Salesforce Security: Shield, Event Monitoring, OAuth & Agentforce AI
Your Salesforce org is connected to sales tools, marketing platforms, data warehouses, AI agents, automation tools, customer portals, APIs, and third-party apps. Every connection creates a new path to sensitive customer data.
CalculateForce helps Salesforce teams identify security gaps across Shield, connected apps, OAuth tokens, API access, user permissions, Event Monitoring, sandboxes, and Agentforce AI workflows — with a prioritized remediation plan your admin can actually execute.
- Salesforce-specific security review — not a generic cyber audit
- Connected app and OAuth risk analysis
- API and integration exposure mapping
- Agentforce, Einstein and AI workflow security
- Shield, Event Monitoring, and compliance readiness
- Practical remediation plan your admin can execute
Shield Pricing
How Much Does Salesforce Shield Cost?
Salesforce Shield pricing is contract-dependent, but typical market rates for the three tiers are shown below. Larger organizations commonly negotiate 20–40% below list price.
| Feature | No Shield | Shield | Shield+ / Unlimited+ | Notes |
|---|---|---|---|---|
| Event Monitoring (batch logs) | Login, API, export, report, setup-change logs | |||
| Real-Time Event Monitoring | Streaming events for instant detection & Transaction Security | |||
| Platform Encryption (at rest) | AES-256, customer-managed keys available | |||
| Field Audit Trail | 6 months | 10 years | Standard field history = 18 months; FAT extends this | |
| Transaction Security Policies | Block/alert on logins, exports, API calls by policy | |||
| Security Center | Cross-org security posture dashboard | |||
| Einstein Data Detect | Classifies sensitive fields (PII, PCI, PHI) automatically | |||
| Encryption Key Management | Bring your own key (BYOK), key rotation, caching | |||
| Estimated add-on price/user/mo | $0 | ~$25 | ~$50+ | Actual price is contract-dependent; larger orgs negotiate discounts |
Pricing estimates only. Salesforce does not publish list prices for Shield. Use our product calculator or AI consultant to model Shield cost against your org size and license mix.
Platform Encryption
AES-256 encryption at rest for standard and custom fields. Customer-managed keys (BYOK). Key rotation and caching controls.
Event Monitoring
50+ event types: logins, API calls, report exports, setup changes. Shield+ adds real-time streaming and Transaction Security Policy enforcement.
Field Audit Trail
Retain up to 60 fields per object. Shield: 6-month retention. Shield+: up to 10-year retention for GDPR, SOC 2, HIPAA, and PCI compliance.
Agentforce Security
Salesforce AI Agent Security — 5 Risks to Assess Now
Agentforce, Einstein copilots, and MCP-connected tools create new data access paths that most Salesforce orgs have not fully evaluated.
Risk
Data over-exposure
Agents inherit the permission set of the running user or service account. An admin-level service account gives the agent access to everything.
Fix
Create a dedicated low-privilege agent user. Use permission sets to restrict object and field access to only what the agent needs.
Risk
Ungovernered actions
Agents can call Apex, trigger flows, update records, send emails, or call external APIs if those actions are added to their topic/action library.
Fix
Audit every enabled action in Agentforce. Remove actions the agent doesn't need. Apply action-level permission controls.
Risk
Prompt injection
Malicious text in a CRM record (e.g. a Contact 'Description' field) can instruct an AI agent to perform unauthorized actions.
Fix
Enable Salesforce's prompt injection detection (available in Einstein Trust Layer). Sanitize inputs used in grounding prompts.
Risk
No audit trail
Without Event Monitoring or Shield, AI agent actions (record access, updates, API calls) may not be logged at all.
Fix
Configure Event Monitoring to capture AgentConversation events. Review logs for unusual access volumes or off-hours activity.
Risk
MCP & external tool access
MCP-connected tools can query and act on Salesforce data via natural language. OAuth scopes granted to MCP servers may be broader than intended.
Fix
Audit MCP server OAuth apps. Enforce minimum-scope access. Monitor API calls from AI-connected tools.
Scope
What a Salesforce Security Assessment Covers
Connected Apps & OAuth Security
Connected apps allow external tools to access Salesforce data through OAuth and APIs. Stale, unknown, or over-scoped apps are among the most common sources of Salesforce data exposure.
- All connected apps currently authorized in your org
- OAuth token usage and refresh-token exposure
- Unknown or stale connected apps
- Apps with broad scopes or unclear ownership
- Users who authorized external access
- Admin-approved vs. user-approved access
- High-assurance session requirements
- Token rotation and expiration policies
- Risk from third-party sales, marketing, support, and AI tools
Salesforce API Security
Salesforce APIs are powerful but can be used to extract large volumes of CRM data if access is over-permissioned or poorly monitored.
- API-enabled users and integration users
- API access patterns and bulk export risk
- SOQL query exposure
- Data Loader and third-party integration usage
- API access by profile and permission set
- Login IP ranges and session controls
- Unusual API activity indicators
Salesforce Shield & Event Monitoring
Salesforce Shield provides platform encryption, event monitoring, and field audit trail — but only delivers value when configured correctly and reviewed regularly.
- Event Monitoring coverage and log review
- Login activity, API calls, report exports and list view usage
- Setup change monitoring
- Transaction Security Policies configuration
- Field Audit Trail retention and gaps
- Platform Encryption field coverage
- Security Center readiness
- Real-Time Event Monitoring (Shield+)
Permission, Profile & Permission Set Risk
Permissions accumulate over time. Users change roles, integrations expand, admins create exceptions — and old permission sets remain active.
- Over-permissioned users and excessive admin access
- Risky permission sets
- "View All Data" and "Modify All Data" exposure
- Object-level access risk
- Field-level security gaps
- Public groups and sharing-rule exposure
- Guest user and Experience Cloud risks
- Inactive users with access
- Permission drift over time
Data & Compliance
Salesforce holds customer records, contracts, support cases, financial data, and healthcare information. Understanding what's exposed — and what should be encrypted or masked — is critical.
- Sensitive data locations and unencrypted fields
- Sandbox data exposure
- Report and dashboard visibility
- Data export permissions
- External sharing settings
- Compliance gaps for GDPR, SOC 2, ISO 27001, HIPAA
- Audit trail and evidence readiness
Sandbox & Data Masking
Sandboxes often contain production-like data with weaker controls — exposed to developers, consultants, and third-party tools.
- Sandbox access and production data copies
- Data masking requirements and configuration
- Developer and third-party access
- Sandbox integration connections
- Admin and contractor permissions
Agentforce, Einstein & AI Agent Security
AI agents can search, summarize, update records, call actions, trigger flows, and connect to external systems. This creates new security questions that most orgs haven't fully addressed.
- Which data can an AI agent access?
- Which actions can it perform — and can they be triggered externally?
- Are prompts, topics, and actions properly governed?
- Are AI tools using user-level or broader service account permissions?
- Are MCP servers or AI connectors exposing CRM data?
- Can an external prompt or malicious input cause data leakage?
- Are AI actions logged, audited, and monitored?
- Is Agentforce AI data governance configured in Data Cloud?
CalculateForce helps teams evaluate Salesforce AI security before scaling Agentforce, Einstein copilots, MCP-based integrations, or custom AI workflows.
Field findings
Common Salesforce Security Risks We Find
Unknown Connected Apps
Many orgs have connected apps approved years ago by former admins or users, with no current business owner and no regular access review.
Over-Permissioned Integration Users
Integration users often receive broad permissions to "make the integration work." Over time, these accounts become high-value targets for credential theft.
Shield Purchased but Not Configured
Organizations pay for Salesforce Shield but review logs infrequently, have no Transaction Security Policies, and lack encryption on their most sensitive fields.
Excessive Data Export Access
Users with report export, API, or bulk data permissions can extract large amounts of CRM data with no technical controls.
Risky Sandbox Data
Production data copied into sandboxes can expose customer information to developers, QA engineers, consultants, and third-party tools.
Permission Drift
Profiles and permission sets expand over time. Without regular review, users may retain access they no longer need across role changes and departures.
Weak OAuth Governance
Refresh tokens, broad OAuth scopes, missing high-assurance policies, and unclear connected-app ownership create long-term data exposure.
AI Agent Overreach
Agentforce, Einstein copilots, and MCP-based integrations create powerful access paths when tools, actions, prompts, and permissions are not governed carefully.
Deliverables
What You Get From a Security Assessment
Salesforce Security Risk Report
Clear summary of your security posture, highest-priority risks, and recommended fixes — written for both technical and executive audiences.
Connected App & OAuth Inventory
A practical view of which applications have Salesforce access, who authorized them, what scopes they hold, and what should be reviewed or revoked.
API & Integration Risk Map
A breakdown of how external systems, integration users, and APIs interact with your Salesforce data — with risk scores per integration.
Permission Exposure Review
A review of high-risk permissions, excessive access, admin privileges, and permission-set drift across profiles and groups.
Shield & Event Monitoring Recommendations
Guidance on how to configure Shield, Event Monitoring, Transaction Security Policies, Field Audit Trail, and Platform Encryption for your org size and risk profile.
AI & Agentforce Security Review
Review of AI agents, actions, prompts, tools, permissions, MCP connections, and potential data exposure paths — with configuration recommendations.
Prioritized Remediation Plan
A simple action plan organized by business risk, effort, and urgency — with clear owners for each item.
Coverage
Salesforce Security Domains
Identity & Access
MFA, SSO, session settings, login policies, user access, delegated administration, inactive users, and high-risk profiles.
Data Access
Object permissions, field-level security, sharing rules, role hierarchy, public groups, guest users, reports, dashboards, and exports.
App & Integration Security
Connected apps, external client apps, OAuth scopes, refresh tokens, integration users, API clients, and third-party applications.
Monitoring & Detection
Event Monitoring, Setup Audit Trail, login history, report exports, API calls, transaction security, and anomaly detection coverage.
Data Protection
Platform Encryption, Field Audit Trail, Data Mask, sandbox controls, backup access, and sensitive data handling.
AI & Automation
Agentforce, flows, prompt templates, actions, external tools, MCP connections, AI permissions, Einstein Trust Layer, and automated record updates.
Audience
Who This Assessment Is For
- Salesforce Admins and Architects
- CISOs and security teams
- RevOps and IT leaders
- Compliance and data protection officers
- Companies using Salesforce Shield
- Companies preparing for SOC 2, ISO 27001, GDPR, or HIPAA reviews
- Companies adopting Agentforce, Einstein AI, or MCP integrations
- Companies with many third-party tools connected to Salesforce
Process
How a Salesforce Security Assessment Works
- 1
Step 1: Discovery
1–2 hoursReview your Salesforce architecture, clouds, integrations, AI usage, security tools, compliance requirements, and business priorities.
- 2
Step 2: Configuration Review
2–5 daysAssess connected apps, permissions, API access, Shield, Event Monitoring, sandboxes, sharing, sensitive data exposure, and AI agent configuration.
- 3
Step 3: Risk Prioritization
1 dayIdentify the highest-impact security gaps and separate urgent risks from low-priority configuration cleanup.
- 4
Step 4: Remediation Plan
Delivered in reportYou receive a practical plan with recommended actions, owners, effort level, and expected security impact.
- 5
Step 5: Ongoing Governance
Quarterly cadenceDefine a repeatable review process for connected apps, permissions, integrations, AI agents, and security monitoring.
Get a Salesforce Security Assessment
Find where your Salesforce org is exposed — across Shield, connected apps, OAuth, API access, permissions, Event Monitoring, sandboxes, and AI agents. Includes prioritized remediation plan.
Salesforce Shield & security FAQ
- What is Salesforce Shield?
- Salesforce Shield is an add-on security layer for Salesforce that includes three core capabilities: Platform Encryption (encrypting data at rest using AES-256), Event Monitoring (detailed audit logs of user and API activity), and Field Audit Trail (extended history retention up to 10 years in Shield+). Shield also includes Transaction Security Policies, Security Center, and encryption key management. It is available as an add-on to most Salesforce editions.
- How much does Salesforce Shield cost?
- Salesforce Shield is typically priced at approximately $25 per user per month as an add-on to existing Salesforce licenses, though actual pricing is heavily contract-dependent and larger organizations commonly negotiate discounts. Salesforce Shield+ (available in Unlimited+ or as an upgrade) adds Real-Time Event Monitoring, 10-year Field Audit Trail, and Einstein Data Detect at approximately $50 per user per month. Salesforce does not publicly list Shield pricing — contact your AE or use CalculateForce to model the cost against your current license tier.
- What is the difference between Salesforce Shield and Shield+?
- Salesforce Shield includes Platform Encryption, Event Monitoring (batch logs), Field Audit Trail with 6-month retention, Transaction Security Policies, and Security Center. Shield+ (or Unlimited+) adds Real-Time Event Monitoring (streaming events, not batch), Field Audit Trail with up to 10-year retention, and Einstein Data Detect for automatic PII/PCI/PHI classification. Shield+ is available as part of the Unlimited+ bundle or as an add-on.
- What is Salesforce Platform Encryption?
- Salesforce Platform Encryption allows you to encrypt data at rest across standard and custom fields using AES-256 encryption. It supports customer-managed keys (BYOK — bring your own key), key rotation policies, and key caching. Platform Encryption is available only with Salesforce Shield. Important: not all Salesforce features work on encrypted fields (e.g., certain SOQL filters, formula fields, and workflow criteria may be affected), so field selection requires planning.
- What does Salesforce Event Monitoring track?
- Salesforce Event Monitoring logs 50+ event types including: login events (including MFA usage, IP, browser, and outcome), API calls (volume, endpoint, user), report exports, list view access, URI events, Apex execution, data loader events, setup changes, permission changes, and more. With Shield+, Real-Time Event Monitoring streams these events immediately rather than batch delivery, enabling instant detection and Transaction Security Policy enforcement.
- What is Salesforce Field Audit Trail?
- Field Audit Trail (FAT) extends the standard 18-month field history retention in Salesforce. With Salesforce Shield, FAT retains up to 6 months of history per field. With Shield+, retention extends to 10 years. FAT stores changes to up to 60 fields per object and is useful for compliance requirements under GDPR, SOC 2, HIPAA, and PCI DSS. Data is stored in the Big Object infrastructure and can be queried via SOQL.
- What are Salesforce Transaction Security Policies?
- Transaction Security Policies are rule-based policies that trigger on Salesforce events and can block or alert on specific activity. Examples: block login from outside a country whitelist, alert when a report exports more than 2,000 records, require MFA re-authentication for admin actions, or block bulk API access from unknown IPs. With Shield, policies use Apex or Condition Builder. With Shield+, policies run on real-time streaming events rather than batch logs.
- Does Salesforce Shield solve all Salesforce security problems?
- No. Salesforce Shield is a powerful set of tools, but it solves only a subset of Salesforce security risk. Shield helps with encryption, monitoring, and audit — but it does not prevent over-permissioned connected apps, weak OAuth governance, excessive user permissions, sandbox data exposure, or AI agent overreach. A comprehensive Salesforce security posture requires Shield plus permission governance, connected app review, integration security, and security monitoring processes.
- What is Agentforce security?
- Agentforce security refers to the controls and governance applied to Salesforce AI agents, including: restricting which data the agent can access (via permission sets), limiting which actions it can perform (topic and action library controls), monitoring agent activity via Event Monitoring (AgentConversation events), protecting against prompt injection attacks via Einstein Trust Layer, and auditing MCP-connected tools that interact with Salesforce.
- How does Agentforce change Salesforce security?
- Agentforce and Einstein AI agents can access records, summarize data, update fields, trigger flows, call external APIs, and interact with business workflows — all without a human user explicitly initiating each action. This creates new security considerations: the agent can inherit over-broad permissions, may be susceptible to prompt injection via CRM data, and its actions may not be adequately logged. Security reviews should address agent permissions, action library scope, audit logging, and prompt injection protections before scaling Agentforce deployments.
- What is MCP security for Salesforce?
- MCP (Model Context Protocol) security for Salesforce refers to the risks and controls around AI tools that connect to Salesforce via MCP servers. MCP servers allow AI assistants (Claude, ChatGPT, Copilot) to query and act on Salesforce data. Security concerns include: over-scoped OAuth tokens granted to the MCP server, lack of audit logging for MCP-originated queries, prompt injection risk via CRM data, and unauthorized record modifications. Salesforce MCP security requires reviewing connected app scopes, OAuth governance, and Event Monitoring coverage for API calls originating from AI tools.
- Why is Salesforce connected app security important?
- Connected apps allow external tools to access Salesforce through OAuth and APIs. Stale, unknown, or over-scoped connected apps are among the most common sources of Salesforce data exposure. If a connected app holds a valid refresh token with admin-level scopes, it can access all CRM data indefinitely — even if the user who authorized it has left the company. A connected app audit should be performed quarterly and after any significant integration changes.
- Can Salesforce APIs create a data exposure risk?
- Yes. Salesforce APIs allow large-scale data access. A user or integration with API-enabled permission and a broad profile can extract millions of records via REST, SOAP, or Bulk API with no built-in volume limit. API security should include least-privilege access, dedicated integration users with narrow permissions, login IP restrictions, and regular review of API activity via Event Monitoring.
- Why are sandboxes a security risk?
- Sandboxes often contain full or partial copies of production data but have weaker security controls, broader developer access, and third-party integrations for testing. Without Data Mask configured, a full sandbox contains real customer records accessible to anyone with sandbox access. Sandbox security practices should include Data Mask on sensitive fields, restricted developer access, and removal of external integrations from non-production environments.
- How often should we audit Salesforce security?
- Connected apps, OAuth access, admin permissions, and integration users should be reviewed at least quarterly. Event Monitoring logs should be reviewed weekly (or monitored via Transaction Security Policies in real time). A full security assessment should be performed annually, after major integrations or AI deployments, post-acquisition, or after any security incident involving CRM data.