Salesforce ComplianceSalesforce / Trust
Compliance engineered for the Cloud
Salesforce maintains a comprehensive set of compliance certifications and attestations to validate our #1 value of Trust.

Vulnerability Management and Response Plan Summary

FAQ's and White Papers Agentforce & Einstein Platform B2C Commerce / Commerce Cloud (First Party) B2C Commerce / Commerce Cloud (Hyperforce) Data Cloud General (not service specific) Heroku Marketing Cloud - Account Engagement Marketing Cloud - Advertising Marketing Cloud - Engagement (First Party) Marketing Cloud - Engagement (Hyperforce) Marketing Cloud - Growth Marketing Cloud - Intelligence Marketing Cloud - Personalization MuleSoft MuleSoft Government Cloud Own by Salesforce Quip Sales Enablement Salesforce Government Cloud Plus Salesforce Government Cloud Plus - Defense Salesforce Professional Services Salesforce Services (First Party) Salesforce Services (Hyperforce) Slack Slack (GovSlack) Tableau Cloud

This document serves as the public version of the Salesforce Vulnerability Management and Response plan, which is part of our overall vulnerability management program. The plan applies to all security vulnerabilities that occur across Salesforce services and within Salesforce developed products. Salesforce defines a security vulnerability as any unintended capability within our product offerings and services that can adversely affect the confidentiality, integrity, or availability of any Salesforce computing service or the data of our customers.
Latest version
Valid from 2025-01-02
Last updated on 2025-01-02