Do you conduct application penetration tests of your cloud infrastructure regularly? Jonathan van Driessen September 04, 2021 15:25 Yes. Related articles Do you publish a list of all APIs available in the service and indicate which are standard and which are customized? Are all identified security, contractual, and regulatory requirements for customer access contractually addressed and remediated prior to granting customers access to data, assets, and information systems? What does the Salesforce Security Review entail? Are controls in place to prevent unauthorized access to your application, program, or object source code, and assure it is restricted to authorized personnel only? Do you maintain a complete inventory of all of your critical assets located at all sites/ or geographical locations and their assigned ownership? Comments 0 comments Please sign in to leave a comment.