You may already know that Tripwire Configuration Manager can audit your cloud service provider accounts like AWS, Azure, and Google Cloud Platform, but did you know it also has capabilities to monitor other cloud based software services such as Salesforce?
Salesforce is a popular customer relationship management (CRM) service with rich configuration options that could lead to unintended risks if it is improperly configured. Tripwire has created a security policy within Configuration Manager which can check settings in your Salesforce account for potential risks or exposures and even auto-remediate many common misconfigurations.
To see how easy it is to configure, let’s review the basics of scanning a Salesforce account with Tripwire Configuration Manager. If you aren’t already familiar with the Configuration Manager, now is the perfect time to set up a Configuration Manager free trial to follow along.
Most of the steps shown will be similar across the different supported cloud account types. While the specific configuration details may vary, the general workflow will be the same whether you are scanning AWS, Salesforce, or any other supported cloud service.
Begin by creating a new cloud account entry within Configuration Manager. On the left side of the Manager window, look for the Environment heading. Below that is the Cloud Accounts section where you can select the New button.
Select Salesforce in the Choose a Cloud Provider input field to expand the configuration options available for the Salesforce account type.
In order for Configuration Manager to evaluate the security-related settings in your Salesforce account, you will need to provide details of the account to use for scanning. You will need to provide a Salesforce connected app consumer key, a user ID, and the key used for the connected app. Configuration Manager can generate a key pair to (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Ben Layer. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/cloud/salesforce-monitoring-tripwire-configuration-manager/
PHP Extended Lifecycle Support (ELS) allows you to continue using older versions of PHP while still receiving security updates for…
In light of cookie stealing attacks and to ensure Chrome browser protection, Google has recently piloted its new Chrome DBSC.…
See how a SafeBreach Labs researcher bypassed the anti-tampering mechanism of a leading EDR to execute malicious code within one…
The world advances based on innovation, and innovation can come from anywhere. The trouble is that the current capitalist economic…
In their haste to deploy LLM tools, organizations may overlook crucial security practices. The rise in threats like Remote Code…
While inexpensive and crudely built, the ransomware variants still post a threat to smaller companies and individuals, Sophos says.