Salesforce ComplianceSalesforce / Trust
Compliance engineered for the Cloud
Salesforce maintains a comprehensive set of compliance certifications and attestations to validate our #1 value of Trust.

Salesforce Security (Incident) Response Plan

FAQ's and White Papers Agentforce & Einstein Platform B2C Commerce / Commerce Cloud (First Party) B2C Commerce / Commerce Cloud (Hyperforce) Data Cloud General (not service specific) Heroku Marketing Cloud - Account Engagement Marketing Cloud - Advertising Marketing Cloud - Engagement (First Party) Marketing Cloud - Engagement (Hyperforce) Marketing Cloud - Growth Marketing Cloud - Intelligence Marketing Cloud - Personalization MuleSoft MuleSoft Government Cloud Own by Salesforce Quip Sales Enablement Salesforce Government Cloud Plus Salesforce Government Cloud Plus - Defense Salesforce Professional Services Salesforce Services (First Party) Salesforce Services (Hyperforce) Slack Slack (GovSlack) Tableau Cloud

This document is a summary of the formal Salesforce Salesforce Security Response Plan. The plan applies to all information security incidents occurring within Salesforce’s environment. Salesforce defines an information security incident as a confirmed or reasonably suspected breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, data transmitted, stored or otherwise processed by Salesforce and its third parties.
Latest version
Valid from 2025-05-01
Last updated on 2025-05-01