Side-by-Side Overview
Salesforce file scanning vs. WithSecure Cloud Protection
Salesforce provides a basic file scanning capability as part of its platform security controls.
WithSecure Cloud Protection for Salesforce is an enterprise-grade security solution that detects and stops malware, phishing, QR code attacks, and compromised identities – protecting your users and AI agents.
Trusted by Fortune 500 companies and governments.
FEATURE COMPARISON
Core Features
WithSecure Cloud Protection for Salesforce is a Salesforce-native cybersecurity solution, delivering end-to-end protection, deeper detection, regional processing options, and expanded operational controls.
Salesforce’s native scanning is a Salesforce sub-feature that provides basic non-configurable scanning for Salesforce Files (ContentVersion) object only.
100% Salesforce native architecture
Both deploy in minutes without API connections nor extra portals. Salesforce’s native scanning is enabled via the settings, Cloud Protection for Salesforce is deployed via AppExchange.
Malware scanning in Salesforce Files object
Cloud Protection for Salesforce supports scanning of Salesforce Attachment and Files objects
Malware scanning in Salesforce Attachment object
Cloud Protection for Salesforce supports scanning of Salesforce Attachment and Files objects
URL scanning
Cloud Protection for Salesforce supports all Salesforce standard and custom objects and fields that could contain URLs. Salesforce’s native scanning does not scan URLs at all.
Agentforce support
Cloud Protection for Salesforce has full Agentforce coverage
Identity Protection
WithSecure Cloud Protection for Salesforce provides continuous monitoring of internal and external identities, enriched breach intelligence, and detection of exposed or high-risk accounts.
Automatic updates
Automatic software updates and continuous improvements.
Data processing within the country of your choice
Cloud Protection for Salesforce data processing region can be set to EU, USA, Canada, Australia, Japan, or Singapore. Salesforce’s native scanning is fixed to org’s location.
FEATURE COMPARISON
General Detection Capabilities
WithSecure Cloud Protection for Salesforce applies layered detection methods, including real-time threat intelligence, heuristics, machine learning, and behavioral sandboxing, to detect both known and emerging threats.
Salesforce’s native scanning uses signature-based detection to identify known malware.
Signature-based malware detection
Both utilize databases for known threats
Real-time signature database updates
Cloud Protection for Salesforce uses real-time threat intelligence continuously updated from global telemetry, enabling faster detection of newly emerging threats.
Automated Reputation Analysis
Cloud Protection for Salesforce uses real-time threat assessment based on global threat intelligence and reputation data.
Heuristic Detection Engines
Cloud Protection for Salesforce identifies unknown threats by evaluating suspicious file characteristics and indicators beyond known malware signatures.
Advanced Machine Learning Models
Cloud Protection for Salesforce uses AI-driven analysis to detect and mitigate emerging and previously unseen threats.
Cloud Behavioural Sandboxing
Cloud Protection for Salesforce executes suspicious files in a secure and controlled cloud environment to observe malicious bahaviour.
FEATURE COMPARISON
File Protection
WithSecure Cloud Protection for Salesforce extends file protection across Files and Attachments, offering deeper inspection, broader file support, continuous reassessment, and detection of common evasion techniques.
Salesforce’s native scanning scans Salesforce Files to detect known malicious content and block access when threats are identified.
Detect malicious files on upload – Salesforce Files (ContentVersions)
Both scan for malicious files upon upload to ContentVersion.
Detect malicious files on upload – Salesforce Attachments
Cloud Protection for Salesforce is able to scan files uploaded to Salesforce Attachments.
Detect malicious files on download – Salesforce Files (ContentVersions)
Salesforce’s native scanning is able to scan files stored in ContentVersion if it was not previously scanned, while Cloud Protection for Salesforce always scans the files to ensure users are protected from those that became known threats after the previous scan.
Manual scanning for existing files
Both support on-demand scanning.
Automated scheduled scanning
Salesforce’s native scanning only supports manual on-demand scanning. Cloud Protection for Salesforce offers automatic scheduled rescans.
Detect malicious URLs inside files
Cloud Protection for Salesforce scans embedded URLs in files to block malicious links hidden within documents.
Detect malicious QR codes
Cloud Protection for Salesforce processes QR code images to identify QR code-based attacks that redirect users to phishing or malicious websites.
Detect file type spoofing
Cloud Protection for Salesforce identifies files that disguise their true type to appear harmless.
Detect and block password-protected archives
Cloud Protection for Salesforce blocks encrypted archive files that cannot be inspected safely.
Detect and block password-protected Office files
Cloud Protection for Salesforce blocks encrypted Office files commonly used to evade scanning.
Detect and block password-protected PDF-files
Cloud Protection for Salesforce blocks encrypted PDF documents that may conceal malicious content.
Detect and block Office files with macros
Cloud Protection for Salesforce blocks macro-enabled Office files that may execute malicious code.
Scan files up to 800 MB
FEATURE COMPARISON
URL Protection
WithSecure Cloud Protection for Salesforce inspects URLs across Salesforce objects and workflows, detecting phishing, malicious links, short URLs, and newly registered domains at the time of posting and use.
Salesforce’s native scanning does not provide URL inspection as part of its file scanning functionality.WithSecure Cloud Protection for Salesforce inspects URLs across Salesforce objects and workflows, detecting phishing, malicious links, short URLs, and newly registered domains at the time of posting and use.
Scan URLs in all Salesforce standard and custom objects and fields
Cloud Protection for Salesforce inspects URLs across Salesforce records, including standard and custom objects and fields.
Detect malicious URLs at time of post
Detect malicious URLs at time of click
Cloud Protection for Salesforce always scans at the time of clicking the URL to ensure users are protected from those that became known threats after the previous scan.
Block unwanted website categories
Cloud Protection for Salesforce prevents access to websites based on predefined content categories.
Detect newly registered domains
Cloud Protection for Salesforce blocks access to recently created domains commonly used in phishing campaigns.
Detect malicious short links
Cloud Protection for Salesforce expands and analyzes shortened URLs to uncover hidden malicious destinations.
FEATURE COMPARISON
Identity Protection
WithSecure Cloud Protection for Salesforce provides continuous monitoring of internal and external identities, enriched breach intelligence, and detection of exposed or high-risk accounts.
Salesforce’s native scanning does not include identity risk monitoring capabilities.
Continuous exposure scanning
Cloud Protection for Salesforce continuously monitors user identities for signs of exposure or compromise.
Internal and community user coverage
Cloud Protection for Salesforce Identity Protection covers identities for both internal Salesforce users and external community or portal users.
Enriched breach intelligence
Cloud Protection for Salesforce provides detailed breach context for each exposed identity.
Continuous scanning
Cloud Protection for Salesforce continuously scans to identify newly exposed identities.
12-month breach history
FEATURE COMPARISON
Security Visibility and Analytics
WithSecure Cloud Protection for Salesforce delivers advanced visibility through real-time analytics, dashboards, detailed detection context, extended log retention, and SIEM integration.
Salesforce’s native scanning provides basic detection results within the Salesforce environment.
Real-time security analytics for file, URL, and identity events
Real-time security analytics for identities at risk
Threat hunting capabilities
Cloud Protection for Salesforce enables investigation and analysis of security events.
Full detection details
Cloud Protection for Salesforce provides detailed context and metadata for each detected threat.
Out-of-box and custom dashboards
Customized email alerts
Full forensics trails
24 months log retention
SIEM integration
FEATURE COMPARISON
Response and handling
WithSecure Cloud Protection for Salesforce supports automated and managed response, including quarantine, remediation, threat reporting, and access to dedicated security expertise.
Salesforce’s native scanning blocks access to detected malicious files and relies on manual administrative actions for follow-up.
Remove or block malicious files on download
Both solutions prevent the download of malicious files and display a warning message when a download is attempted.
Remove malicious files on upload
Cloud Protection for Salesforce automatically quarantines and replaces the malicious file upon upload with a warning message.
False positive threat reporting
Cloud Protection for Salesforce allows customers to report incorrectly flagged detections for both files and URLs. With Salesforce’s native scanning, false positives are handled manually by admins by overriding the file status and marking it as clean.
False negative threat report
Cloud Protection for Salesforce allows customers to submit potentially malicious content for further analysis and detection support by security specialists.
Dedicated technical and threat analysis support
Cloud Protection for Salesforce provides access to cybersecurity specialists for investigation and analysis assistance.
Quarantine management for malicious files
Cloud Protection for Salesforce isolates detected malicious files to prevent access while maintaining visibility. Salesforce’s native scanning blocks file downloads by default, but the file remains stored in the org without isolation.
Disable access to malicious URLs
Cloud Protection for Salesforce neutralizes malicious links by replacing them with non-clickable versions, reducing the risk of accidental execution.
#1 Cyber Security Solution for Modern Salesforce Threats
Stop malware, phishing, and QR code attacks.
Detect compromised identities, and protect your users and AI agents.
Trusted by Fortune 500 companies and governments worldwide.
Malware protection
Stop malicious files
URL protection
Stop malicious links
Identity protection
Protect your Salesforce users
Protection for Agentforce
Protect your AI agents
QR code protection
QR scan code threats
We are committed to high compliance
We provide all necessary certificates and information to reassure you and your stakeholders. See more details on our Trust Center.
ISAE 3000 Type 2
WithSecure™ Cloud Protection for Salesforce has ISAE 3000 Type 2 (international equivalent of SOC2 Type 2) assurance report, ensuring your data is managed securely,
ISO 27001
WithSecure™ is ISO 27001 certified, validating our rigorous data security practices. This prestigious certification confirms our adherence to the highest information standards.
EU GDPR
WithSecure™ helps organizations adhere to General Data Protection Regulation (GDPR) requirements, ensuring the secure handling of European citizens’ personal data.
SecurityScoreCard
WithSecure™ holds the highest cyber security vendor ranking from SecurityScoreCard, which evaluates companies on 10 key security factors, including remediation speed and risk mitigation.
Get a Free Demo
THE #1 SALESFORCE MALWARE PROTECTION SOLUTION
Fill the form and get:
Free 15-day trial – test the product without limitations
Real attack simulation and product demo
Free customized and actionable risk assessment
