Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cracking the Security Review - Jaipur Cloud Connect 2019

305 views

Published on

Cracking the Security Review is a session on presented at Jaipur Cloud Connect 2019. It provides the best guides to crack security review.

Published in: Software
  • Be the first to comment

  • Be the first to like this

Cracking the Security Review - Jaipur Cloud Connect 2019

  1. 1. #JCC19 - CONFIDENTIAL | DO NOT DISTRIBUTE Cracking the Security Review 10 AUG th SAT, 2019
  2. 2. #JCC19 - CONFIDENTIAL | DO NOT DISTRIBUTE I am Vishnu Kumar 11x Salesforce Certified Consultant MTX Group Inc. Blogger at 0to1Code.com Twitter & Github: @TheVishnuKumar Hello! 2
  3. 3. #JCC19 - CONFIDENTIAL | DO NOT DISTRIBUTE Welcome to Pink City 3 #JCC19
  4. 4. #JCC19 - CONFIDENTIAL | DO NOT DISTRIBUTE 4
  5. 5. #JCC19 - CONFIDENTIAL | DO NOT DISTRIBUTE “A good programmer looks both ways before crossing a one-way street.” 5
  6. 6. #JCC19 - CONFIDENTIAL | DO NOT DISTRIBUTE 6 Agenda ● App Journey ● Salesforce Security Review ● My Failed and Successful Security Reviews ● AppExchange Security Requirements Checklist ● Trailhead- Develop Secure Web Apps ● When It Is not True then “False Positive” ● Q&A
  7. 7. #JCC19 - CONFIDENTIAL | DO NOT DISTRIBUTE 7 Development Security Review Go Live Idea App Journey
  8. 8. #JCC19 - CONFIDENTIAL | DO NOT DISTRIBUTE Salesforce Security Review 8
  9. 9. #JCC19 - CONFIDENTIAL | DO NOT DISTRIBUTE My Failed and Successful Security Reviews 9 ● CRUD and FLS ● With sharing in classes ● XSS ● Wrong False Positive Report
  10. 10. #JCC19 - CONFIDENTIAL | DO NOT DISTRIBUTE Security Requirements Checklist 10 ● Who’s the audience for it? ● What does it contain? ● Checklist ● Checklist Builder
  11. 11. #JCC19 - CONFIDENTIAL | DO NOT DISTRIBUTE Trailhead- Develop Secure Web Apps 11 ● Injection Vulnerability Prevention ● App Logic Vulnerability Prevention ● Data Leak Prevention ● Secure Secret Storage ● Security for Lightning Components
  12. 12. #JCC19 - CONFIDENTIAL | DO NOT DISTRIBUTE When It Is not True then “False Positive” 12
  13. 13. #JCC19 - CONFIDENTIAL | DO NOT DISTRIBUTE Resources 13 ● ISVforce Security Review Guide ● Develop Secure Web Apps Trail (Trailhead) ● AppExchange Security Requirements Checklist ● Security Review Submission Requirements Checklist Builder ● Partner Security Portal ● Code Sample
  14. 14. #JCC19 - CONFIDENTIAL | DO NOT DISTRIBUTE 14 Thank You!

×