Who is responsible for anti-virus protection and can Mendix help if a virus attach happens?
When it comes to security, developer is responsible for securing the application using Mendix best practices. However if an application still becomes a victim of some kind of virus attack, who is responsible for removing the virus, developer or Mendix? Is there any additional anti-virus modules, that would be useful, in addition to just using Mendix default security settings? And can Mendix assist with removing the virus from the system if the attack happens? Would it be a free or paid service then?
Mendix is responsible to keep the server side clean. You are responsible for the documents you upload to the environment. The chance that those documents infects the Mendix environment is almost zero in my opinion. Because documents are only opened client side and only stored on the server side. For checking the filedocuments there are a couple of modules to check those files. And there are multiple API's where you could check those files.