Promotions:

FREE Threat Assessment

Find out what is getting through your security systems with a FREE threat assessment

Latest News:

Code Red - The latest zero day vulnerability, the Heartbleed Bug in the OpenSSL cryptographic library. Affects tech providers using OpenSSL's 1.0.1 and the 1.0.2-beta release.

Platform Updates:

Version 1.2: Intrusion Detection

Client Login
Sign on Register Forgot?
  • 01924 919241
Home / PanoSec Platform: Salesforce.com Component Benefits

Monitoring Salesforce.com Logs

cyber security salesforce.com

PanoSec Platform: Salesforce.com Component Benefits

  • All checks/logs are live and keep historical data
  • Only a restricted salesforce login is required for Panosec. No additional software needed.
  • Full Traceability.
  • IP Address Logging.
  • Brute force blocker.
  • IP filtering (with time of day options).
  • Audit Trail.
  • Salesforce applications and performance monitoring.
  • Standard checks for salesforce service availability (ping, latency and content checkers).
  • Detailed salesforce performance reports.
  • Automated/scheduled email reports.
  • Panosec alerts and configurable active response.

Traceability

The PanoSec salesforce logger allows traceability in the event of unauthorised or access or suspicious activity. If login credentials of a user get in the hands of a malicious user, their IP address will be tracked and any pages they visit within salesforce will be logged to that user and IP address. This helps to find information about any compromise. In addition, day to day tracing can be used to find information with regards to salesforce usage on a per-user basis or for specific modules or pages within salesforce.

sfdc_traceability

IP Address Logging, Brute force blocker and IP filtering

All IP addresses are tracked, any IP addresses that are new to the logger or from a foreign country can be flagged and access to salesforce stopped immediately. Log in attempts are also tracked and IP addresses that are associated with brute-force attempts will be automatically blacklisted. IP's and IP ranges can be blocked or for specific time periods e.g. an IP can have access during working hours only of for a temporary period. Salesforce access can be restricted by country.

sfdc_ip_address_logging

Audit Trail

Audit trails are closely monitored for any suspicious activity, such as manual password resets (especially a system administrator's password being reset), a user's permissions being extended, or a user's profile changing can be closely tracked. Any of these events can trigger Panosec alerts and active response.


Salesforce applications and performance monitoring

Any custom applications written for Salesforce are also tracked for their usage. If an unusual amount of queries happen in a short amount of time, it could be a malicious user trying to extract large amounts of information. The salesforce logger keeps a track of the average number of queries and any time there is a spike in usage this is flagged. This data can also be used to review system performance shown in details on the PanoSec panel with historic graphs.


Salesforce.com component set up instructions