Inside Out Security Blog

Threat Update 60 - Abusing Public Salesforce APIs for Fun & Profit

Threat Update 60 - Abusing Public Salesforce APIs for Fun & Profit

Contents

    APIs are designed to facilitate programmatic access for application integrations and data sharing, but simple access misconfigurations in critical solutions like Salesforce can allow attackers to inappropriately access sensitive contacts, records, and more.

    Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team discuss how these API misconfigurations occur, and some tools attackers use to exploit them.

    __Please visit https://www.varonis.com/blog/abusing-salesforce-communities/ to learn more about this topic.

    What you should do now

    Below are three ways we can help you begin your journey to reducing data risk at your company:

    1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
    2. Download our free report and learn the risks associated with SaaS data exposure.
    3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Twitter, Reddit, or Facebook.

    Get a free Risk Assessment

    You can't protect what you don't know is vulnerable.

    Give us 90-minutes of your time, and we'll create a Free Risk Assessment that will open your eyes to your unknown weak spots—fast, and without adding work to your plate.

    Start Your Risk Assessment