Vulnerability/Penetration Report Summary - Salesforce Services (+12M Retest)

Attestation of the vulnerability retest summaries. A retest of the full scope assessment is performed 12 months after the original test. The documents do not contain details of vulnerabilities or findings and is intended only to provide information on the tests performed and scope of testing. Vulnerabilities discovered during testing are tracked and resolved in accordance with corporate policy and industry best practice. A third party assessment of vulnerability management and resolution process can be found in the SOC 2 report.