The Salesforce security review helps protect Docomotion against potential vulnerabilities.
Data and information security is a key priority for Docomotion and we are proud to announce our certification of compliance with the requirements of ISO/IEC 27001:2013 and 27018: 2013.
The official accreditations of those ISO certifications:
Our security internal processes include the following procedures:
- SSDLC – Secure code training and testing
- Annual penetration tests by a 3rd party security expert
- Salesforce Scanner – ongoing scanning.
The Force.com Source Scanner scanned 1.23 billion lines of code across 41,378 scans and prevented 4.43 million potential security issues in FY17. In 2017 Salesforce increased capacity on the scanner from 100 scans per day to 3,000 scans per day, which drastically reduced wait times. In addition to providing support for issue types such as CRUD/FLS and JS-based issues, Salesforce also increased the maximum scanned lines of code from 750k to 2.5 million. This enables partners, such as Docomotion, to scan very large packages and find instances with additional issue types. The scanner reports were enhanced, providing a concise, more readable format.
- Ongoing Vulnerability assessments