SaaS Security Scanner
SaaS Security Scanner for Salesforce
SaaS Security Scanner
The Cloud is a cornucopia of low-hanging fruit for hackers.
SaaS
Security Scanner for Salesforce
S4
Process
Review Environment Configuration
Scan Source Code
Generate custom fuzzer
Fuzz live Salesforce run-time instance
01
Review Environment Configuration
01 Review Environment Configuration
Review Environment Configuration

S4 for Salesforce reviews the configurations of a Salesforce org and identifies flaws.

Scan Source Code
02 Scan Source Code
Scan Source Code

S4 uses a robust client-side static code analysis engine to create call flows to identify CRUD/FLS flaws. It uses data flow analysis to associate Visualforce components to their associated controllers. This information is then used by a white-box fuzzer to identify injection vulnerabilities.

Generate custom fuzzer
03 Generate custom fuzzer
Generate custom fuzzer

S4 uses white-box fuzzing to rapidly identify injection flaws within Force.com code. All vulnerabilities identified during run-time testing contain Proof of Concept (PoC) exploits. This ensures there are no false positives.

Fuzz live Salesforce run-time instance
04 Fuzz live Salesforce run-time instance
Fuzz live Salesforce run-time instance

S4 launches the custom fuzzer in the installed organization and can be scaled out to as many organizations as needed. All code analyzed remains within the organization preserving intellectual property of the code base.

SaaS Security Scanner for Salesforce
S4 Results
01 Application Security Report

You don’t need an expert to run S4. With one click, you get an Application Security Report comprised of detailed findings.

02 Severity of Findings

Each finding is prioritized based on risk and impact to data.

03 Remediation Recommendations

S4 produces clear guidance on how to effectively fix findings.

SaaS Security Scanner for Salesforce
S4 key features
  •  STATIC SOURCE CODE ANALYSIS STATIC SOURCE CODE ANALYSIS
  • HIPAA COMPLIANCE HIPAA COMPLIANCE
  •  WHITE-BOX FUZZ TESTING WHITE-BOX FUZZ TESTING
  •  PCI COMPLIANCE PCI COMPLIANCE
  • SIGNATURE BASED TESTING SIGNATURE BASED TESTING
  •  SECURITY CONFIGURATION REVIEW SECURITY CONFIGURATION REVIEW
  •  VERIFIED EXPLOITS VERIFIED EXPLOITS
  • NO CODE LIMITS NO CODE LIMITS
  •  LIGHTNING COMPONENTS LIGHTNING COMPONENTS
  • UNLIMITED SCANS UNLIMITED SCANS
SaaS Security Scanner for Salesforce
S4 pricing
s4
Discount available for Non-profits
SaaS Security Scanner for Salesforce
Contact Us
SaaS Security Scanner for Salesforce
S4 Results