Why S4?

 

S4 is a SaaS security scanner for Salesforce. It rapidly identifying threats and vulnerabilities in Salesforce environments, and provides remediation recommendations.

 

unparalleled technology

digitsec_s4_features.jpg
digitsec_s4_features.jpg

S4 Vulnerability coverage:

digitsec_s4_vulnerability_coverage.jpg

How it works

 
 
analyze.png

1. S4 Reviews Environment Configuration

S4 reviews the configurations of your Salesforce org and identifies flaws

 
 
 
coding (3).png

2. S4 Scans Source Code

S4 uses a robust client-side static code analysis engine to create call flows to identify CRUD/FLS flaws. It then uses data flow analysis to associate VisualForce components to their associated controllers.

 
 
 
recycle.png

3. S4 Generates a Custom Fuzzer

S4 uses white-box fuzzing to rapidly identify injection flaws within Force.com code. All vulnerabilities identified during run time testing contain Proof of Concept (PoC) exploits, ensuring no false positives.

 
 
 
document.png

4. S4 Produces an Application Security Report

S4 produces a comprehensive security report containing the specific threats and vulnerabilities to your Salesforce instance, the severity of its findings, and remediation solutions. 

 
 

S4 product demo


What customers are saying:

S4 - SaaS Security Scanner for Salesforce is a must have tool for all developers in order to develop secure applications on the Force.com platform. I have worked on many instances of SFDC and found that developers don’t consider security while developing on the platform. I found S4 very intelligent to spot vulnerabilities and to make the environment more secure.
— Terex

Still have questions?

Feel free to contact us anytime.