After its full-spectrum analysis, S4 generates a comprehensive security assessment report
with all the detailed vulnerability ﬁndings including clear remediation recommendations to
help you resolve the issues and strengthen your Salesforce security posture.
Salesforce.com contains an enterprise’s most critical data,
from customer PII to key opportunity deal ﬂow, as well as
possible API connections into core backend systems. While
annual assessments & penetration tests are a good baseline,
new vulnerabilities surface daily. Only continuous and
automated coverage can keep you fully aware of your
Salesforce security posture.
Source code review is important, but what about outdated
libraries, runtime bugs, or bad conﬁguration settings in your org?
You can’t just lock the doors while leaving the windows open and
expect to keep your data secure. The Cloud is not a security
utopia, but rather a cornucopia of low-hanging fruit for attackers.
S4 helps push Salesforce out of the easy reach of bad actors.
S4 for Salesforce™ - our patented SaaS Security Scanner™ platform - automatically assesses Salesforce
security posture with its continuous full-spectrum coverage of source code analysis (SAST), software
composition analysis (SCA), custom runtime testing (IAST), and cloud security conﬁguration review.
Our static application security testing
(SAST) engine is a core feature of S4,
providing automated scanning of all
source code in your Salesforce org,
identifying any security vulnerabilities
which could be exploited.
Source Code Analysis (SAST)
Third party software libraries are
integral components of most Salesforce
apps. These referenced libraries must be
updated when security vulnerabilities are
discovered. Our software composition
analysis scanner reports all Common
Vulnerabilities and Exposures (CVE).
Based on its SAST results, S4 generates
a custom runtime testing engine speciﬁc
to your Salesforce org which rapidly
identiﬁes injection ﬂaws and hidden
vulnerabilities during its interactive
application security testing (IAST).
All runtime vulnerabilities contain
proof-of-concept (PoC) exploits,
eliminating any false positives.
Custom Runtime Testing (IAST)
S4 thoroughly reviews your Salesforce
conﬁguration settings against a known list
of Salesforce misconﬁgurations (e.g.
content security policy, password
settings, access controls) to support
security compliance in many global
standard frameworks including GDPR,
CCPA, ISO, SOC, PCI, GLBA, and HIPAA.
Cloud Configuration Review
SaaS Security Scanner
S4 for Salesforce
When was the last time you assessed the full security posture of your Salesforce?
S4 is a cloud native solution designed to scale out and test all
your Salesforce organizations, with no limit on lines of code
or number of scans.
Unlimited Scale Out Testing
Adding DevSecOps to your CI/CD pipeline is as easy as
pointing S4 at a Salesforce sandbox org. When S4 senses a
change, it automatically schedules a new scan to run and
assess the updated state in the Salesforce org.
CRUD/FLS Flaws (Authorization Bypass)
Reﬂected Cross-site Scripting (XSS)
Stored Cross-site Scripting (XSS)
DOM based Cross-site Scripting (XSS)
Lightning Components Security (DOM, XSS, CRUD)
SOQL & SOSL Injection
Cross-site Request Forgery (CSRF)
Common Vulnerabilities and Exposures (CVE)
Weak Session Management
Weak Integration Endpoints (Remote sites, CSP, CORS)
Weak Password Controls
Audit Access Control (Excessive Permissions)
Static Code Analysis
Software Composition Analysis
Custom Runtime Testing
Cloud Conﬁguration Review
No False Positives
Unlimited Scale Out
No Code Limits
Vulnerability Tracking API
DevSecOps for Salesforce
As security is a never-ending process and new vulnerabilities are
a daily occurrence, S4 stands ready to protect your Salesforce
whether on-demand or automatically after an org is updated.
Always-on, Continuous Security
S4 supports GDPR, CCPA, ISO, SOC, PCI, GLBA, and HIPAA
Security Compliance Standards
st Avenue South, Suite B
Seattle, WA, 8, USA
DigitSec is a cybersecurity software company providing a SaaS Security Posture
Management (SSPM) solution focused on application security vulnerability discovery,
monitoring, and remediation. DigitSec’s ﬂagship oﬀering is S4 for Salesforce™, a
patented SaaS Security Scanner™ platform that automatically performs static source
code analysis (SAST), software composition analysis (SCA), custom runtime testing
(IAST), and cloud security conﬁguration review. S4 continuously monitors Salesforce
orgs for any updates, making it a Salesforce DevSecOps solution by simply pointing it at
a sandbox org for easy integration into a CI/CD pipeline.
www.digitsec.com Assess your Salesforce security posture for free today. Try it now.