Detections
Analytics

TNS Salesforce Best Practices Audit v1.2.0

Audit Details

Name: TNS Salesforce Best Practices Audit v1.2.0

Updated: 12/22/2023

Authority: TNS

Plugin: Salesforce.com

Revision: 1.3

Estimated Item Count: 119

File Details

Filename: TNS_Salesforce_Best_Practices_v1.2.0.audit

Size: 225 kB

MD5: c09272d29f836d44a2d122d8c61a69a6
SHA256: 1634c11a7454078638686ad447e90d0aa45c7b3c04f9e87201483c423dcffe54

Audit Items

DescriptionCategories
Salesforce.com : Administrator Access - 'No System Administrator accounts have been created since the last scan'

ACCESS CONTROL

Salesforce.com : Administrator Access - 'No System Administrator accounts have been modified since the last scan'

ACCESS CONTROL

Salesforce.com : AuthConfig - 'Auth Providers = Facebook Consumer Key'
Salesforce.com : AuthConfig - 'Auth Providers = Facebook Consumer Secret'
Salesforce.com : AuthConfig - 'Auth Providers = Facebook Default Scope'
Salesforce.com : AuthConfig - 'Auth Providers = Facebook Error URL'
Salesforce.com : AuthConfig - 'Auth Providers = Facebook Execution User ID'
Salesforce.com : AuthConfig - 'Auth Providers = Facebook is not configured'

CONFIGURATION MANAGEMENT

Salesforce.com : AuthConfig - 'Auth Providers = Facebook'
Salesforce.com : AuthConfig - 'Auth Providers = Janrain Consumer Secret'
Salesforce.com : AuthConfig - 'Auth Providers = Janrain Error URL'
Salesforce.com : AuthConfig - 'Auth Providers = Janrain Execution User ID'
Salesforce.com : AuthConfig - 'Auth Providers = Janrain is not configured'

CONFIGURATION MANAGEMENT

Salesforce.com : AuthConfig - 'Auth Providers = Janrain'
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Authorized Endpoint URL'
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Consumer Key'
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Consumer Secret'
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Default Scope'
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Error URL'
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS is not configured'

CONFIGURATION MANAGEMENT

Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Token Endpoint URL'
Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS'
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Authorize Endpoint URL'
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Consumer Key'
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Consumer Secret'
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Default Scope'
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Error URL'
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Execution User ID'
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect is not configured'

CONFIGURATION MANAGEMENT

Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Send Access Token in Header'
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Send Client Credentials in Header'
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Token Endpoint URL'
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Token Issuer'
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect User Info Endpoint URL'
Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect'
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce Consumer Key'
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce Consumer Secret'
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce Default Scope'
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce Error URL'
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce Execution User ID'
Salesforce.com : AuthConfig - 'Auth Providers = Salesforce is not configured'

CONFIGURATION MANAGEMENT

Salesforce.com : AuthConfig - 'Auth Providers = Salesforce'
Salesforce.com : AuthConfig - 'Auth Providers in use'
Salesforce.com : AuthConfig - No SSO Auth Providers have been configured

IDENTIFICATION AND AUTHENTICATION

Salesforce.com : CronTrigger - 'Cron Jobs with Status of BLOCKED'

CONFIGURATION MANAGEMENT

Salesforce.com : CronTrigger - 'Cron Jobs with Status of ERROR'

CONFIGURATION MANAGEMENT

Salesforce.com : Data Access Control - 'Enable CSRF protection on GET requests on non-setup pages = true'

SYSTEM AND COMMUNICATIONS PROTECTION

Salesforce.com : Email Services - 'AddressInactiveAction != 2'

CONFIGURATION MANAGEMENT

Salesforce.com : Email Services - 'AttachmentOption != 2 or 3'

CONFIGURATION MANAGEMENT

Salesforce.com : Email Services - 'AuthenticationFailureAction != 2 or 3'

CONFIGURATION MANAGEMENT