Most Salesforce teams recognize the need to shift left on security, but translating that intention into day‑to‑day practice can be elusive. Hardcoded credentials, over‑privileged service accounts, and inconsistent pipeline controls persist as exploitable gaps, especially in fast‑moving orgs with complex CI/CD, multiple sandboxes, and frequent metadata changes.
In this session, Mala Punyani, Director of Engineering at Docusign, shares practical, scalable strategies to embed security earlier in the lifecycle without slowing delivery. Attendees will learn how to eradicate secrets at the source (from local dev through version control), right‑size service account access with least‑privilege and scoped tokens, and standardize CI/CD gates that automatically enforce quality and compliance across orgs. We’ll cover policy‑as‑code for deploy pipelines, automated static and config checks tailored to Salesforce patterns, controlled sandbox data practices, and measurable guardrails that keep teams shipping safely. You’ll leave with a concrete blueprint tools, controls, and operating habits that makes shift left real for Salesforce.
Register for this online event and get your questions about Salesforce security answered live.