FAQ-001055 - Hybrid Application Security / Salesforce-Heroku Integration Security

For hybrid Salesforce-Heroku applications, here are the key security considerations: 1. **Sensitive Data Storage**: - In Salesforce, store sensitive data (e.g., secrets or credentials) in protected custom settings, protected custom metadata, or Named Credentials to ensure secure storage and restricted access to authorized users, such as administrators. - In Heroku, store secrets securely in environment variables or encrypted database tables with strong encryption (e.g., AES-256 or higher). Ensure the application layer has access to the encryption key, while the database layer does not, to mitigate risks like SQL injection. Avoid exposing secrets in logs or code. 2. **Access Control**: - Restrict access to classes or components handling sensitive data to privileged users only. 3. **Secure Communication**: - Use secure communication protocols like HTTPS for data transmission between Salesforce and Heroku. 4. **Data Validation and Sanitization**: - Implement proper validation and sanitization of data to prevent vulnerabilities such as SOQL injection or insecure session handling. - Validate and sanitize dynamically loaded content (e.g., HTML or JavaScript) to prevent vulnerabilities like cross-site scripting (XSS). If dynamic content is necessary, consider isolating it using an iframe. 5. **Avoid Logging Sensitive Data**: - Don't write sensitive data, such as API tokens or credentials, to debug logs. 6. **Client-Side Security**: - Avoid storing credentials in the browser. Instead, rely on secure mechanisms like password managers. 7. **Server-Side Security**: - Use vendor-provided libraries for encryption and avoid custom implementations. 8. **Regular Security Reviews**: - Perform regular security reviews and document false positives for any flagged vulnerabilities that are not valid. These practices will help secure your hybrid application during both development and distribution, protecting sensitive data across both platforms. Let me know if you need more details!

The FAQ content is generally solid but needed several refinements for clarity and security best practices. Key changes made: (1) Added 'Named Credentials' to Salesforce sensitive data storage options since this is a primary secure credential storage mechanism; (2) Updated encryption recommendation from 'AES-128 or higher' to 'AES-256 or higher' to reflect current security standards; (3) Simplified 'Do not write' to 'Don't write' for better conversational tone per guidelines. Selected security rules relate directly to the FAQ's content: ProtectSensitiveData addresses the core theme of securing sensitive data across platforms; ApexSuggestUsingNamedCred relates to the recommendation about using Named Credentials for storing secrets in Salesforce; AvoidHardcodedCredentials rules (FieldDecls, VarDecls, VarAssign, HttpHeader) all relate to the FAQ's emphasis on not exposing secrets in code; ApexBadCrypto relates to the server-side security recommendation about using proper encryption libraries; ApexInsecureEndpoint relates to the secure communication section about using HTTPS; ApexSOQLInjection and XSS rules (ApexXSSFromEscapeFalse, ApexXSSFromURLParam) relate to the data validation and sanitization section; ApexSharingViolations and ApexCRUDViolation relate to the access control recommendations for restricting access to sensitive data handlers.