Cloud Security - salesforce.com


@secureclouddev

Secure Development Sessions 2014

Secure Coding: Field-level Security, CRUD, and Sharing

Download Slides | Video
With sharing or without sharing... is that the question? Join us to better understand how to leverage the best Salesforce security features in code. Learn all the best practices for hardening your application and keeping your data secure. We'll cover sharing, FLS, CRUD, and all the most common mistakes and misconceptions about how these features work in Apex and Visualforce.

Secure Coding: Storing Secrets in Your Salesforce Instance

Download Slides | Video
Preparing to integrate? Join us to better understand how to store sensitive secrets on the Force.com platform. Learn all the best practices for keeping your passwords, keys, and tokens secure. We'll walk you through encrypted fields, protected custom settings, and Apex crypto methods that provide you with all the knowledge you need to store a secret.

Building Secure Mobile Apps

Download Slides | Video
Join us to learn how to design secure-by-default app features to fend off attacks on mobile hybrid apps.

Protect Your Data Against Malicious Scripts

Download Slides | Video
While OAuth provides a number of defenses against traditional security risks, there are still other attacks you should be aware of. Join us as we cover how you can use the Salesforce1 Platform to encode untrusted data securely. We'll dive deep into how the browser parses HTML, JavaScript, and URL. In addition, we'll also define and demonstrate parsing contexts, orders, and how that will affect encoding of Cross Site Scripting(XSS) payloads.

Secure Coding: External App Integration

Download Slides | Video
Join us to better understand various ways in which you can securely integrate your external application with Salesforce. We'll dive deeper into implicit security assumptions made versus actual security guarantees provided by these integration methods. We'll also talk about additional best practices for building secure integrations for your products with Salesforce from an authentication and authorization standpoint.

Secure Coding: SSL, SOAP, and REST

Download Slides | Video
As more and more applications are adopting the API-first approach, it's important to understand that building and using APIs comes with its own set of security concerns, even though it abstracts away the issues caused at the presentation layer. Join us as we dive deeper into best practices for building secure API endpoints. We'll also discuss the importance of transport security and common pitfalls in SSL configurations.





© Copyright 2017 Salesforce.com, inc. All rights reserved.