Salesforce event monitoring — under the hood

The underlying architecture for detecting threats, taking action and monitoring your Salesforce implementation

Image for post
Image for post
Photo by Niv Singer on Unsplash
Image for post
Image for post
Application events are persisted to file storage
Image for post
Image for post
50 event types are persisted into a customers Salesforce org

Transaction Security

Image for post
Image for post
9 events made available for Transaction Security Policies

Event Storage

Image for post
Image for post
Real time events backed by scalable storage

Real Time Event Streaming

Image for post
Image for post
Real time events are published to the Salesforce event bus to allow customers to stream them

Threat Detection

Image for post
Image for post
Threat detection subscribes to events to look for anomalies

Credential Stuffing

Image for post
Image for post
Credential stuffing — what it is, how it’s detected and how we remediate it. *The analysis, detection and remediation is enabled for all customers. The ability to capture the event requires Event Monitoring.

Session Hijacking

Image for post
Image for post
Session hijacking — what it is, how it’s detected and how we remediate it. *The analysis, detection and remediation is enabled for all customers. The ability to capture the event requires Event Monitoring.

2 x Anomaly Events (Report and API)

Image for post
Image for post
Anomalous behaviour — the types and how they’re detected. Customers need Event Monitoring to capture these events.

Reporting and Analytics

No Enterprise Tools

Enterprise Tools

Image for post
Image for post
The underlying components of Event Monitoring and how they work together

Summary

Further Reading

Cloud architect || Problem solver || Interested in solving unique challenges using different cloud service providers || All opinions are mine.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store