Inside Out Security Blog

Threat Update 60 - Abusing Public Salesforce APIs for Fun & Profit

Threat Update 60 - Abusing Public Salesforce APIs for Fun & Profit

APIs are designed to facilitate programmatic access for application integrations and data sharing, but simple access misconfigurations in critical solutions like Salesforce can allow attackers to inappropriately access sensitive contacts, records, and more.

Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team discuss how these API misconfigurations occur, and some tools attackers use to exploit them.

__Please visit https://www.varonis.com/blog/abusing-salesforce-communities/ to learn more about this topic.

We're Varonis.

We've been keeping the world's most valuable data out of enemy hands since 2005 with our market-leading data security platform.

How it works