality- and security policies, set prioriries, accept findings and many more. You are in control.

 

 

Documentation

Security Analysis (SAST)

Identify security vulnerabilities in a heartbeat

As developers do their outmost best to build safe and secure applications, even developers are only human in the end. In other words, sometimes security risks may be introduced without knowing so.

Analysing your Mendix applications and measuring it against The S-Unit Top 10 and other Mendix security best practices helps you and your developers to identify potential security risks before moving your application to production by providing insight in these risk with each and every change.

 

Access Rule Analysis

Map and evaluate Acces Rules across your apps

One of the most complex things in Mendix is managing Access Rules. Although is relatively easy to set them, it can be quite hard to keep a full overview as your application grows and becomes more complex.

Omnext helps you to visualize exactly which User- and Module Roles haves have Create, Read, Update or Execute rights across entities, microflows and nanoflows. By aggreating this informatin in a ‘CRUDE Matrix style’ overview, it becomes a lot easier to identify misconfigurations before they become security liabilities.

 

Open Source Analysis

Gain insight in the Open Source risks in your Mendix apps

Practically every Mendix application makes use of so called open source components. This is usually a smart thing to do, but you should also be aware of the risks. Are you using the latest available version of a component? Does the component have a ‘risky’ license such as for instance GPL which may have consequences regarding your Intellectual Property? Does your used component contain any known security vulnerabilities?

These are all questions that can be answered within seconds using the Omnext Software Quality Analysis platform (SQA) for Mendix applications.

 

Module Dependencies

Gain insight in your module dependencies and architecture

One of the greatest challenges when building software is setting up and sticking to a clear architecture. In Mendix, it is easy to create functional modules fast. However, it is also quite easy to create inter-module dependencies that make future changes or maintenance very hard. The Omnext SQA platform makes these dependencies between modules visbile and indicates what is causing them so you can take targeted action.

 

Quality policies and governance

Determine organization wide quality guidelines and policies

Being in control over the technical quality of your Mendix apps starts with determining policies: What are the guidelines development teams should adhere to? The Omnext SQA platform allows you to determine your own Best Practice Rule Sets, priorities and thresholds. You determine what is important for your organization.