Security visibility: the cornerstone of cybersecurity

Without security visibility, it’s challenging to detect and prevent threats effectively. Visibility is the foundation for good cyber security, providing the necessary context to make informed, proactive decisions about security posture.

You can only protect what you can see

When you don’t have security visibility, you’re essentially guessing. You don’t know what you don’t know, and cyber attacks can go undetected for a long time. Attackers will have more time to compromise your environment and search for valuable data, causing heavier damage. Old and evolving threats, such as files with malware, may lurk in the system. Without the means to track the cloud incident investigation becomes difficult, time-consuming, and expensive. At the end of it, you can either be lulled into a false sense of security or be worried over nothing.

Do you really know what’s happening in your Salesforce environment?

Security visibility on Salesforce is critical for protecting sensitive data, preventing data breaches, and maintaining business continuity. It means having visibility into data within Salesforce, how it flows there, and how users and other systems interact with it. Good security starts with visibility; you can only protect what you see.

Without visibility, you don’t even know what normal looks like. In other words, identifying anomalies and potential security breaches is hard. Visibility helps detect anomalous behavior, identify vulnerabilities, and respond quickly to potential security threats, reducing the likelihood of successful attacks.

In the event of a security incident, knowing exactly what files have been found malicious, all the locations for them, and which users are affected enables you to respond faster and more effectively, eventually minimizing damages.

Real-time visibility through Withsecure™ Cloud Protection for Salesforce

WithSecure™ Cloud Protection for Salesforce provides constant real-time visibility without time lags, with complete audit trails of what happened, who was involved, and where. When you have real-time visibility to your Salesforce:

• You can investigate incidents immediately while mitigating further damage
• You can conduct faster and cheaper investigations with full forensic trails (e.g. who, what, when)

Analytics and reporting in WithSecure™ Cloud Protection for Salesforce

Dynamic analytics and reporting in WithSecure™ Cloud Protection for Salesforce gives a holistic security overview of Salesforce content and an opportunity to follow your security strategy in action.

Rich reporting, advanced security analytics, and full audit trails help your security team to respond to threats in Salesforce and to investigate attacks.

Out-of-the-box dashboards like the Protection Status dashboard provide a situational overview at a glance. Furthermore, you can leverage Salesforce’s powerful native reports and dashboards to create your own.

Protection Status: your Salesforce security dashboard

The protection status panel provides a comprehensive, straightforward snapshot of your Salesforce security status, including file and URL scanning configurations, connectivity status, automatic update status, and the version in use. Thus, you can quickly spot and fix any security hiccups.

The panel is neatly divided into four sections:

• File Protection section shows the status of scanning and blocking harmful and disallowed content. Accessing File Protection settings is as easy as a click.
• URL Protection section serves as your window into the status of harmful and disallowed URL scanning features.
• Automatic Update section displays the status of automatic updates, along with the app version you’re currently using. You can see if automatic updates are enabled or disabled, and whether a manual installation of a newer version is needed.
• Connectivity section provides a snapshot of the status of the connected app and its link to the WithSecure Security Cloud. This includes the status of seamless data exchange between your environment and WithSecure’s security services. You can see if the WithSecure Security Cloud is operational, not operational, or if its status is unknown. Similarly, you can see if the connected app is operational, not set up, malfunctioning, or if its status is unknown.

Automated alerts for efficient security management

With WithSecure™ Cloud Protection for Salesforce, you can automate reports of security incidents and receive timely email alerts to administrators and your security department. This ensures prompt response and mitigation of potential threats.

Alerts feed

From the Alerts tab, you can access a comprehensive feed of all security-related events that have triggered alerts. This includes threat detections, scan overusage, and security configuration changes. If you suspect that you might have missed an alert, you can easily check the latest status here.

You can find detailed forensics information from the File Events and URL Events feeds about specific threat detections and scanning results. Full audit trails give you the complete picture. This includes details such as what happened, where, when, and by whom – for example, if a user clicked a phishing link or a malware was uploaded by an attacker.