🛡️ Security Audit Cluster

Salesforce Security Tools — Audit Cluster Hub

Salesforce security audits fail for a predictable reason: they treat the org as a static system. But users are added, integrations change, consultants come and go, and permission sets accumulate without anyone signing off. These three resources give you a working thread from raw permission metadata to a documented, repeatable audit.

Pick the entry that matches your situation. Profile and permission bloat — start with the Permissions Scanner. OAuth sprawl and dormant refresh tokens — read the Connected Apps guide. A complete quarterly sweep — work the 47-point checklist.

Three resources, one audit surface.

Each tool targets a distinct failure mode in the security audit cluster. They are designed to be used together — but each one stands alone.

Why these matter.

01

Dormant accounts are a backdoor

An Active user that hasn't logged in since last quarter is an attacker-ready credential. It won't trigger unusual login alerts because the pattern is normal, and its permissions haven't been reviewed since the day it was created.

02

OAuth tokens outlive the user who installed them

A connected app installed by a contractor in 2022 may still have an active refresh token. When that user's account is compromised — or the contractor's org is breached — your data is still reachable through the token.

03

Permission sets accumulate without review

Every quick fix — "add this permission set to unblock the user" — leaves behind a small piece of access that no one audits later. After two years, the org has 80 permission sets and no one knows the full access picture.

Run audits on your live Salesforce.

The Founding Member tier connects FlowPilot to your Salesforce org and runs the permission, OAuth, and validation checks against your actual metadata — not a CSV export.

✓ Live org scans ✓ Org Health scorecard $99/mo · Founding Member
See Founding Member →