FREE Threat Assessment
Find out what is getting through your security systems with a FREE threat assessment
Code Red - The latest zero day vulnerability, the Heartbleed Bug in the OpenSSL cryptographic library. Affects tech providers using OpenSSL's 1.0.1 and the 1.0.2-beta release.
Version 1.2: Intrusion Detection
The PanoSec salesforce logger allows traceability in the event of unauthorised or access or suspicious activity. If login credentials of a user get in the hands of a malicious user, their IP address will be tracked and any pages they visit within salesforce will be logged to that user and IP address. This helps to find information about any compromise. In addition, day to day tracing can be used to find information with regards to salesforce usage on a per-user basis or for specific modules or pages within salesforce.
IP Address Logging, Brute force blocker and IP filtering
All IP addresses are tracked, any IP addresses that are new to the logger or from a foreign country can be flagged and access to salesforce stopped immediately. Log in attempts are also tracked and IP addresses that are associated with brute-force attempts will be automatically blacklisted. IP's and IP ranges can be blocked or for specific time periods e.g. an IP can have access during working hours only of for a temporary period. Salesforce access can be restricted by country.
Audit trails are closely monitored for any suspicious activity, such as manual password resets (especially a system administrator's password being reset), a user's permissions being extended, or a user's profile changing can be closely tracked. Any of these events can trigger Panosec alerts and active response.
Salesforce applications and performance monitoring
Any custom applications written for Salesforce are also tracked for their usage. If an unusual amount of queries happen in a short amount of time, it could be a malicious user trying to extract large amounts of information. The salesforce logger keeps a track of the average number of queries and any time there is a spike in usage this is flagged. This data can also be used to review system performance shown in details on the PanoSec panel with historic graphs.
Salesforce.com component set up instructions