Agentforce security: protect agent workflows against cyber threats

Unlock productivity without compromising security

Agentforce security – the new security aspect to consider in 2025.

In 2025, agentic AI is expected to take precedence over generative AI. Agentic AI like Salesforce Agentforce enables humans to collaborate with AI agents to enhance customer experiences and create vast digital workforces.

Salesforce Agentforce is transforming how you operate, automating customer touchpoints across sales, service, and marketing. It enables your business to handle vast amounts of data more efficiently than ever before. But with great power comes great responsibility. This surge in unstructured data, like files and URLs, also introduces new risks.

Consequently, Phishing links, malware, and ransomware can sneak into your Salesforce environment through the agent workflows that make your operations seamless. If left unchecked, these threats can disrupt your business, compromise customer trust, and undermine the very efficiencies Agentforce was designed to deliver.

Agentforce data security is your responsibility

Agentforce automates workflows by processing files and URLs uploaded via customer portals, web forms, or shared through collaboration tools like Slack and WhatsApp. While this creates incredible opportunities for productivity, it also amplifies your exposure to cyber risks:

• Phishing links: Agents might unknowingly share malicious URLs, leading to data breaches or credential theft.
• Malware in files: Files uploaded by customers or partners can contain ransomware or other malware.
• Agent-human interactions: As agents transition data to human employees, malicious content can spread across teams or even to external customers.
• Collaboration tools: Links and files shared across platforms like Slack can widen the attack surface, exposing sensitive data or propagating harmful content.

The challenge? Salesforce doesn’t by default scan these touchpoints for cyber threats. It’s your responsibility to secure the data that goes in and out of the platform, whether through agents or by human users.

How to secure Agentforce workflows

This is where WithSecure™ Cloud Protection for Salesforce comes in. Designed to work seamlessly within Salesforce, our solution ensures your workflows remain secure while letting you focus on what matters most: delivering exceptional customer experiences.

• Real-time threat protection: Every file and URL is scanned instantly upon upload, download, or click –blocking malicious content before it poses a risk. How fast? While AI agents respond in an average of 1.5 seconds, our solution detects and neutralizes threats in just 1 second on average.
• Salesforce-native integration: Because our solution is 100% Salesforce native, you get the protection you need without added complexity and vulnerabilities.
• Secure collaboration: Files and URLs shared via tools like email-to-case or web-to-case are checked right at the platform and made secure for both human and agent users.
• Uninterrupted operations: Our real-time protection ensures your agent-powered workflows run smoothly, without disruptions.

Preparing for the future of increased unstructured data volumes on Salesforce

Agentforce is revolutionizing business, and its adoption is only going to grow. As your AI agents process increasing volumes of files and URLs, the need for robust, real-time scanning will only become more critical. WithSecure™ is here to help you stay ahead of these risks.

By securing your workflows, we ensure you can harness the full potential of Agentforce to innovate and grow without compromising the security of your data or the trust of your customers.

Let’s secure your Salesforce for both agents and humans

At WithSecure™, we’re committed to helping you make the most of Salesforce and Agentforce while fulfilling your security responsibilities. Together, we can ensure your agent-powered digital transformation is secure, seamless, and future-ready. If you’d like to learn more about how we can help safeguard your workflows, let’s connect.