Learn how to add a Salesforce app so that SaaS Security
API can protect your assets against data exfiltration and malware
To begin scanning a Salesforce app:
Ensure that the Salesforce administrator account
you plan to connect to SaaS Security API has sufficient administrator
To configure the required permissions within Salesforce:
Select the administrative user account and then click
, enable the following
Manage Chatter Messages
only if you use Chatter)
Modify All Data
View All Data
, enable the following
View All Users
(required only if you
have not enabled User Sharing)
Add the Salesforce app to SaaS Security API.
Add a Cloud App
, and select
Choose the type of Salesforce application:
Connect to Salesforce Account
your Salesforce production account to SaaS Security API.
Connect to Salesforce Sandbox
your Salesforce Sandbox account to SaaS Security API. Sandboxes are
special Salesforce accounts that are maintained separately from
your product account and are useful for development, testing, and
Log in to Salesforce.
After authentication, the new Salesforce app is added to
the list of Cloud Apps as Salesforce n, where n represents
the number of Salesforce app instances you have connected to SaaS
) Give a descriptive name to the Salesforce
When you add a cloud app, SaaS Security API automatically
scans the app against the default data patterns and displays any
match occurrences. As a best practice, consider the business use
of your app to determine whether you want to Add a New Asset Rule to
look for incidents unique to Salesforce.
Configure or edit a data pattern.
You can Data Patterns to
identify specific strings of text, characters, words, or patterns
to make it possible to find all instances of text that match a data
pattern you specify.
Start scanning Salesforce for any possible policy violations
or data exposure.
Cloud Apps & Scan Settings
In the Cloud Apps row that corresponds to the Salesforce
app you just added, select
SaaS Security API scans all assets in the associated Salesforce
app and identifies incidents. Depending on the number of Salesforce
users and assets, it may take some time for SaaS Security API to
complete the process. However, you can Monitor
Scan Results on the Dashboard and begin to Assess
Incidents. Monitoring the progress of the scan during the
discovery phase allows you to Fine-Tune
Policy to modify the match criteria and ensure better results.