Changes to the LIVEcommunity experience are coming soon... Here's what you need to know.
Salesforce.com, inc. is a cloud-based software company headquartered in San Francisco, California. It provides customer relationship management (CRM) service and also sells a complementary suite of enterprise applications focused on customer service, marketing automation, analytics, and application development. Before Salesforce, Customer Relationship Management (CRM) solutions were hosted on a company’s own server. Can you imagine the cost and time it took for companies to have their own CRM solutions? This lead to the building of an affordable CRM software and delivering it entirely online as a service. This was the main idea behind Salesforce. Started as a Software as a Service (SaaS) company, Salesforce has grown into the fifth-largest software company in the world.
- Prisma SaaS currently supports the Standard, Premier, and Sandbox versions. This includes Classic and Lightning editions.
Cloud App Category |
CRM/Structured/Unstructured |
Supported Version |
Full and Sandbox |
Cloud App Admin Role Requirement |
Admin |
Scanning Content |
Files, Tabless, Chatter messages |
Activity Monitoring |
Supported |
Activity Based Monitoring |
Supported |
Activities within a folder |
Not Supported |
Exposure (Public, External, Company & Internal) |
All Exposures are supported |
Prisma SaaS
Salesforce
To ensure Prisma SaaS has the ability to scan all content, the IP addresses listed below need to be allowed in the related environment prior to connected the Salesforce cloud app.
NAM:
52.8.93.28
52.8.40.56
54.219.134.168
54.67.77.65
54.219.180.40
52.8.13.242
52.8.4.101
54.193.156.0
52.53.91.120
52.8.46.33
54.153.2.91
54.183.179.36
EMEA:
35.156.155.74
35.156.123.1
35.156.199.255
35.156.182.65
35.156.187.73
35.156.212.138
APAC:
52.77.33.107
52.221.8.53
52.221.6.158
52.220.249.228
52.74.37.67
52.221.5.184
On Boarding Steps:
STEP 1.
Configure the required permissions within Salesforce:
Under Setup, select Manage Users > Users.
Select the administrative user account and then click System Permissions.
Under System, enable the following permissions:
Under Users, enable the following permissions:
STEP 2.
From the Prisma SaaS Dashboard, click Add a Cloud App, and select Salesforce.
Choose the type of Salesforce application:
Log in to Salesforce using admin account with the appropriate permissions.
After authentication, the new Salesforce app is added to the list of connected cloud apps.
STEP 3.
Prisma SaaS scans all assets in the associated Salesforce app and identifies incidents. Depending on the number of Salesforce users and assets, it may take some time for Prisma SaaS to complete the process. However, you can monitor scan results on the Dashboard and begin to Assess Incidents. Monitoring the progress of the scan during the discovery phase allows you to Fine-Tune Policy to modify the match criteria and ensure better results.
Scan Operation
Salesforce Objects
Data in Salesforce is stored in a table-based database. The class of an object is a table and an object instance is a row in that table.
There are two categories of objects:
Salesforce Files
Some Salesforce specific objects (Document, Attachment, ContentVersion, ChatterVersion) can have a file content attached to them. The object will contain a link to the content that has to be downloaded separately.
Scanning Process
Depending on the type of the object and how much information is known about an object and its data, different levels of scanning can be achieve.
Rate Limiting
Salesforce only allows a limited amount of API calls during a 24hr period of time (in thousands of calls). This means that the process must be optimized to reduce the number of API calls. In order to do that, objects are not fetched one by one but using bulk queries. These queries return a relatively large array of results (no more than ten thousands), that may not contain all the records requested. As the records are sorted by timestamps, a small sequence of iterative bulk queries is enough to return all the results.
In addition, the limit must not be reached in order to prevent Salesforce from sending a warning to the user. To tackle this problem, two counters per customer are used to keep track of the number of API calls and bulk queries. These counters are incremented and checked every time a query is done.