Thursday May 21, 2026
10:00AM PT | 1:00PM ET
60 minutes – Interactive Office Hours
Most security teams do not have a complete inventory of SaaS applications, integrations, and AI agents operating within Salesforce. In our 2024 State of SaaS Security research, nearly half of respondents estimated fewer than 10 connected apps. The reality is very different. Most Salesforce environments support dozens, even hundreds, of connections. Each one introduces permissions, data exposure, and risk that often go unmonitored.
This session breaks down the fundamentals of securing Salesforce in a modern SaaS environment. We will cover real SaaS attack patterns targeting CRM platforms and show how attackers exploit integrations, APIs, and AI agents like Agentforce to access sensitive data and take action inside the platform.
You will learn a practical approach to monitoring connected apps, governing AI agent access, identifying excessive permissions, and improving visibility across your Salesforce environment.
This is an interactive, discussion-driven session. Bring real questions. Leave with a clear understanding of where your Salesforce risk actually lives and what to fix first.
Learning Objectives
1. Understand the Real Salesforce Attack Surface
Identify how connected apps, integrations, and AI agents expand your risk footprint beyond core Salesforce configurations.
2. Recognize Modern SaaS Attack Patterns
Learn how attackers target CRM platforms by exploiting OAuth apps, APIs, misconfigurations, and AI-driven automation.
3. Monitor What Matters
Build a practical approach to continuous monitoring of connected apps, permission changes, and risky activity across your Salesforce environment.
4. Reduce Risk from Permissions and Configurations
Identify and remediate excessive access, misconfigurations, and data exposure risks tied to users, integrations, and AI agents.