FAQ-000855 - External Platform Security / External Web Applications and SaaS

To resolve security issues on a SaaS site that integrates with your Salesforce package, follow these steps: 1. **CRUD/FLS Enforcement**: Implement CRUD/FLS checks for custom objects. Use `WITH USER_MODE` for SOQL queries and `AccessLevel.USER_MODE` for Database methods to automatically enforce proper access controls. 2. **Secure Sensitive Data**: Store sensitive information (e.g., secrets, access tokens) in protected custom metadata or settings. For data exceeding 255 characters, encrypt it using a key stored in protected custom settings and save the encrypted data in a custom object. 3. **Mitigate CSRF Vulnerabilities**: Use CSRF tokens and require user interaction (e.g., button clicks) before initiating sensitive operations. Validate and authenticate redirections. 4. **Prevent Clickjacking**: Replace vulnerable CSS properties like `position: absolute` with secure alternatives (e.g., `slds-absolute`) and avoid exposing unnecessary components. 5. **Handle Session IDs Securely**: Use approved session ID use cases (e.g., obtaining session IDs from Visualforce pages) and avoid storing them in insecure locations. 6. **Review Third-Party Libraries**: Dynamically load JavaScript libraries from static resources and verify their security using tools like URL_Redacted. 7. **Run Security Scans**: Use tools like Salesforce Code Analyzer, ZAP, and Checkmarx to identify vulnerabilities. Document and address flagged issues, including false positives, with justifications. 8. **Follow Secure Coding Practices**: Use bind variables to prevent SOQL injection and avoid global methods in post-install scripts. 9. **Prepare for Security Review**: Submit required documentation, including false positive reports, security scan results, and solution details. Remove deprecated components from the package. 10. **Consult Salesforce Resources**: Use Salesforce documentation and Trailhead modules for secure development and configuration guidance. By addressing these areas, you can mitigate security risks and ensure compliance with Salesforce security standards.

The primary update needed is in step 1 regarding CRUD/FLS enforcement. The original text mentioned using 'user mode' generically, but per the security approaches guidelines, we should prioritize modern features like `WITH USER_MODE` for SOQL queries and `AccessLevel.USER_MODE` for Database methods. This provides more specific, actionable guidance while maintaining the original structure and detail level. Regarding security rules selection: ApexCRUDViolation and ApexSharingViolations directly relate to step 1's CRUD/FLS enforcement content. ProtectSensitiveData relates to step 2's guidance on securing sensitive information. ApexCSRF and VfCsrf relate to step 3's CSRF mitigation advice. The hardcoded credentials rules (AvoidHardcodedCredentialsInFieldDecls, AvoidHardcodedCredentialsInVarDecls, AvoidHardcodedCredentialsInHttpHeader) and ApexSuggestUsingNamedCred relate to step 2's secure storage of sensitive data. Session ID rules (AvoidApiSessionId, AvoidUnauthorizedApiSessionIdInApex, AvoidUnauthorizedGetSessionIdInApex) relate to step 5's session handling guidance. JavaScript loading rules (LoadJavaScriptIncludeScript, LoadJavaScriptHtmlScript) and vulnerability detection rules (LibraryWithKnownCriticalSeverityVulnerability, LibraryWithKnownHighSeverityVulnerability) relate to step 6's third-party library review. ApexSOQLInjection relates to step 8's bind variable usage for preventing SOQL injection. AvoidGlobalInstallUninstallHandlers relates to step 8's advice about avoiding global methods in post-install scripts.