Helsinki, Finland – October 2025 — Attacks targeting Salesforce are on the rise as criminals exploit trusted access to slip past defenses. WithSecure™ Cloud Protection for Salesforce has launched Identity Protection, a new capability to the Salesforce threat protection solution, and the first of its kind to detect compromised partner and customer Salesforce accounts before they can be weaponized.
While enterprises invest heavily in identity security for employees, external users accessing Salesforce through partner, supplier, and customer portals often fall outside these protections. Security researchers consistently identify compromised credentials as a leading entry vector for data breaches.
In high-trust environments like Salesforce partner portals, external users can become the weakest link — a single compromised credential from a supplier or dealer can open the door to fraud worth tens of thousands of euros. That’s why identity threat detection and credential compromise visibility are now essential to keeping Salesforce secure.
Identity compromise: costly and hard to detect
These accounts can number in the tens of thousands per Salesforce customer — and when even one credential is stolen or reused across systems, attackers can gain access and remain undetected for months.
“The front door isn’t forced open anymore — it’s unlocked with stolen keys.” said Juhana Autio, General Manager, WithSecure Cloud Protection for Salesforce. “Even companies with million-dollar security stacks can’t defend against a trusted account that’s already been compromised. External users have long been a blind spot in Salesforce, and we’re closing it.”
Identity-based intrusions are among the most expensive to remediate — and often the slowest to detect and contain.
Security that fits Salesforce — not the other way around
WithSecure’s Identity Protection capability continuously monitors Salesforce user credentials against a live feed of exclusive breach intelligence — sourced from both public and dark web data — to detect when accounts have been exposed in third-party breaches.
The new capability is included with all user-based licenses of WithSecure Cloud Protection for Salesforce at the time of launch and is available now.
For more information, visit: Identity Protection | Salesforce User Credential Breach Monitoring
Press contact: Elisa Mustonen: elisa.mustonen@withsecure.com
About WithSecure™ Cloud Protection for Salesforce
WithSecure Cloud Protection for Salesforce safeguards your cloud environment against advanced cyber threats. You can run your digital business without disruption – free from ransomware, zero-day malware, phishing and compromised account risk. The bespoke solution is built and designed in close collaboration with Salesforce for Salesforce and Agentforce workflows and managed directly from your Salesforce portal.