At CodeScience, security is a critical part of every step of our process, from design to architecture to development. Salesforce shares our obsession with security: trust is issue #1. Salesforce Security Review is required for any ISVForce or OEM application in the Salesforce ecosystem, as it validates that the application is architected and coded with security best practices.
Because your app will run on their platform, Salesforce is interested in:
- the security of your code
- any applications (web, mobile, and desktop) that your app integrates with.
Which means that the Security Review process isn’t just complex, it’s constantly evolving and not for the faint of heart. Fortunately, that’s our area of expertise!
"Security Review is not the enemy -- it's your best friend," says CodeScience CEO Brian Walsh. "The more that Salesforce customers can trust all apps, the more likely they'll install and try your AppExchange product. That's good for the ecosystem and good for you."
Our team has vigorously taken up this rally call. We're so consumed with security that we developed our own proprietary, security testing methodology which allows us to guarantee our own work will pass security review. From vulnerability and penetration testing, to Apex code reviews and scanning, to working with Salesforce to address additional threats, we bring more experience—and success—than any other organization. CodeScience has brought over 250 applications to market and through the Security Review process.
Introducing the CodeScience Security Review Engagement
With this in mind, we're proud to unveil our new Security Review Engagement. Now, we offer you the ability to benefit from our expertise even if we didn't develop your application in the first place. The CodeScience Security Review engagement provides security scans, analysis, and assistance to prepare your application for Salesforce Security Review.
The engagement is intended to:
Complete the required security scans for submitting the application to Salesforce Security Review
Provide best practice guidance for remediating any issues identified by preliminary scans
Assist with preparing application documentation for Salesforce Security Review