Secure Salesforce files, users, and SaaS integrations with Obsidian Security

Get a demoFree Trial

Salesforce misconfigurations leave files, users, and tokens exposed

A shocking number of organizations are leaking private and sensitive information due to misconfigurations in Salesforce.

Obsidian Security makes it easy to identify publicly shared files and remediate misconfigurations.

Teams lack the time and expertise to manually audit Salesforce

A ‘do-it-yourself’ approach to Salesforce security creates unmanageable complexity and misses critical gaps.

  • Struggle to correlate and standardize privileged accounts with User Profiles and Permission Sets across Salesforce tenants
  • Blind to undisclosed SaaS-to-Salesforce integrations and public links
  • No controls preventing unauthorized access via enabled but uninstalled Salesforce integrations that retain active OAuth tokens

Detect MFA bypass, public files, and excess permissions in Salesforce

  • Identify and reduce over-privileged users (ghost administrators)
  • Audit and remove dormant accounts across tenants to reduce attack surface
  • Identify publicly shared files lacking access controls (a common misconfiguration that risks data exfiltration)
  • Detect users that bypass MFA and directly login to your Salesforce URL

Mitigating Modern SaaS Threats in Salesforce with Obsidian

Salesforce empowers data innovation, but also introduces risks from excessive access and third-party code. Obsidian’s SaaS-native security stack continuously monitors token usage, enforces secure configurations, and delivers identity-aware detection to help organizations mitigate modern SaaS threats.

Related Resources

Incident Watch Cover

Blog

Salesforce Misconfiguration Continues to Expose Links to the Public

Incident Watch Cover

Blog

SaaS Security Shared Responsibility Model: Who’s Responsible for SaaS Security?

Incident Watch

Vishing Campaign Targets Salesforce for Data Theft