The DigitSec SaaS Security Scanner for Salesforce is the only continuous application security testing (CAST) platform purpose-built to enable DevSecOps in the CI/CD pipeline for Salesforce. DigitSec automates full spectrum CAST coverage, integrating static source code analysis (SAST), interactive runtime testing (IAST), software composition analysis (SCA), & cloud security configuration review.
Download Whitepaper
| Salesforce Security Issues |
 DigitSec |
Apex SAST tools | DAST/IAST tools |
|---|---|---|---|
|
CRUD/FLS Flaws (Authorization Bypass) |
|
|
|
|
Reflected Cross-site Scripting (XSS) |
|
|
|
|
Stored Cross-site Scripting (XSS) |
|
|
|
|
DOM Based Cross-site Scripting (XSS) |
|
|
|
|
Lightning Components (DOM & CRUD) |
|
|
|
|
Lightning Components (CSP & XSS) |
|
|
|
|
SOQL & SOSL Injection |
|
|
|
|
Cross-site Request Forgery (CSRF) |
|
|
|
|
Common Vulnerabilities & Exposures (CVE) |
|
|
|
|
Weak Session Management |
|
|
|
|
Weak Integration Endpoints |
|
|
|
|
Weak Password Controls |
|
|
|
|
Clickjacking Attacks |
|
|
|
|
Access Control (Excessive Permissions) |
|
|
|
|
Weak Cryptography |
|
|
|
Copyright © 2024 DigitSec, Inc. All rights reserved.
