Varonis debuts trailblazing features for securing Salesforce. Learn More

Varonis named a Leader in The Forrester Wave™: Data Security Platforms, Q1 2023

Read the report

Varonis Announces Salesforce Shield Integration

Together, Varonis and Salesforce Shield offer the most comprehensive Salesforce security on the market today.
3 min read
Published September 13, 2023

Our new Salesforce Shield integration takes Varonis’ best-in-class Salesforce solution to a whole new level. Customers can maximize their Shield investment with simple and powerful threat detection and event analysis. 

Varonis pulls in Shield’s activity, generates a human-readable audit trail, and enriches events with important context, such as data sensitivity, user details, and related events.  

Our ready-made alerts ensure that even a junior security analyst who has never used Salesforce can investigate threats and resolve incidents with ease. 

In this blog, we’ll cover how combining the powers of Varonis and Salesforce Shield together provides unmatched visibility and protection for Salesforce through:

  • Enriched Salesforce Shield events with additional details and context
  • Out-of-the-box and no-code custom threat models
  • The Varonis Proactive Incident Response to help triage and investigate alerts 
  • A centralized view of your Salesforce security posture

Make Salesforce Shield events more actionable.

Salesforce Shield provides over 40 different event types. The catch, however, is that each event is presented in raw log form and is siloed from other related events. To gain any actionable insights into where sensitive data is at risk, you need to do a lot of manual parsing, analysis, and correlation to know if your sensitive data is being misused or is under attack. 

Salesforce Shield event querySalesforce's native event monitoring query interface

Varonis ingests events that can only be captured by Shield, including REST API activity, Aura requests, Lightning interactions, and more. We then enrich each event and present them all in a unified and searchable audit trail of events.

Varonis takes raw activity logs provided by Shield and shows you exactly who performed the action, what they did, and whether the target object was sensitive, so you can conduct investigations quickly, even without knowing Salesforce’s log format.  

Audit trailInvestigate Salesforce events using Varonis’ human-readable audit trail.

Analysts and admins can drill down from each event to see all the activity performed by that user during their sessions. They can also filter activity across multiple dimensions —by user, guest accounts, a specific resource, event type, data sensitivity, privileged activity, and more.

You can easily correlate Salesforce activity with activity performed across other cloud apps, making it easy to trace a compromised user or malicious insider’s activity across your entire cloud. 

Cross-cloud audit trailPerform cross-cloud investigations with Varonis.

When you integrate Varonis with Salesforce Shield, Varonis event monitoring will not consume any additional Salesforce API calls, reducing your risk of hitting your daily limit and thereby losing visibility into your Salesforce environment.  

Alerts without Apex code

With Varonis, security teams can quickly catch, investigate, and stop threats before they can do damage.

Although Salesforce Shield is collecting logs, it does not come with out-of-the-box alerts. To create alerts, users need to produce them manually using Apex code. This will require security teams and Salesforce architects to work closely together to identify the activities, logic, and thresholds that should trigger alerts. 

Varonis comes with ready-made alerts created by our Threat Labs team and Salesforce experts. Some of the suspicious activity we can detect includes Apex classes enabled for guest profiles, when new sites with guest users are created, and other activities that can open you up to risk. 

Salesforce AlertDetect and investigate threats with Varonis’ ready-made alerts.

Varonis alerts include user information, data sensitivity, and related events so you can quickly understand the impact of each alert and what other resources a compromised user can continue to access.  

You can easily create and customize alerts to fit your Salesforce Org’s specific needs — all without having to use Apex code. 

Incident response coverage when you need it the most

Our Proactive Incident Response team watches your Salesforce alerts in Varonis for you and notifies you of true incidents. We investigate suspicious activity and call you if we see a problem. This means that instead of more alerts, you get outcomes — without even needing to log in.  

The best part is that incident response help comes included in every Varonis subscription at no extra cost. 

A complete picture of your Salesforce security posture 

Varonis provides a centralized view of your Salesforce security posture, enabling you to visualize where your environment is exposed to risk and where technical debt is building up — all from a single, unified interface. 

Salesforce DashboardManage your Salesforce security posture from a single pane of glass.

Spending hours poring over spreadsheets to understand where your Salesforce Orgs are at risk is a thing of the past. With Varonis, you’ll be able to ensure your most valuable Salesforce data is locked down and secure by enabling you to:    

  • Visualize your sensitive data exposure and compliance risk.
  • Radically simplify permissions and user management.
  • Automatically surface and fix critical misconfiguration.
  • Analyze and reduce third-party app risk.
  • Quickly catch and investigate threats.

Try Varonis for Salesforce

Ready to gain deep visibility into your Salesforce activity and improve your security posture with Varonis and Salesforce Shield?

Contact us to get started today with a free Salesforce data risk assessment.

What you should do now

Below are three ways we can help you begin your journey to reducing data risk at your company:

  1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
  2. Download our free report and learn the risks associated with SaaS data exposure.
  3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.
Try Varonis free.
Get a detailed data risk report based on your company’s data.
Deploys in minutes.
Keep reading
Varonis Announces Salesforce Shield Integration
Varonis now integrates with Salesforce Shield to provide deep visibility into Salesforce and help organizations secure their mission-critical data.
Varonis Opens UK Data Centre to Support SaaS Customers
UK expansion will help Varonis customers demonstrate compliance with the U.K.’s Data Protection Act.
Varonis Delivers Market-leading Salesforce Security
Varonis delivers market-leading Salesforce security
What’s new in Varonis: August 2023
This month brings you several new features to help security teams enforce Zero Trust across their cloud and on-prem environments.