Scan Salesforce Guest User Logs  Learn More

Securing the Applications that Power the Enterprise

Get a free Risk Assessment

AppOmni Labs

Salesforce Guest User Log Analysis

Scan your Salesforce logs for Insecure Object Permissions for Guest Users

Salesforce Sites and Communities enable the rapid development and deployment of customer-facing portals and websites. They are some of the most powerful, and most popular, features used by mature Salesforce organizations. With that power, though, comes complexity and the possibility of misconfiguration. These security posture issues can inadvertantly create data exposures from Salesforce instances to external users or the public internet.

Recent research identified a specific misconfiguration pattern that may result in unintended access by external or low-privilege users to sensitive data in a Salesforce org. Given frequent questions about this topic from Salesforce customers, AppOmni Labs has developed a free scanner. This scanner will analyze the log entries and will alert you via email if there are any indicators of improper access due to exploitation of this specific misconfiguration.

As discussed in our Salesforce Guest User Log Analysis blog, you will need to request historical event logs related to Aura Controller access from Salesforce. Of note, these specific logs should contain ‘augen’ events in the output. 

Once you have received these logs from Salesforce (in CSV format), you can fill out your information below and upload your logs. Logs are scanned in real-time and no log data is stored by AppOmni. Once completed, you will receive an email with the scanner results. 






THIS TOOL IS PROVIDED AS A FREE SERVICE BY APPOMNI LABS

Our mission at AppOmni is Securing the Applications that Power the Enterprise. As part of that mission, AppOmni Labs is dedicated to continuous, vendor-agnostic research, testing, and education about novel and emerging security threats to enterprise SaaS applications. Frequently this involves understanding common SaaS user misconfigurations that result in inadvertant data exposures, privilege escalations, or other security posture issues.

Research and findings developed by AppOmni Labs are shared with SaaS vendors, the security community, and AppOmni customers. These findings influence the developemnt of proactive threat mitigation and detection features built into AppOmni’s industry-leading SaaS Security Posture Management platform.

Assess your Overall Salesforce Security Posture

Scanning Salesforce-provided logs to validate proper Guest User access after the fact is a great start, but is a reactionary measure and can only determine if an incident has already occurred.

Enable your Security, IT, and Compliance teams to get ahead of future concerns by using a platform that discovers, protects, and monitors security posture issues before they become a problem.

AppOmni provides fast, free Salesforce Security Posture Risk Assessments that can give your teams the guidance and tools they need to move quickly and securely.

Explore who has Access to What and Where
Learn About AppOmni for Salesforce
Get a Free Risk Assessment
Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from Youtube
Vimeo
Consent to display content from Vimeo
Google Maps
Consent to display content from Google
Spotify
Consent to display content from Spotify
Sound Cloud
Consent to display content from Sound