SkyFormation for Salesforce. Cloud Connector

Similar documents
SailPoint IdentityIQ 6.4

McAfee Skyhigh Security Cloud for Amazon Web Services

W H IT E P A P E R. Salesforce Security for the IT Executive

Access Governance in a Cloudy Environment. Nabeel Nizar VP Worldwide Solutions

Liferay Security Features Overview. How Liferay Approaches Security

Salesforce External Identity Implementation Guide

IBM CLOUD DISCOVERY APP FOR QRADAR

Create and Manage Partner Portals

Netwrix Auditor. Visibility platform for user behavior analysis and risk mitigation. Mason Takacs Systems Engineer

McAfee Skyhigh Security Cloud for Citrix ShareFile

MIGRATING FROM PORTALS TO COMMUNITIES

User Guide. Version R94. English

LastPass Enterprise Recommended Policies Guide

Colligo Engage Console. User Guide

Secure single sign-on for cloud applications

Google Identity Services for work

HCX SERVER PRODUCT BRIEF & TECHNICAL FEATURES SUMMARY

Salesforce Enterprise Edition Upgrade Guide

Salesforce Security Guide

ObserveIT 7.1 Release Notes

Salesforce Security Guide

McAfee MVISION Cloud. Data Security for the Cloud Era

Salesforce1 Mobile Security White Paper. Revised: April 2014

Yubico with Centrify for Mac - Deployment Guide

USER MANUAL. SalesPort Salesforce Customer Portal for WordPress (Lightning Mode) TABLE OF CONTENTS. Version: 3.1.0

SIEM Tool Plugin Installation and Administration

Salesforce External Identity Implementation Guide

Best Practices in Securing a Multicloud World

Account Plan Pro Set Up Guide

Salesforce Admin & Development Training

Symantec Endpoint Protection Family Feature Comparison

Ekran System v Program Overview

Salesforce Security Guide

PROXY Pro v10 RAS Security Layer Overview

Salesforce Security Guide

Salesforce Classic Guide for iphone

A Practical Step-by-Step Guide to Managing Cloud Access in your Organization

SOLUTION OVERVIEW. Enterprise-grade security management solution providing visibility, management and reporting across all OSes.

Security from the Inside

Deploy Enhancements from Sandboxes

SECURITY DOCUMENT. 550archi

Bomgar SIEM Tool Plugin Installation and Administration

Salesforce Security Guide

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

User Accounts for Management Access

ISO/IEC Controls

EXTENDING BEHAVIORAL INSIGHTS INTO RISK-ADAPTIVE PROTECTION & ENFORCEMENT

IBM QRadar User Behavior Analytics (UBA) app Version 2 Release 7. User Guide IBM

Getting Started with the Aloha Community Template for Salesforce Identity

Compare Security Analytics Solutions

Set Up and Manage Salesforce Communities

How-to Guide: Tenable.io for Microsoft Azure. Last Updated: November 16, 2018

Partner Center: Secure application model

I, J, K. Lightweight directory access protocol (LDAP), 162

Today s workforce is Mobile. Cloud and SaaSbased. are being deployed and used faster than ever. Most applications are Web-based apps

Salesforce External Identity Implementation Guide

How-to Guide: Tenable Nessus for Microsoft Azure. Last Updated: April 03, 2018

News and Updates June 1, 2017

AvePoint Online Services 2

IBM Future of Work Forum

Best Practices in Securing Your Customer Data in Salesforce, Force.com & Chatter

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

FAQ. General Information: Online Support:

Salesforce.com Winter 18 Release

DreamFactory Security Guide

Oracle Eloqua HIPAA Advanced Data Security Add-on Cloud Service

WHAT S NEW WITH OBSERVEIT: INSIDER THREAT MANAGEMENT VERSION 6.5

WORKPLACE Data Leak Prevention: Keeping your sensitive out of the public domain. Frans Oudendorp Ronny de Jong

CloudLink SecureVM. Administration Guide. Version 4.0 P/N REV 01

F5 Azure Cloud Try User Guide. F5 Networks, Inc. Rev. September 2016

Crash course in Azure Active Directory

Qualys Cloud Platform (VM, PC) v8.x Release Notes

User Guide. Version R92. English

The essential toolkit for effective AD management: The Integrations Handbook

Privileged Remote Access 18.3 Available Features

Are You Sure Your AWS Cloud Is Secure? Alan Williamson Solution Architect at TriNimbus

SOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2

Installation Guide Revision B. McAfee Cloud Workload Security 5.0.0

Getting Started. Logon to Portal

Securing Containers Using a PNSC and a Cisco VSG

Securing Containers Using a PNSC and a Cisco VSG

Quick Heal Mobile Device Management. Available on

How to Login, Logout and Manage Password (QRG)

Passwords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist

CRM Partners Anonymization - Implementation Guide v8.2 Page 2

Salesforce Classic Mobile Guide for iphone

VMware Identity Manager Administration. MAY 2018 VMware Identity Manager 3.2

CA CloudMinder. Administration Guide 1.52

Securing Office 365 with SecureCloud

Secret Server User Guide

PCI DSS Requirements. and Netwrix Auditor Mapping. Toll-free:

Azure Marketplace Getting Started Tutorial. Community Edition

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Virtual Machine Encryption Security & Compliance in the Cloud

DocAve Governance Automation Online

Sophos Mobile Control Administrator guide. Product version: 5.1

HIPAA Controls. Powered by Auditor Mapping.

Colligo Engage Outlook App 7.1. Offline Mode - User Guide

User Documentation. Administrator Manual.

SIMSme Management Cockpit Documentation

Transcription:

SkyFormation for Salesforce Cloud Connector Overview Salesforce provides a broad set of customers and sales automation and management services delivered as a cloud service. Salesforce helps organizations move faster with infinite scalability and lower cost for their sales automation and management. But at the same time, the public cloud Software as a Service (SaaS) model presents the organization with new security challenges. The main challenges and needs are to: Get and retain visibility of in-service activities Retrieve the Salesforce activities as users access, permissions changes, security changes, files management and others into the organization central log or event management system. Detect threats Be able to detect threats as data exfiltration, compromised accounts and more, from both insider and external attackers. Detect unapproved or risky security changes Be able to detect security changes that are either done by unapproved people or violate the organization policy. For example, be able to detect when a new administrator is added to Salesforce from unknown location. SkyFormation for Salesforce cloud connector What is it SkyFormation for Salesforce cloud connector, is part of the SkyFormation Cloud Connectors platform that monitor events across different cloud services and apps (e.g. Azure, AWS, Salesforce, Office 365 and more) and send them to the organization s SIEM / SOC systems in an actionable form. Solution Highlights SkyFormation for Salesforce Cloud Connector allows organizations to: - Extend existing SIEM/Splunk system to get full audit and visibility of activities and events in their Salesforce service. - Detect security threats in Salesforce using existing SIEM system - Streamline Salesforce security incidents investigations using existing security operation system. - Speed up regulatory compliance support

How it works SkyFormation Cloud Connectors retrieve the events from the different cloud services events sources as log files, using the cloud service APIs (out-of-band), and send the events after enriching to the organization s SIEM / SOC system, using Syslog. No network security changes are needed in Firewall or else. SkyFormation Cloud Connectors could be deployed on any VM whether in the cloud or on-premise. Main benefits - Reduce development costs - No need to develop ad-hoc cloud services connectors - Reduce maintenance costs - No need to maintain self-created connectors changes - Improve cloud protection Events are designed to meet detection needs. - Speed up regulatory Security events required by regulations are monitored and sent to SIEM - Streamline investigation Events are easy to understand by security analysts SkyFormation Salesforce Logs and Events *Supported What is it Cloud services monitored by SkyFormation cloud connectors, mostly support multiple audit logs and sources, where each contains different type of information and events. SkyFormation cloud connectors monitor events in each Supported Log specified in the table below at the following way: (1) Audit Events The entire events available at the Supported Log are extracted and sent to the integrated SIEM/Central log, in their original structure. This level of monitoring ensures no event from the original audit log is lost, and allow easier compliance and forensic process. (2) SkyFormation Unified Events These are cloud service original events SkyFormation connector transform into the the SkyFormation Unified Security Events. These events allow easiest detection across multiple cloud services, in any SIEM. They also streamline investigation and incident response

Supported Log LoginHistory SetupAuditTrail Details o Successful login o Failed login o Password locked out o Connected application d Install Uninstall Block Unblock o Territory Add user Remove user Opportunity access level update Contact access level update territory type territory type territory model Update territory model state Add object territory assignment rule to territory model Remove object territory assignment rule to territory model Activate object territory assignment rule in territory model Deactivate object territory assignment rule in territory model Update object territory assignment rule in territory model o Delegated logout o Permission set Assign Unassign Rename Update of field level permissions Update of object level permissions Update of tab permissions Update of user (system) permissions

Update of apex class access permissions o Profile Clone Rename Change user s profile Update of field level permissions Update of object level permissions Update of user (system) permissions Add View All permission Enable and disable connected application for the profile Change visibility of console with macros application for the profile o Group Rename Membership update o Password Reset Change o User Freeze user Unfreeze user Deactivate Activate Unlock Email update Email update attempt Username update Nickname update Email approval preference update Salesforce classic enable/disable o Role Assign Unassign Replace o Security controls IP white list Add

Delete Update o Password policy update Expiration policy History policy Minimal length policy Complexity policy Question policy Maximum invalid attempts policy Lockout period policy Enable and disable obscuring of secret answer Enable and disable requiring minimum password lifetime Forgot password message Forgot password help link Alternative home page o Session settings update Enable and disable session timeout Warning Session timeout Enable and disable force logout on session timeout Enable and disable lock session IP Enable and disable lock session domain Enable and disable relogin after login-asuser Enable and disable require HttpOnly attribute Enable and disable use POST requests for cross-domain sessions attribute Enable and disable enforce login IP ranges on every request Enable and disable login page caching Enable and disable clickjack protection for customer Visualforce pages Enable and disable content security policy protection for email template Logout URL Session security level ContentVersion o File upload [1] (content document) o File content update [1] (content document) o File deleted [1] (content document)

ContentVersionHistory ContentDistributionView ContentDistribution ContentWorkspace o File download [1] (content document) o File download [1] (content document) o File preview [1] (content document) o File shared [1] (content document) o File un-shared [1] (content document) o Directory create (library) Document Attachment EventLogFile [2, 3] o File upload (document) o File delete (document) o File upload (attachment) o File delete (attachment) o File properties update (attachment) o Export report o Run report o Delegate login o Dashboard view o File upload o File download o File preview o Object view Remarks 1. Salesforce CRM content, not applicable over private libraries 2. All other events, not specified, are sent as an audit event 3. Event monitoring data created every 24hr About SkyFormation Founded in 2014, SkyFormation is a cloud application security company that provides visibility and mitigation of the risks associated with cloud services usage in the organization. Building on the strengths of your existing Security Operations, SIEM and other security investments, SkyFormation uniquely detect threats by delivering granular security information on the usage of business cloud services (e.g. Salesforce, Azure, Office365, AWS, etc.), internally developed applications, and shadow IT.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback