At Dassault Systèmes, we put security, privacy and quality at the heart of our 3DEXPERIENCE platform operations.
Our ISO-certified management systems power our reliable and scalable cloud platform with state-of-the-art practices — critical enablers of your business success.
Multi-faceted and proactive cybersecurity management
Secure handling and processing of personally identifiable information (PII)
Traceable software development lifecycle to control software changes
We understand that safeguarding your data and intellectual property is your highest priority. Rest assured that it's ours as well. We have established a security program to defend every level of your cloud implementation using the highest standards available.
Specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system and includes requirements for the assessment and treatment of information security risks. The scope of our certification includes design, development, delivery, deployment, cloud operations and support of the 3DEXPERIENCE platform SaaS.
Dassault Systèmes takes vulnerability disclosure seriously and values the role of independent security researchers.
As part of our measures to continuously monitor and mitigate vulnerabilities, we apply comprehensive risk assessment to identify, analyze and evaluate risks and select risk treatment controls based on NIST SP 800-53, ISO/IEC 27001 and ISO/IEC 27701. We employ a multi-layer vulnerability management system based on NIST best practices, combining external and in-house systems for identifying, testing and controlling vulnerabilities.
A major part of our vulnerability management system is our usage of network and vulnerability scanners. If a vulnerability requiring remediation has been identified, it is logged and prioritized according to severity, then tracked until it has been remediated. We use static code analysis (SAST), dynamic analysis (DAST) and intensive manual penetration tests in addition to controls based on OWASP best practices to continually add new security measures against potential threats.
Third Party Vulnerability Assessment Certificate | Certificate Date |
3DEXPERIENCE Platform Security Assessment R2023xGA | 19-DEC-2022 |
3DEXPERIENCE Platform Security Assessment R2022x | 19-JULY-2021 |
3DEXPERIENCE Platform Security Assessment R2021x-FD03 | 22-OCT-2020 |
Our cloud solutions are built with respect for the privacy of our customers and users. We follow high standards to ensure that all personally identifiable information (PII) is processed securely, in accordance with relevant laws and standards such as the European General Data Protection Regulation 2016/679 (GDPR).
Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management. The scope of our certification includes data privacy management in the context of 3DEXPERIENCE platform SaaS when Dassault Systèmes acts in the role of controller and processor.
We act in the role of controller and in the role of processor as defined by the European General Data Protection Regulation. For more information visit our data protection page and read our 3DEXPERIENCE Cloud Security & Privacy Whitepaper.
We are deeply committed to creating quality solutions that allow our customers to meet the critical business requirements of the industries in which they operate. This commitment to quality is evidenced by our well-established Quality Management System (QMS) that focuses on operational excellence and performance. Our QMS is based on common business processes and infrastructure, supported by the 3DEXPERIENCE platform, and is centrally administered through a global operational model.
Specifies the requirements for establishing, implementing, maintaining and continually improving a quality management system when an organization needs to demonstrate its ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements and aims to enhance customer satisfaction through the effective application of the quality system. The scope of our certification includes design, development, delivery, deployment, cloud operations and support of the 3DEXPERIENCE platform and apps.