Secure Salesforce files, users, and SaaS integrations with Obsidian Security

Get a Demo Free Trial

50%

of organizations have local login enabled

Obsidian Network Data

82%

of SFDC tenants have publicly-exposed files

Obsidian Network Data

200+

organizations leaked private data via misconfigured SFDC accounts

KrebsOnSecurity

Teams lack the time and expertise to manually audit Salesforce

A ‘do-it-yourself’ approach to Salesforce security creates unmanageable complexity and misses critical gaps.

Struggle to correlate and standardize privileged accounts with User Profiles and Permission Sets across Salesforce tenants
Blind to undisclosed SaaS-to-Salesforce integrations and public links
No controls preventing unauthorized access via enabled but uninstalled Salesforce integrations that retain active OAuth tokens

Obsidian dashboard listing risky Salesforce configuration settings like public file links, disabled clickjack protection, and IP range enforcement gaps.

Obsidian UI highlighting Salesforce users with no MFA and direct login enabled, alongside a security review of dormant OAuth tokens for a chatbot integration.

Detect MFA bypass, public files, and excess permissions in Salesforce

Identify and reduce over-privileged users (ghost administrators)
Audit and remove dormant accounts across tenants to reduce attack surface
Identify publicly shared files lacking access controls (a common misconfiguration that risks data exfiltration)
Detect users that bypass MFA and directly login to your Salesforce URL

Incident Watch Cover

Blog

Salesforce Misconfiguration Continues to Expose Links to the Public

Incident Watch Cover

Blog

SaaS Security Shared Responsibility Model: Who’s Responsible for SaaS Security?

Incident Watch

Vishing Campaign Targets Salesforce for Data Theft