Blue Storm has achieved SOC II Type II certification from Intercert, covering Security, Availability, and Confidentiality — effective March 2026.
Utrecht, Netherlands, May 23, 2026 — Blue Storm today announced two significant milestones: SOC II Type II certification for its AppControl platform, and the release of AppControl 2026.4, a focused engineering release delivering meaningful performance improvements, governance refinements, and foundational work preparing the platform for upcoming AI-powered capabilities.
Enterprise-Grade Governance, Built the Right Way
Blue Storm has achieved SOC II Type II certification from Intercert, covering Security, Availability, and Confidentiality — effective March 2026. The certification reflects Blue Storm’s commitment to building and maintaining AppControl in a manner that meets the highest standards of enterprise compliance.
Critically, Blue Storm uses AppControl itself to maintain ISO 27001 and SOC II compliance — practicing what it preaches and demonstrating that the platform is fit for exactly the kind of governance challenges its customers face. Many Mendix customers build custom internal tooling to manage their low-code environments, but custom tooling rarely comes with the audit trails, security controls, and formal compliance posture that enterprise deployments require. AppControl does.
“Governance software has to be held to a higher standard,” said Andrew Whalen, founder of Blue Storm. “Our customers are trusting AppControl to oversee their most critical Mendix applications. It’s only right that we can demonstrate — through independent certification — that AppControl itself is developed and operated in a compliant, secure, and reliable way. We use AppControl to stay compliant. That’s not a talking point, that’s how we work.”
AppControl 2026.4 — Performance, Scalability, and AI Readiness
At the heart of this release is a significantly faster model processing engine. AppControl now processes only changed components rather than full models, cutting processing times by 25–50% depending on the scope of changes. For organizations managing large Mendix portfolios, this improvement translates directly into faster feedback loops and reduced infrastructure load.
Java library detection has also been strengthened, with AppControl now reading manifest files directly for more accurate identification — improving the reliability of security and compliance analysis at scale.
“This release is about building a platform that can handle whatever our customers throw at it,” said Andrew Whalen, founder of Blue Storm. “As Mendix deployments grow in size and complexity, AppControl needs to scale with them. We’ve also been laying the groundwork for AI capabilities that will start to come online in the next release — we’re excited about what that will enable for our customers.”
Release Highlights
- SOC II Type II certified — Security, Availability, and Confidentiality
- ISO 27001 aligned development and operations
- 25–50% faster model processing through incremental change detection
- More accurate Java library identification via manifest file reading
- App Management API for registering apps before auto-detection
- Policy Viewer role consolidation for simplified access management
- Fixes to Data Policy role handling and repository enumeration
- Central knowledge repository updates in preparation for AI feature delivery
About AppControl
AppControl is the continuous governance platform for AI development. Built for platform, governance, and DevOps teams, AppControl simplifies oversight, enforces compliance, and provides end-to-end visibility across the full application lifecycle: Develop, Deploy, Monitor, and Control. Purpose-built for Mendix and designed to scale across the modern AI landscape, AppControl’s real-time governance controls and fine-grained access roles empower organizations to answer once and for all: “Are you in control?“
For more information, visit www.bluestorm.io/appcontrol.
About Blue Storm
Blue Storm specializes in continuous governance solutions for AI development, empowering platform, governance, and DevOps teams to manage application portfolios with confidence, control, and compliance. With deep roots in the Mendix ecosystem, Blue Storm delivers innovative tooling designed to meet the evolving needs of enterprises building at scale with AI.
Recent Comments