Core Principle: Inherited Security
Nextedy Apps do not maintain their own databases or authentication systems. While apps expose their own REST endpoints, these endpoints are accessible only within the Polarion server perimeter and are protected by Polarion’s authentication and session management. Every operation executes within the security context of the currently authenticated Polarion user. The practical consequence is that the security posture of a Nextedy deployment is determined by the security posture of the underlying Polarion installation. This leads to a clear responsibility model:| Responsibility | Owner |
|---|---|
| Secure app code, dependency management, vulnerability scanning | Nextedy |
| Polarion platform security, authentication, encryption, backup | Customer (on-premise) or Siemens (Polarion X) |
| User provisioning, access control policies, project permissions | Customer |
Deployment Modes
Nextedy Apps support both deployment models offered by Polarion:- On-premise — The customer manages the entire Polarion infrastructure, including OS, JVM, TLS certificates, backup, and network security.
- Polarion X (SaaS) — Siemens manages the Polarion infrastructure. Nextedy Apps have been cleared by Siemens IT security review for deployment on Polarion X.
Explore This Section
Product Security
App architecture, authentication model, secure development practices.
Data Security
Data storage, encryption, isolation, and backup.
Compliance and Assessments
Security assessments, certifications, and industry relevance.
Privacy
Data processing scope, GDPR approach, and data residency.
Incident Management
Security monitoring, triage, patching SLAs, and breach notification.
Supply Chain Security
SBOM, third-party component tracking, and vulnerability scanning.