Are You Secure?
This attack by a malicious actor renders a computer or network unavailable to its users by flooding it with traffic.
What is Denial-of-Service?
In the CodeScan case study, our client was originally using these two tools to check their code.
What is ApexPMD and SonarQube?
Where Salesforce is headquartered.
What is San Francisco?
A package that can’t be upgraded or controlled by its developer.
What is an Unmanaged Package?
Represents the type of data being stored inside of Salesforce. “Email” is an example.
What is a Field?
What does CSRF stand for?
What is Cross-Site Request Forgery?
The initial security and compliance audit conducted by the client in the CodeScan case study cost them roughly this many million dollars.
What is 4.5 million? (*Answers around this estimate are accepted)
Salesforce was founded in this year.
What is 1999?
All Lightning Platform components that are retrieved or deployed through the Metadata API are represented by this.
What is XML?
These are essentially database tables that are used to store information of an organization.
What is an Object?
The specific AutoRABIT product that can enforce zero trust and least privileges methodology.
What is OrgScan?
Pen-testers in the CodeScan case study uncovered major vulnerabilities at ‘HealthCorp’ that could be exploited to allow for unauthorized ______ _______.
What is User Access?
The name of Salesforce’s AI technology that helps make the Customer Success Platform smarter.
What is Salesforce Einstein?
Testing that uncovers why functionality that was previously working stops working as intended.
What is Regression Testing?
The three major cloud-hosting vendors include AWS, Google Cloud Platform, and ________.
What is Azure?
An application security methodology for managing open-source components.
What is SCA or Software Composition Analysis?
In the CodeScan case study, one of the more concerning vulnerabilities discovered by CodeScan enabled attackers to manipulate data to commit this type of fraud.
What is Payment Fraud?
The name of the CEO of Salesforce.
Who is Marc Benioff?
An Apex method or operation that inserts, updates, or deletes records.
What is Data Manipulation Language (DML)?
CodeScan will assign each category of your scanned code (Bugs, Vulnerabilities, Hotspots, and Code Smells) one of these letters based on the severity and amount of issues found.
What is A, B, C, D, & E?
This type of cyberattack tricks a web browser into executing an unwanted action in an application to which a user is logged in?
What is CSRF (Cross-Site Request Forgery)?
One of the major vulnerabilities marked with ‘minor severity’ by ApexPMD in the CodeScan case study allowed attackers to exploit insecure ______ endpoints and extract sensitive customer data.
What is API?
Name any one of the ranks you can obtain on Salesforce Trailhead.
What is a Scout/ Hiker/ Explorer/ Adventurer/ Mountaineer/ Expeditioner/ Ranger?
This query language allows you to search your organization's Salesforce data for specific information. It serves a similar function to a Salesforce report, but instead of dragging and dropping fields and values into the report, you are writing a Query to perform the same function but without the visual interface.
What is SOQL (Salesforce Object Query Language)?
This method of security testing tests an application from the outside in and can discover run-time and environment-related issues.
What is Dynamic Application Security Testing (DAST)?