The New Reality of Salesforce Security
The landscape of the Salesforce ecosystem shifted dramatically in 2025. With major breaches affecting global enterprises and the rapid adoption of AI-driven tools like Agentforce, the threat model for Salesforce instances has evolved. Security is no longer just about profiles and permission sets—it is an existential requirement for every developer and architect.
Rather than chasing reactive patches, we must adopt foundational principles to build a resilient, long-term security posture.
1. Acknowledge the Problem
Many organizations operate under the "not me" fallacy. However, the scale of recent breaches involving companies like Google and Adidas proves that no entity is immune. If your org has not been breached yet, it does not mean your architecture is inherently secure; it may simply mean you have not been targeted yet. Acknowledging that the threat is persistent is the first step toward building a proactive defense.
2. Understand Your Attack Surface
Salesforce is a highly secure platform, but it becomes vulnerable through its extensions. Breaches rarely occur in the core platform; they occur in the gaps created by custom development and configuration.
Your attack surface includes:
- Custom Apex Code: Insecure SOQL queries, cross-site scripting (XSS) risks, and broken access control.
- Integrations: API endpoints, Connected Apps, and middleware configurations.
- Lightning Web Components: Client-side vulnerabilities.
- Agentforce & AI: Data leakage through LLMs and improper prompt handling.
Action: Conduct a comprehensive attack surface analysis. You cannot mitigate vulnerabilities that you have not documented.
3. Don’t Plan Security Around Yesterday's Breaches
It is common to see teams pivot all their efforts toward the latest publicized exploit (e.g., vishing or specific connected app abuses). While mitigating known risks is necessary, focusing solely on past attack vectors creates a blind spot for novel threats. A robust security strategy must assume that attackers are constantly iterating. Design for defense-in-depth, not just a reaction to the last headline.
4. Leverage the Community and Shared Intelligence
Attackers coordinate, and so should defenders. The Salesforce Ohana provides a unique advantage for sharing threat intelligence. Engage with community-driven initiatives like SecurityForce to stay updated on emerging tactics. Sharing experiences—when done safely and anonymously—helps the entire ecosystem build a collective defense against sophisticated actors.
5. Security is a Process, Not a Product
Be wary of any vendor claiming their tool is a "silver bullet." Even organizations with high-end security stacks have been breached. Security is a continuous loop of auditing, monitoring, and architectural refinement.
- Continuous Improvement: Integrate security scanning into your CI/CD pipelines (SAST/DAST).
- Vigilance: Regularly audit external integrations and user permissions.
- Adaptation: As you adopt Agentforce and AI, your security model must adapt to govern data access for autonomous agents.
Key Takeaways
- Acknowledge Vulnerability: Treat security as a constant business requirement, not a one-time project.
- Audit the Surface: Map every integration, custom component, and API endpoint to understand your exposure.
- Avoid Reactive Traps: Do not limit your strategy to previous breach methods; anticipate evolving vectors.
- Collaborate: Utilize community knowledge to stay ahead of organized threat actors.
- Continuous Governance: Security requires ongoing vigilance and integration into your DevOps lifecycle.
Leave a Comment