“Going back to the challenges of misconfiguration in Salesforce—there’s so many different options in Salesforce, so many different things that you can choose. It’s hard to understand or know who or what is in an org.” – Matt Meyers, Salesforce Certified Technical Architect, CEO at Adaptus
Protecting Salesforce digital experiences is critical to delivering the seamless, secure services your customers expect.
The most recent episode of our podcast, From Code to the Cloud, featured Justin Hazard, Principal Security Architect at AutoRABIT, and Matt Meyers, Salesforce Certified Technical Architect and CEO of Adaptus. They discussed the challenges and strategies for safeguarding Salesforce digital experiences.
From security risks to proven defense tactics, this podcast delivers expert insights to help you stay ahead of evolving threats.
We’ll dig into four themes discussed in the podcast:
Permissioning in Salesforce Is Evolving—But Challenges Remain
Salesforce security controls have come a long way—from rigid profiles to more flexible and granular permission sets and permission set groups. These newer tools offer organizations greater control over access levels while keeping roles more manageable.
Still, challenges persist. Over-permissioning remains a risk, especially when roles intended for one function are repurposed across different apps or teams. This can unintentionally grant users more access than they should have. A key takeaway? Visibility is everything. Knowing exactly who has access to what is vital—but often difficult.
New Salesforce features now allow better reporting from the user record itself, helping admins understand object-level permissions like “Modify All” or “View All.” And with tools like AutoRABIT Guard, organizations will soon have better insight into where over-permissioning is happening—before it leads to a breach.
Misconfigurations: The Silent Threat in Salesforce Digital Experiences
The most common Salesforce security flaws don’t always come from hackers; they come from misconfigurations. A striking example involved a real-world case where thousands of sensitive records were exposed via a guest user, all due to incorrect assumptions about what data was truly locked down.
The root of the issue? Many admins assume that if data isn’t visible in the UI, it’s safe. But in the modern, API-powered Salesforce Lightning environment, that’s simply not true. APIs can expose data—even if it’s not on a user’s screen—unless the underlying permissions are properly configured.
The advice is clear: Lock down your data at the source. Don’t grant access unless it’s absolutely necessary. Always assume users (or malicious actors) can access more than you think. Penetration testing customizations—not just the platform itself—can reveal these weak points before attackers do.
The Layers of Salesforce Security
“Just because you lock the door doesn’t mean they won’t find another way in.” – Justin Hazard
Securing a Salesforce environment goes far beyond simply locking the front door. It’s about walking through the entire house—checking windows, turning on lights, and making sure no one’s already inside. In other words, access restrictions are just the starting point.
True security requires continuous monitoring and a layered defense strategy. Just because permissions are configured today doesn’t mean they’ll hold tomorrow. Misconfigured settings can act like open doors, and newly discovered exploits or API vulnerabilities can be like broken windows—silent and often unnoticed unless actively checked.
That’s why ongoing visibility is essential. Scanning tools like AutoRABIT Guard are crucial in building a proactive security posture. Event monitoring, permission audits, and real-time alerts should be standard operating procedures, not afterthoughts triggered by an incident.
The strongest security isn’t static—it’s constantly watching, adapting, and evolving.
Applying the P.I.C.E.R.L. Framework to Salesforce Security
Security isn’t a one-time goal—it’s an ongoing discipline. A mature security posture relies on a structured incident response (IR) process, often framed as P.I.C.E.R.L.: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned. Even if a suspected incident proves harmless, working through the full lifecycle is an opportunity to strengthen systems and sharpen skills.
Going through this process builds muscle memory. It helps uncover misconfigurations, hidden vulnerabilities, and overlooked permissions—before they become real threats. Practicing regularly creates confidence, ensuring that when a true incident occurs, teams can respond with precision rather than panic.
This proactive mindset extends beyond IR to product development and threat detection. The most resilient organizations treat every alert—real or false—as a learning opportunity. By turning every potential threat into an actionable ticket, they ensure nothing slips through the cracks and every signal contributes to continuous improvement.
The key takeaway: Don’t wait for a real crisis to test your readiness. Use every simulation, every alert, and even every false positive as a chance to refine your defenses and build long-term resilience.
Next Step…
From Code to the Cloud offers critical DevSecOps insights from industry leaders every month. Subscribe to the podcast to ensure you don’t miss a thing.
And if you haven’t heard this month’s episode, either find the podcast on your favorite podcast streaming platform or click here to listen today!