Compliance engineered for the Cloud

Salesforce maintains a comprehensive set of compliance certifications and attestations to validate our #1 value of Trust.

External Security Assessments

Attestation of penetration tests and security assessments performed by third parties. The document does not contain details of any vulnerabilities or findings and is intended only to provide information on the tests performed and scope of testing. As verified by external audits, vulnerabilities discovered during testing are tracked and resolved in accordance with corporate policy and industry best practice.

Applicable documents by service

Sort by: Document	Sort by: Last Updated	Infrastructure	Sort by: Service
Vulnerability/Penetration Report Summary - Customer 360 Audiences	2021-03-17	Hyperforce	Customer 360 Audiences Customer 360 Audiences
Vulnerability/Penetration Report Summary - ClickSoftware FSE - WebApp & API	2021-02-23	First party	ClickSoftware ClickSoftware
Vulnerability/Penetration Report Summary - Interaction Studio	2021-02-22	AWS	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - Heroku	2021-02-12	AWS	Heroku Salesforce.org Philanthropy Cloud and Elevate Heroku Salesforce.org Philanthropy Cloud and Elevate
Vulnerability/Penetration Report Summary - Tableau Mobile (Android)	2021-01-26	AWS	Tableau Tableau
Vulnerability/Penetration Report Summary - Tableau Mobile (iOS)	2021-01-26	AWS	Tableau Tableau
Vulnerability/Penetration Report Summary - Tableau Online (TOL)	2021-01-26	AWS	Tableau Tableau
Vulnerability/Penetration Report Summary - Tableau Server	2021-01-26	First party, AWS, Hyperforce	Tableau Tableau
Vulnerability/Penetration Report Summary - Salesforce.org Philanthropy Cloud	2021-01-21	AWS	Salesforce.org Philanthropy Cloud and Elevate Salesforce.org Philanthropy Cloud and Elevate
Vulnerability/Penetration Report Summary-Hyperforce/Unified Cloud Infrastructure	2021-01-13	Hyperforce	Salesforce Services Salesforce Services
Vulnerability/Penetration Report Summary - Quip	2021-01-12	AWS	Quip Quip
Vulnerability/Penetration Report Summary - Salesforce Services	2020-12-22	First party, AWS	Salesforce Services Government Cloud Salesforce Services Government Cloud Salesforce.org Philanthropy Cloud and Elevate Show more
Vulnerability/Penetration Report Summary - Tableau CRM Mobile (Andr./iOS)	2020-12-22	First party	Salesforce Services Government Cloud Salesforce Services Government Cloud
Vulnerability/Penetration Report Summary - Field Service Lightning (Andr./iOS)	2020-12-21	First party	Salesforce Services Salesforce Services
Vulnerability/Penetration Report Summary - Salesforce Mobile (Andr./iOS)	2020-12-21	First party	Salesforce Services Salesforce Services
Vulnerability/Penetration Report Summary - Salesforce Authenticator (Andr./iOS)	2020-12-18	First party	Salesforce Services Salesforce Services
Vulnerability/Penetration Report Summary - Advertising Studio	2020-12-15	First party	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - ExactTarget	2020-12-15	First party	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - Audience Studio and Data Studio	2020-12-11	AWS	Audience Studio and Data Studio Audience Studio and Data Studio
Vulnerability/Penetration Report Summary - Predictive Intelligence	2020-12-11	AWS	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - Social Studio	2020-12-11	First party	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - MuleSoft	2020-11-10	AWS	MuleSoft MuleSoft
Vulnerability/Penetration Report Summary - myTrailhead	2020-10-06	AWS	myTrailhead myTrailhead
Vulnerability/Penetration Report Summary - Salesforce Services Data Mask Add-on	2020-10-05	First party, AWS	Salesforce Services Salesforce Services
Vulnerability/Penetration Report Summary - B2B Commerce	2020-09-09	First party	B2B Commerce B2B Commerce
Vulnerability/Penetration Report Summary - Tableau CRM	2020-08-26	AWS	Salesforce Services Government Cloud Salesforce Services Government Cloud
Vulnerability/Penetration Report Summary - Messaging and LiveMessage	2020-08-07	AWS	Salesforce Services Government Cloud Salesforce Services Government Cloud Messaging and LiveMessage Show more
Vulnerability/Penetration Report Summary - Datorama	2020-08-04	AWS	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - Einstein Vision, Language & Voice	2020-08-03	AWS	Einstein Platform Einstein Platform
Vulnerability/Penetration Report Summary - Pardot	2020-07-24	AWS	Pardot Pardot
Vulnerability/Penetration Report Summary - Service Cloud Einstein	2020-04-20	AWS	Einstein Platform Einstein Platform
Vulnerability/Penetration Report Summary - Sales Cloud Einstein	2020-04-17	AWS	Einstein Platform Einstein Platform
Vulnerability/Penetration Report Summary - Marketing Cloud Mobile (Andr./iOS)	2020-02-25	First party	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - Salesforce Events Mobile (Andr./iOS)	2020-02-18	First party	Salesforce Services Salesforce Services
Vulnerability/Penetration Report Summary - Salesforce Inbox Mobile (Andr./iOS)	2019-12-20	First party	Einstein Platform Einstein Platform
Vulnerability/Penetration Report Summary - Einstein Discovery	2017-12-07	AWS	Salesforce Services Government Cloud Salesforce Services Government Cloud

Trust | Compliance

External Security Assessments

Applicable documents by service

Additional Information

Trailhead