Salesforce industry clouds low-code OmniStudio components introduce unique architectural complexities and a nuanced attack surface that demands rigorous security scrutiny. This technical deep-dive will explore original research by Aaron Costello, including recently disclosed 0-days and misconfigurations within Data Mappers, FlexCards, Integration Procedures, and other components.

In this webinar, Aaron will discuss his new findings to include:

• CVE breakdown: Delve into the root causes and exploit mechanics of five new CVEs (CVE-2025-43697, CVE-2025-43698, CVE-2025-43699, CVE-2025-43700, CVE-2025-43701) impacting Data Mappers and FlexCards.
• Identifying misconfigurations: A walkthrough of critical risks rooted in OmniStudio’s default behaviors and settings.
• Defensive strategies: Discussion of identifying, monitoring, and mitigating SaaS risks like data exposures and over permissions.

Can’t attend live? Register anyway, and we will send you the recording.