Salesforce Community Cloud Scanner

The AO Labs team is committed to discovering and mitigating threat vectors in the most business-critical SaaS platforms before threat actors strike. See how we can help secure your Salesforce Community websites from data exposure risks.

As part of our regular, proactive security reviews of the SaaS applications we support, AppOmni Offensive Security Researcher Aaron Costello discovered significant data exposure risks with Salesforce Community Cloud websites.

These misconfigurations have resulted in numerous Salesforce customers’ sensitive data being exposed. Organizations affected include the State of Vermont and TCF Bank, among others.

Check Your Salesforce Community Configurations

AppOmni is here to evaluate Salesforce Community instances for misconfigurations. To take advantage of this offering, simply fill out the form and our team will begin the request approval process. This process includes confirming that you are associated with the Salesforce Community instance in your request. Once approved, we will evaluate your Salesforce Community site and notify you promptly of the results. No data is exposed in this evaluation.

Results will be disclosed only to the individual requestor through secure channels.

Disclaimer: For a more detailed evaluation of your Salesforce posture and potential risk, please request an AppOmni Risk Assessment.

A free, comprehensive AppOmni Risk Assessment analyzes your entire Salesforce instance. After the Risk Assessment, you’ll receive an AppOmni findings report with information on:

  • Publicly-exposed data
  • Data with limited or no restrictions
  • External users with over-privileged access to data
  • Over-provisioned admin users/roles
  • SaaS-to-SaaS apps connected to your Salesforce instance
  • Security configurations that don’t adhere to best practices

If you’re interested in learning more or have questions, please email and we’ll get in touch with you.