Home SecurityApplication Security AutoRabit launches devsecops tool for Salesforce environments

AutoRabit launches devsecops tool for Salesforce environments

Source Link

Devsecops firm AutoRabit is trying to address security issues arising from policy changes and misconfigurations in Salesforce environments with a new offering, CodeScan Shield.

CodeScan Shield is the next iteration of AutoRabit’s static code analysis tool, CodeScan, and elevates the capabilities of CodeScan with the help of a new module called OrgScan.  The new module governs organizational policies by enforcing the security and compliance rules mandated for Salesforce environments.

With OrgScan, a dashboard is created at the end of each scan and identifies any areas of concern. This puts the control back in an organization’s hands, saving time and money, the company said.

“It is important to recognize that usually there are at least three groups involved in maintaining security across organizations,” said Eric Pearson, regional vice president for North and South America enterprise accounts at AutoRabit. “There’s the development organization, the release management organization to build and release the applications that they build. But you also have Salesforce sysadmins, who are responsible for everything from user access, session management, and other aspects of Salesforce security. And you have InfoSec, which is very concerned around data, privacy, etc.”

Pearson pointed out that oftentimes these different security groups stay in silos. “What we’ve looked to do with CodeScan Shield is really start to bring these different groups together, and help automate them in a policy management system—everything from admin privileges, session management, user access, etc. And ensure that those types of rules are incorporated in the development and release management cycles sooner so that we help customers not just shift left but really shift in and make security the focal point of any devsecops solution,” he said.

CodeScan Shield enables admins and developers to scan Salesforce profiles, permission sets, user settings, session settings, and more. Users can check for 100% adherence to native and custom Salesforce policies, supporting regulatory compliance standards. The no-code interface of OrgScan can be used without needing extensive coding knowledge, the company said.

Copyright © 2022 IDG Communications, Inc.

Related Articles

Leave a Comment