Robust exception handling is one of the tenets of best practice for development, no matter what the coding language. This blog post, published in full on the NCC Group research site, explores the curious circumstances in which a developer trying to do the right thing – but without appreciating the full effects – could lead to data integrity issues in a Salesforce Organization. These issues revolve around the automatic rollback mechanism that the Salesforce platform provides to try to maintain data integrity. However, as is so often the case, the devil is in the detail. On the basis of recent code reviews, it is apparently under-appreciated how the addition of exception handling in Apex (the Salesforce development language) can affect the rollback mechanism, which in turn can affect data integrity. The precise impact will vary according to what’s being done to which data, but the potential for consequences detrimental to security is clear.

This blog post on the NCC Group research site discusses the most common findings from a sample of over 35 security assessments of Salesforce customer deployments. The assessments covered a mixture of configuration and code review, and the common issues were sorted into broad categories: Deviation From Salesforce Baseline Standard, Deviation From Security Best Practice, Authentication Issues, File Handling, Insecure Code, Unhandled Security Alerts and Critical Updates Pending (now since merged by Salesforce), and Broken Access Controls.