Salesforce Security tools: Checkmarx versus Veracode

salesforce-security-scanning

When considering security tools for Salesforce applications, Checkmarx and Veracode stand out as leading solutions, each offering distinct features and integration capabilities. The choice between these tools often depends on specific security requirements, the complexity of your Salesforce applications, and your team’s workflow. Checkmarx for Salesforce Scanning Features: Static Application Security Testing (SAST): Checkmarx excels … Read more

Comparing Salesforce Security Methods: isAccessible(), with User Mode, and with SECURITY_ENFORCED

salesforce-security

In Salesforce development, ensuring data security and proper permissions are essential to maintaining the integrity and confidentiality of your data. Three key methods to enforce security are isAccessible(), with User Mode, and with SECURITY_ENFORCED. This article provides a detailed comparison of these methods, exploring their use cases, advantages, and limitations. 1. Using isAccessible() Overview isAccessible() … Read more

15 security pitfalls to avoid when it comes to a successful Salesforce implementation

15 Salesforce security pitfalls

Salesforce is a powerful platform that serves as a backbone for managing customer relationships, sales processes, and business operations for thousands of companies worldwide. However, with great power comes great responsibility, especially when it comes to security. Implementing Salesforce without paying attention to security can lead to various pitfalls that could compromise sensitive data and … Read more

Why Using Outdated API Versions is a Bad Idea

Salesforce API Versions

A key aspect of Salesforce’s infrastructure is its use of API (Application Programming Interface) versions to manage and access its features and services. While Salesforce regularly updates its API versions to introduce new features, improve performance, and enhance security, it also maintains backward compatibility for a number of previous versions. However, relying on outdated API … Read more

Using Named Credentials to make Salesforce Apex more secure

Named Credentials

Named Credentials in Salesforce serve as a secure method of managing authentication data for external services. They encapsulate the endpoint URL and the required authentication credentials (username, password, OAuth, etc.), providing a simplified and secure way to call out to external APIs from Salesforce. When developing on the Salesforce platform, security is a paramount concern, … Read more

7 ways security can be compromised on a Salesforce Cloud and how to prevent it

Salesforce Security

While Salesforce provides robust security features, the platform’s security is not solely in the hands of Salesforce; it is a shared responsibility with the organizations that use it. Advanced Salesforce developers and administrators must be aware of common security vulnerabilities and adopt best practices to mitigate risks. This article explores the technical nuances of common … Read more

Step by Step Guide to Enable Multi-Factor Authentication in Salesforce

Step by Step Guide to Enable Multi-Factor Authentication in Salesforce

Enabling Multi-Factor Authentication (MFA) in Salesforce is a critical step in securing your Salesforce environment by adding an extra layer of protection to your user login process. MFA requires users to verify their identities with two or more forms of authentication before gaining access. Here’s a step-by-step guide to enable MFA in Salesforce: 1. Plan … Read more

MFA Is Turned On by Default Starting April 2024

To prevent unauthorized access to Salesforce accounts, multi-factor authentication (MFA) is required when users log in. To help customers with this contractual requirement, Salesforce is making MFA a default part of the direct login process for production orgs. This change applies to production orgs created on or after April 8, 2024. It also applies to … Read more

Everything you wanted to know about Remote Site Settings in Salesforce

Remote Site Settings

When integrating Salesforce with external systems or allowing it to make callouts to external web services, Remote Site Settings play a critical role in defining trusted URLs for outbound communications. Here’s a comprehensive guide to understanding and managing Remote Site Settings in Salesforce. What are Remote Site Settings? Remote Site Settings in Salesforce are configurations … Read more