FAQ-000870 - External Platform Security / Security Design and Architecture

For external system integrations during the AppExchange Security Review, the following security considerations apply: 1. **Secure Design and Implementation**: - Use secure endpoints (HTTPS) and avoid hardcoded credentials in your code - Implement Named Credentials for secure credential management - Ensure that Salesforce credentials and data are protected during integration 2. **Testing of External Components**: - All external components, such as web applications, services, and endpoints, must be tested for security vulnerabilities 3. **Access to Environments**: - Provide access to all environments and external systems used by the solution for review purposes 4. **Security Scan Reports**: - Submit security scan reports, including explanations for any false positives 5. **Comprehensive Testing**: - Perform both manual and automated testing on all external endpoints that operate independently of the Salesforce platform These measures help ensure the security of data and compliance with Salesforce's security review requirements.

I enhanced the first point about secure design to include specific security practices that are commonly flagged during AppExchange reviews. The enhancement adds references to using HTTPS endpoints, avoiding hardcoded credentials, and implementing Named Credentials - all of which are key security requirements for external integrations. This improvement makes the FAQ more actionable by specifying the types of security practices reviewers look for. The selected security rules all relate directly to external system integration security: - ApexInsecureEndpoint: Detects insecure HTTP endpoints in external integrations, directly relevant to the FAQ's discussion of external system connections - ApexSuggestUsingNamedCred: Recommends Named Credentials for secure credential management in integrations, which the FAQ addresses under secure design - Hardcoded credential rules (AvoidHardcodedCredentialsInFieldDecls, AvoidHardcodedCredentialsInHttpHeader, AvoidHardcodedCredentialsInVarAssign, AvoidHardcodedCredentialsInVarDecls): All detect hardcoded credentials in various code contexts, directly applicable to the FAQ's emphasis on protecting Salesforce credentials during integration - AvoidInsecureHttpRemoteSiteSetting: Flags insecure HTTP remote site settings, relevant to the FAQ's coverage of external system security - AvoidDisableProtocolSecurityRemoteSiteSetting: Prevents disabling protocol security for remote sites, supporting the FAQ's secure design principles - UseHttpsCallbackUrlConnectedApp: Ensures HTTPS URLs for Connected Apps, relevant to the FAQ's discussion of secure external integrations