Secure Development on the Salesforce Platform - Part 2

Speakers

Lehan Huang

Web Application Security Engineer

Salesforce

Vinayendra Nataraja

Product Security Engineer

Salesforce

Description

Description

In this session, security experts from Salesforce will show you how to avoid common security pitfalls while developing applications using Apex and Visualforce.

This second installment of our secure development series continues development of the simple on-platform app created in part one by examining how vulnerabilities present themselves. After discussing the potential danger of these vulnerabilities and demonstrating their impact, we’ll show how to avoid introducing them in your code, how to review existing code to locate issues, and how to fix them to provide more secure apps.

In this exclusive webinar you'll learn about

Common VisualForce vulnerabilities
Additional features for the on-platform sample app
XSS (Cross-site Scripting)
Open Redirect
CSRF (Cross-Site Request Forgery)

Intended Audience

All developers on the Salesforce platform

Code Resources and Samples

Referenced Code Samples are located on our Github repository.

Recommended Resources

https://developer.salesforce.com/page/Secure_Coding_Guideline

https://developer.salesforce.com/page/Secure_Coding_Cross_Site_Scripting

https://developer.salesforce.com/page/Secure_Coding_Arbitrary_Redirect

http://resources.docs.salesforce.com/200/9/en-us/sfdc/pdf/salesforce_security_impl_guide.pdf

https://trustacademy.salesforce.com/

Related Videos

Secure Development on the Salesforce Platform - Part 1

Recording

Recorded : June 29, 2016

Chapters

01:19 - Forward Looking Statement
02:24 - Agenda
03:00 - FourZip App Part 2
05:05 - Cross Site Scripting
27:15 - Open Redirect
37:22 - CSRF - Cross-Site Request Forgery
44:06 - Session Summary
45:50 - Live Q&A

Speakers

Lehan Huang

Vinayendra Nataraja

Description

Recording

Presentation