Salesforce Security Blind Spots: All Input Is Evil

A security gap exists with Salesforce public clouds because the platform does not inherently protect against malicious inputs or malware contained in file uploads, phishing URLs, web-to-lead submissions, etc.

Salesforce Application Security Guide

This guide contains expert opinions and stories of innovation with key takeaways and practical tips security teams can use now to better secure Salesforce.

In-Depth Detection Helps Platinum7 Protect Salesforce Data

Platinum7 utilizes automated security testing as a main tool in their detailed security assessments to find real risk hidden within their client's Salesforce environments.

More DigitSec Spring23 Release Updates

Following our Spring23 Release, we've made a number of additional updates including better GitHub integration, user permission editing, and more.

Salesforce Security Blind Spots: Securing 3rd-Party Access

In our fourth Salesforce Security Blind Spots session, our CEO Waqas and Kyle Tobener of Copado discuss the lack of security in Salesforce's 3rd-party supply chain of apps and packages.

KrebsOnSecurity: “Shocking Number of Organizations” Experiencing Data Leakage From Salesforce Community Sites

KrebsOnSecurity found “a shocking number of organizations” are experiencing data leakage from their Salesforce Community sites.

DigitSec Spring23 Release

DigitSec has grown quickly over the past several months and with this growth we've made considerable steps forward in improving the user interface, making the platform more robust, helping secure ecommerce, and more.

Digitsec Demo Jam at Copado Community Day 2023

Our VP of Customer Success, Phil Lepanto provides a demo of how DigitSec's security scanning for Salesforce integrates directly into Copado DevOps.

3 Ways To Save Time & Money on Salesforce Security

Security in Salesforce can use up a lot of time, money and people because security needs to be enforced across multiple layers and departments. Automation, accuracy, and the right tools can help save time and money.

Salesforce Security Blind Spots: Secure Observability & Logging

In this session, Waqas and Nikita discuss how observability is imperative to staying aware of what’s happening in your Org. But this observability needs to be secure to avoid data leakage.

Autonomous Software Leader Accelerates Salesforce Security

The Head of IT at a leading software company saw the need to update the company's Salesforce security after 15+ years of using the platform. He met this challenge head on with the help of DigitSec.

DigitSec and Copado Integrate Closely for DevSecOps & Greater ROI

Copado is a robust DevOps platform that can support any development challenge. Integrating DigitSec into Copado development pipelines delivers true DevSecOps for Salesforce.

Watch: Practice DevSecOps in Copado With DigitSec

Copado hosted a fireside chat with our CEO to discuss the importance of IT security, the success of DevSecOps with DigitSec, real-world scenarios and the cost of not doing security.

Hanna Andersson Builds Brand Security & Trust

Hanna Andersson protects their brand while building security and trust through automated security scanning, resulting in a big leap forward for the company.

SaaS Security Has Been Underestimated by Execs

Cloud Infrastructure and Software-As-A-Service (SaaS) have accelerated Digital Transformation across many industries but with it also comes new security challenges & threats.

Simplified PCI DSS Compliance in Salesforce Commerce Cloud

Although Salesforce in itself is PCI DSS compliant, your customizations can and affect that compliance. DigitSec can help you stay PCI DSS compliant in a simplified way.

Salesforce Security Blind Spots: Proactive Protection Against Common Threats

In this session, Waqas and Rachel uncover more security blind spots that relate to the human element, data classification, foundational work and more.

DevSecOps is an Imperative for Digital Transformation

As adoption of the cloud increased, it became imperative for SaaS-based systems to be more flexible. The demand to leverage this flexibility also increased and the response lies in DevOps.

How To Accelerate DevSecOps as Economies Experience Downturns

Software as a Service (SaaS) and Cloud Infrastructure services have evolved to be a key engine behind business' and organizations' progress to greater scale and efficiency. In response, once disparate teams are uniting around DevSecOps.

Security Audits: Are You As Secure As You Think You Are?

Security audits and penetration testing are not like financial audits, which typically happen once a year. An annual cadence just doesn't cut it for security.

Managing Security Risk in a Low Code, No Code World

The Low Code, No Code movement can make Salesforce development easier, faster and more scalable but with it comes a a new set of security risks that need to be addressed.

Salesforce Security Blind Spots: Security Execs Uncover What’s Often Overlooked

Waqas Nazir, CEO and Founder at DigitSec and guest Andy Ognenoff, Managing Director, Global Salesforce Security Lead at Accenture discuss Salesforce security blind spots.

A Look at Salesforce’s Top Data Security Trends for 2022

Salesforce recently released their Top Data Security Trends for 2022 report, which focuses on 4 main areas. We highlight these areas and include how S4 can help strengthen security in each one.

DigitSec Helps Salesforce Users Comply With NIST Standard for Software Testing

DigitSec can be a tool that teams use to help meet requirements in this NIST standard by providing automated, SAST, IAST and external library testing.

Copado Essentials + DigitSec S4 Supports Ultra Short Runway for Implementing DevSecOps

DevSecOps doesn’t happen overnight. It takes constant care and attention to make sure that development, testing, review and deployment are all a part of the process.

Recognition, Partnerships & More – A Look Back at DigitSec’s Q1 2022

From being recognized by third-party outlets to cementing more strategic partnerships, the DigitSec team have been hard at work promoting our powerful security scanner for Salesforce.

Spotlight on Compliance and Common Weakness Enumeration Overlays

Like a modern day Rosetta Stone, DigitSec S4 maps Vulnerability Findings to major compliance frameworks and industry-standard descriptions. Teams can use this information to prioritize their efforts.

Salesforce Republic Chat With DigitSec CEO: Accelerate Development by Reducing False Positives

DigitSec CEO, Waqas talks security with Salesforce Republic and discusses false positives, ways to shift security left, DevSecOps principles and more.

Leverage GitHub for Salesforce DevSecOps: S4 Security Findings Exported in SARIF

Integrating S4 with GitHub now leverages the fundamental strength of a powerful code repository with version control. S4 can now highlight differences between code versions and draw attention to vulnerabilities.

DevOps Excellence Roundtable Discusses Reaching The Gold Standard

This roundtable consisting of expert panelists from DigitSec, Copado, Elements.cloud and OwnBackup discuss what it takes to reach DevOps excellence - the "gold" standard.

InCountry Saves Big On Time & Deploys Faster With DigitSec

InCountry needed to pass the Salesforce AppExchange security review and get their app out to the market quickly . By using DigitSec, they saved over 1000 dev hours and released ahead of schedule.

S4 Winter22 Update Release

DigitSec S4 Winter22 Update Release unites the power of S4 with Copado, connects with SSO providers, brings advanced filtering to vulnerability reports, and provides improved integration with GitHub via SARIF exports.

eWeek Review: DigitSec Accelerates Salesforce Security & Redefines DevSecOps

DigitSec was recently reviewed by eWeek, a trusted source for everything tech. The review confirms that our tool "brings much needed security to Salesforce."

DigitSec Founder Talks Salesforce Security with SystemDotDebug.

SystemDotDebug is a podcast for Salesforce Developers. Waqas Nazir and Shannon Smith of DigitSec join host Meighan Brodsky and Nate Pepper to “Secure Your Shiz” which focuses on Salesforce security.

DigitSec CEO Chats Up Security with Road to CTA #SalesforceSaturday.

Road to CTA, which brings Salesforce architects of all levels together twice a month to connect virtually, invited Waqas to join them and talk about Salesforce security considerations.

Find, Fix and Prevent Salesforce Vulnerabilities

Salesforce is secure out-of-the-box but becomes less so with every modification. Watch the full webinar to learn about the shared responsibility model, common security threats, Salesforce security scanning and more!

Shift all the way Left: S4’s new VS Code Plugin

S4’s new VS Code Plugin is a giant step forward in bringing the power of S4 directly into developers’ favorite IDE. Read more to find a link to an intro video.

S4 Summer21 Update Release

We're excited to announce updated features and improvements. S4 and Salesforce integrate more smoothly and Administrators have more flexibility managing S4.

DigitSec welcomes Phil!

Mr. Lepanto instantly recognized DigitSec’s potential and reached out to the company first to invest, then decided to join the team as an executive officer and roll-up his sleeves.

SalesforceBen: DigitSec CEO explains “Why SAST Isn’t Fast for DevOps”

ICYMI Waqas Nazir posted to SalesforceBen to walk developers through the challenges of effective security scanning and offers a compelling case for why organizations should embrace Salesforce DevSecOps and integrate security testing at multiple points in the CI/CD pipeline.

5 Key Reasons Why Salesforce is Secure

Getting security right for such a complex SaaS platform as Salesforce that can also be extended as a PaaS can be daunting! Salesforce manages to do many things very well when it comes to security. Read about five aspects of security that Salesforce does well and which help to make it among the most secure SaaS offerings today.

BA, DevOps and COE

Over the last 20 years Salesforce has evolved from a cloud sales automation app to a platform that can support any business process and link to every legacy application. This power and sophistication means that Salesforce implementations have become increasingly complex. So we are seeing several established implementation approaches emerging...

DigitSec welcomes Adrian Szwarcburg

Adrian will help us to drive successful Salesforce DevSecOps channel partnerships with global integrators and DevOps automation leaders. He comes to us from AutoRABIT, a DevOps and data protection provider, where he was vice president of channel sales and partnerships.

How your Bad Code is Making Hackers RICH: DigitSec CEO Offers Salesforce Security Tips to DFW Salesforce Developer Group

S4 IntelliJ IDEA Plugin Integrates with SFDX

S4 VS Code Plugin Integrates with SFDX

Salesforce DevSecOps Game Changer: Full S4 CLI Integration with SFDX

Salesforce DevSecOps is in State of Arrested Development

New S4 Integration – Bitbucket with Jenkins – Empowers Developers to Spot Vulnerabilities Earlier in Development

SalesForceBen DevOps Predictions for 2021

Riding the Storm Out: Reducing Salesforce Development Delays

S4 Product Update (Winter 2021)

New features for S4 in 2021: Jira Connector, S4 Dashboard, and SCA 2.0 for Salesforce.

DigitSec for Good: Enabling Trust

5 things you should know about Digitsec

Salesforce Ben Article

Writing custom Apex code, adding integrations and changing configurations can make your Salesforce organizations vulnerable to attacks.

New Security Checks for Salesforce

DigitSec, Inc. is pleased to announce the following new features to S4 - SaaS Security Scanner for Salesforce: auto scan, oAuth support, and Lightning Web Components.

S4 New Features Announcement (2019)

DigitSec, Inc. is pleased to announce the following new features to S4 - SaaS Security Scanner for Salesforce: auto scan, oAuth support, and Lightning Web Components.

Exploitation and Security of SaaS Applications

At the June 2017 Open Web Application Security Project (OWASP) meetup in Seattle, WA., CEO of DigitSec, Waqas Nazir, spoke to attendees about the exploitation and security of SaaS applications.

DigitSec, Inc. is a Registered ISV Partner with Salesforce

SEATTLE, WA, October 5, 2017- DigitSec, Inc. has announced their official partnership with Salesforce as a registered ISV partner. This partnership with DigitSec, Inc., a leading provider of information security and compliance products for SaaS applications, and Salesforce, the world’s…

DigitSec CEO Speaks at 2018 LA Force Academy

DigitSec, Inc.'s CEO, Waqas Nazir, made a special appearance at this year's Force Academy convention in Los Angeles. Waqas' presentation was titled, '5 Tips for Secure Development on Force.com.’

DigitSec Featured on System Dot Debug

Waqas Nazir, CEO of DigitSec, and Ryan Headley from System dot Debug, discuss the SaaS Security Scanner for Salesforce (S4) and its ability to secure Salesforce orgs.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Blog

Sign up to get updates and security insights from DigitSec