How to Handle Failed Salesforce AppExchange Security Review?

Common reasons for a ‘FAILED’ Salesforce AppExchange Security Review

The most common reasons for failing a Salesforce AppExchange security review can vary, but they often include issues such as:

1. Mishandling sensitive data, such as storing it in an unencrypted format or transmitting it insecurely over the network.

2. Leaving vulnerabilities such as injection flaws e.g., SOQL injection, cross-site scripting (XSS), or insecure direct object references (IDOR) that attackers could exploit.

3. Failing to implement proper authentication and authorisation mechanisms can lead to unauthorised access to sensitive functionality or data.

4. Misconfigurations in the application or underlying infrastructure can create security weaknesses that attackers can exploit.

5. Failure to keep third-party libraries and dependencies up-to-date can expose the application to known vulnerabilities.

Next steps after AppExchange security review failure

Understand Security Compliance for AppExchange

Getting excited and leaving security aside when prototyping an App idea is usual. 1st security review failure gives a shock to many ISVs, and its time to 1st fix learn the basics:

  • Bookmark this page: Security Requirements for AppExchange Partners and Solutions. This is an excellent singular index from the official ISVForce guide.

    • Security Policy Requirements: For Architects & Security experts in your team, responsible for security audits, compliance (HIPAA, etc), documentation, etc.

    • Prevent Secure Coding Violations: For Developers and Architects to ensure they are not repeating well-documented AppExchange mistakes.

    • Also covers Secure Your B2C Commerce Solution & Secure Your Tableau Accelerator, if you are building one.

  • Salesforce Secure Coding Guidelines: These guidelines are general golden rules for all Salesforce solutions, not just AppExchange.

Strategies for AppExchange success during Resubmission


Successfully navigating the Salesforce AppExchange security review requires a proactive approach to secure the application. Here are some key strategies to gain success in the resubmission:



Technical Adjustments




  1. Self-assessment: Conduct thorough self-assessments before submission, utilizing tools like the Salesforce Code Scanner and following their secure coding guidelines.




  2. Data Security: Implement robust data encryption (at rest and in transit), enforce granular access controls using permission sets and profiles, and avoid storing sensitive data unnecessarily.




  3. User Authentication: Enforce strong authentication protocols like multi-factor authentication and implement secure password management practices.




  4. Session Management: Utilize secure session tokens with short lifespans and employ robust session management mechanisms to prevent unauthorized access.




  5. Network Security: Ensure secure communication channels using HTTPS and avoid transmitting sensitive data in plain text.




  6. Vulnerability Testing: Regularly perform vulnerability testing using both manual and automated tools, addressing identified weaknesses promptly.




Process Improvements




  • Threat Modeling: Integrate threat modeling into development lifecycle to identify and mitigate potential security risks early on.




  • Secure Coding Practices: Train developers on secure coding practices and enforce code reviews to identify and address potential vulnerabilities.




  • Testing: Conduct comprehensive security testing throughout the development lifecycle, including:






    • Manual penetration testing and automated security scans.





    • Scan all external API endpoints, even those not on Salesforce.





    • Test the app for security breaches from different user personas (profiles, permission sets).





    • Keep track of incorrect security alerts and fix any code that doesn't meet Salesforce security rules.





    • Carry out simulated attacks based on the OWASP Top 10 vulnerabilities





    • Conduct rigorous code reviews based on the official Salesforce secure coding violations guidelines.






  • Documentation: Maintain clear and concise documentation of best security practices and controls, facilitating communication with the Salesforce security team.




Additional Tips:





  • Stay Informed: Stay updated on the latest security best practices and Salesforce security guidelines to ensure the app adheres to the evolving standards.




  • Seek Guidance: Utilize available resources from Salesforce, including the AppExchange Security Review documentation, Salesforce ISV Partners, and the Partner Community, for valuable insights and support.



Responses

Popular Salesforce Infographics