SC-02 System and Communications Protection - Application Partitioning
Documents the Private Mendix Platform's compliance with the SC-02 control of the NIST 800-53 framework.
NIST 800-53 System and Communications Protection Compliance for Private Mendix Platform
Last modified: May 22, 2026
Introduction
Documents in this section provide more information about Private Mendix Platform's compliance with the System and Communications Protection (SC) category of the NIST 800-53 security framework. For each applicable control, we have listed which party (Mendix or the customer) is responsible for which component or aspect.
In general, Mendix is responsible for the Private Mendix Platform, Mendix Operator, Mendix Studio Pro, Mendix Runtime, and so on. Customer responsibilities are related to infra and organization processes. For more information, refer to detailed documentation below.
SC-04 System and Communications Protection - Information in Shared Resources
Documents the Private Mendix Platform's compliance with the SC-04 control of the NIST 800-53 framework.
SC-07 System and Communications Protection - Boundary Protection
Documents the Private Mendix Platform's compliance with the SC-07 control of the NIST 800-53 framework.
SC-07 (10) System and Communications Protection - Boundary Protection Prevent Unauthorized Exfiltration
Documents the Private Mendix Platform's compliance with the SC-07 (10) control of the NIST 800-53 framework.
SC-07 (11) System and Communications Protection - Boundary Protection - Restrict Incoming Communications Traffic
Documents the Private Mendix Platform's compliance with the SC-07 (11) control of the NIST 800-53 framework.
SC-07 (12) System and Communications Protection - Boundary Protection - Host-Based Protection
Documents the Private Mendix Platform's compliance with the SC-07 (12) control of the NIST 800-53 framework.
SC-07 (14) System and Communications Protection - Boundary Protection - Protects Against Unauthorized Physical Connections
Documents the Private Mendix Platform's compliance with the SC-07 (14) control of the NIST 800-53 framework.
SC-08 (01) System and Communications Protection - Transmission Confidentiality and Integrity- Cryptographic or Alternate Physical Protection
Documents the Private Mendix Platform's compliance with the SC-08 (01) control of the NIST 800-53 framework.
SC-08 (02) System and Communications Protection - Transmission Confidentiality and Integrity- Pre/Post Transmission Handling
Documents the Private Mendix Platform's compliance with the SC-08 (02) control of the NIST 800-53 framework.
SC-08 System and Communications Protection - Transmission Confidentiality and Integrity
Documents the Private Mendix Platform's compliance with the SC-08 control of the NIST 800-53 framework.
SC-10 System and Communications Protection - Network Disconnect
Documents the Private Mendix Platform's compliance with the SC-10 control of the NIST 800-53 framework.
SC-12 System and Communications Protection - Cryptographic Key Establishment and Management
Documents the Private Mendix Platform's compliance with the SC-12 control of the NIST 800-53 framework.
SC-13 System and Communications Protection - Cryptographic Protection
Documents the Private Mendix Platform's compliance with the SC-13 control of the NIST 800-53 framework.
SC-17 System and Communications Protection - Public Key Infrastructure Certificates
Documents the Private Mendix Platform's compliance with the SC-17 control of the NIST 800-53 framework.
SC-18 System and Communications Protection - Mobile Code
Documents the Private Mendix Platform's compliance with the SC-18 control of the NIST 800-53 framework.
SC-20 System and Communications Protection - Secure Name and Address Resolution Service (Authoritative Source)
Documents the Private Mendix Platform's compliance with the SC-20 control of the NIST 800-53 framework.
SC-21 System and Communications Protection - Secure Name and Address Resolution Service (Recursive or Caching Resolver)
Documents the Private Mendix Platform's compliance with the SC-21 control of the NIST 800-53 framework.
SC-23 (01) System and Communications Protection - Session Authenticity - Invalidate Session Identifiers at Logout
Documents the Private Mendix Platform's compliance with the SC-23 (01) control of the NIST 800-53 framework.
SC-23 (03) System and Communications Protection - Session Authenticity - Unique Session Identifiers with Randomness
Documents the Private Mendix Platform's compliance with the SC-23 (03) control of the NIST 800-53 framework.
SC-23 (05) System and Communications Protection - Session Authenticity - Allowed Certificate Authorities
Documents the Private Mendix Platform's compliance with the SC-23 (05) control of the NIST 800-53 framework.
SC-23 System and Communications Protection - Session Authenticity
Documents the Private Mendix Platform's compliance with the SC-23 control of the NIST 800-53 framework.