Compliance engineered for the Cloud

Salesforce maintains a comprehensive set of compliance certifications and attestations to validate our #1 value of Trust.

MuleSoft Government Cloud

Applicable only to the services branded as MuleSoft Government Cloud. The MuleSoft Government Cloud is a secure, FedRAMP-compliant deployment environment that enables U.S. Government agencies to use the Anypoint Platform in the cloud. The Mulesoft Government Cloud environment has been granted an agency-sponsored provisional Authority to Operate (ATO) of *moderate* impact or below.

Please refer to the "Audits and Certifications" section of the service-specific Security, Privacy and Architecture documentation for details regarding the security and privacy related audits and certifications received.

Applicable documents by category

Filter this list

Sort by Updated On
Name ISO 9001:2015 - Salesforce, Inc.	Updated On 2025-01-31	Infrastructure First party	Category ISO 9001
Name CJIS - MuleSoft Government Cloud	Updated On 2025-01-14	Infrastructure AWS	Category CJIS
Name SOC 2 Report - Amazon Web Services (AWS)	Updated On 2025-01-10	Infrastructure AWS, Hyperforce	Category SOC 2
Name Vulnerability Management and Response Plan Summary	Updated On 2025-01-02	Infrastructure First party, AWS, Hyperforce	Category FAQ's and White Papers
Name SOC 1 Report - Amazon Web Services (AWS)	Updated On 2024-12-13	Infrastructure AWS, Hyperforce	Category SOC 1
Name Salesforce Secure Development Lifecycle Overview	Updated On 2024-12-05	Infrastructure First party, AWS, Hyperforce	Category FAQ's and White Papers
Name SOC 2 Report - OpenAI	Updated On 2024-11-25	Infrastructure AWS, Hyperforce	Category SOC 2
Name Vulnerability/Penetration Report Summary - OpenAI	Updated On 2024-11-25	Infrastructure AWS	Category External Security Assessments
Name Salesforce Security (Incident) Response Plan	Updated On 2024-09-05	Infrastructure First party, AWS, Hyperforce	Category FAQ's and White Papers
Name GDPR - Data Protection Impact Assessments & Salesforce Services	Updated On 2024-08-14	Infrastructure First party, AWS, Hyperforce	Category GDPR
Name UK Cyber Essentials Plus Certificate	Updated On 2024-07-24	Infrastructure First party, AWS, Hyperforce	Category UK Cyber Essentials Plus
Name Salesforce Health & Safety Policy	Updated On 2024-06-26	Infrastructure First party, AWS, Hyperforce, Azure, GCP	Category Resilience, BCP & DR
Name US Dept. of Defense Cybersecurity Maturity Model (CMMC) & Salesforce Whitepaper	Updated On 2024-03-14	Infrastructure First party, AWS	Category FAQ's and White Papers
Name DoD IL2 - MuleSoft Government Cloud	Updated On 2023-07-27	Infrastructure AWS	Category DoD IL2
Name Salesforce Security (Incident) Response Plan (JP)	Updated On 2022-10-04	Infrastructure First party, AWS, Hyperforce	Category FAQ's and White Papers
Name NIST SP 800-171 Attestation Letter - MuleSoft Government Cloud	Updated On 2022-05-17	Infrastructure AWS	Category NIST SP 800-171
Name FedRAMP - MuleSoft Government Cloud	Updated On 2021-05-04	Infrastructure AWS	Category FedRAMP Moderate
Name International Transfers of EU Personal Data to Salesforce's Services FAQ	Updated On 2020-07-16	Infrastructure First party, AWS, Hyperforce	Category U.S. Data Privacy Framework (DPF)