Pre-Security Review Service

Pass Security Review with a Proactive Plan

Overview

Trust is Salesforce’s #1 value. ISVs must adopt that value for apps they build on the Salesforce Platform to ensure the highest level of security across the ecosystem. Salesforce created a rigorous process called Security Review to help enforce that trust between ISVs and end customers, which is why Security Review is the last major step an ISV must complete before they can sell in the market.

The Problem

Many ISVs who attempt Security Review on their own don’t pass the first time, and often take 2 or 3 more tries before they do. When you factor in a 4 to 6 week lead time for each review, ISVs who go it alone are risking 6 months to a year of market opportunity.

The CodeScience Approach

CodeScience has extensive experience helping new ISVs pass security review the first time. We’ve combined technology and our team’s expertise to help mitigate the time it takes to pass Security Review.

Our Pre-Security Review Service provides a proactive review and report of your solution so you can address known security issues before submitting your app for Security Review.

Outcomes and Benefits

The CodeScience Pre-Security Review Assessment is available for a single fee of $10,000 and includes the following outcomes and benefits:

  • Checkmarx security scan of your managed package code
  • Analysis of functionality and integration end points to determine appropriate scope for BURP scans
  • BURP integration and web vulnerability scan on up to three API endpoints
  • Code quality and Salesforce ISV development best practices scans of your managed package code
  • Report of Findings with recommendations to address before submitting
    • Critical issues to address vs optional
    • Remediation solution recommendations
    • Recommended false positive documentation language
    • Salesforce resources to support designing application-specific remediation solutions
  • Follow up Q&A meeting after delivery of Report of Findings with CodeScience Technical Architects and subject matter experts to help you understand security recommendations and next steps

Designed to help ISVs accelerate getting into the market, the CodeScience Pre-Security Review is here to help! Connect with us today.

About Us:

For 14 years, CodeScience has designed, built, and supported some of the most complex products on the Salesforce AppExchange for the biggest names in the ecosystem. Top ISVs partner with us to drive commercial success on the AppExchange.

Whether you’re evaluating your opportunity on Salesforce, exploring how your existing product can do more, or somewhere in between, CodeScience can support every step of your journey to – and through – the AppExchange.

Additional Sources

5th Annual State of AppExchange Partners Report

CodeScience's 5th Partners Report explores how Salesforce’s success is lifting up the ISV ecosystem and how you can take advantage of this growth.

How inriver is Filling a Gap for Salesforce Commerce Clouds

This webinar explores how you can gain traction in the ecosystem by filling a gap in the marketplace and attracting more customers.

Product-Led Growth with Magic Robot

A webinar that will teach you how to leverage a product-centric strategy to drive customer acquisition and grow on the AppExchange.