Salesforce Security: Shield, Event Monitoring, OAuth & Agentforce AI

    Your Salesforce org is connected to sales tools, marketing platforms, data warehouses, AI agents, automation tools, customer portals, APIs, and third-party apps. Every connection creates a new path to sensitive customer data.

    CalculateForce helps Salesforce teams identify security gaps across Shield, connected apps, OAuth tokens, API access, user permissions, Event Monitoring, sandboxes, and Agentforce AI workflows — with a prioritized remediation plan your admin can actually execute.

    • Salesforce-specific security review — not a generic cyber audit
    • Connected app and OAuth risk analysis
    • API and integration exposure mapping
    • Agentforce, Einstein and AI workflow security
    • Shield, Event Monitoring, and compliance readiness
    • Practical remediation plan your admin can execute

    Shield Pricing

    How Much Does Salesforce Shield Cost?

    Salesforce Shield pricing is contract-dependent, but typical market rates for the three tiers are shown below. Larger organizations commonly negotiate 20–40% below list price.

    FeatureNo ShieldShieldShield+ / Unlimited+Notes
    Event Monitoring (batch logs)Login, API, export, report, setup-change logs
    Real-Time Event MonitoringStreaming events for instant detection & Transaction Security
    Platform Encryption (at rest)AES-256, customer-managed keys available
    Field Audit Trail6 months10 yearsStandard field history = 18 months; FAT extends this
    Transaction Security PoliciesBlock/alert on logins, exports, API calls by policy
    Security CenterCross-org security posture dashboard
    Einstein Data DetectClassifies sensitive fields (PII, PCI, PHI) automatically
    Encryption Key ManagementBring your own key (BYOK), key rotation, caching
    Estimated add-on price/user/mo$0~$25~$50+Actual price is contract-dependent; larger orgs negotiate discounts

    Pricing estimates only. Salesforce does not publish list prices for Shield. Use our product calculator or AI consultant to model Shield cost against your org size and license mix.

    Shield

    Platform Encryption

    AES-256 encryption at rest for standard and custom fields. Customer-managed keys (BYOK). Key rotation and caching controls.

    Shield

    Event Monitoring

    50+ event types: logins, API calls, report exports, setup changes. Shield+ adds real-time streaming and Transaction Security Policy enforcement.

    Shield+

    Field Audit Trail

    Retain up to 60 fields per object. Shield: 6-month retention. Shield+: up to 10-year retention for GDPR, SOC 2, HIPAA, and PCI compliance.

    Agentforce Security

    Salesforce AI Agent Security — 5 Risks to Assess Now

    Agentforce, Einstein copilots, and MCP-connected tools create new data access paths that most Salesforce orgs have not fully evaluated.

    1

    Risk

    Data over-exposure

    Agents inherit the permission set of the running user or service account. An admin-level service account gives the agent access to everything.

    Fix

    Create a dedicated low-privilege agent user. Use permission sets to restrict object and field access to only what the agent needs.

    2

    Risk

    Ungovernered actions

    Agents can call Apex, trigger flows, update records, send emails, or call external APIs if those actions are added to their topic/action library.

    Fix

    Audit every enabled action in Agentforce. Remove actions the agent doesn't need. Apply action-level permission controls.

    3

    Risk

    Prompt injection

    Malicious text in a CRM record (e.g. a Contact 'Description' field) can instruct an AI agent to perform unauthorized actions.

    Fix

    Enable Salesforce's prompt injection detection (available in Einstein Trust Layer). Sanitize inputs used in grounding prompts.

    4

    Risk

    No audit trail

    Without Event Monitoring or Shield, AI agent actions (record access, updates, API calls) may not be logged at all.

    Fix

    Configure Event Monitoring to capture AgentConversation events. Review logs for unusual access volumes or off-hours activity.

    5

    Risk

    MCP & external tool access

    MCP-connected tools can query and act on Salesforce data via natural language. OAuth scopes granted to MCP servers may be broader than intended.

    Fix

    Audit MCP server OAuth apps. Enforce minimum-scope access. Monitor API calls from AI-connected tools.

    Scope

    What a Salesforce Security Assessment Covers

    Connected Apps & OAuth Security

    Connected apps allow external tools to access Salesforce data through OAuth and APIs. Stale, unknown, or over-scoped apps are among the most common sources of Salesforce data exposure.

    • All connected apps currently authorized in your org
    • OAuth token usage and refresh-token exposure
    • Unknown or stale connected apps
    • Apps with broad scopes or unclear ownership
    • Users who authorized external access
    • Admin-approved vs. user-approved access
    • High-assurance session requirements
    • Token rotation and expiration policies
    • Risk from third-party sales, marketing, support, and AI tools

    Salesforce API Security

    Salesforce APIs are powerful but can be used to extract large volumes of CRM data if access is over-permissioned or poorly monitored.

    • API-enabled users and integration users
    • API access patterns and bulk export risk
    • SOQL query exposure
    • Data Loader and third-party integration usage
    • API access by profile and permission set
    • Login IP ranges and session controls
    • Unusual API activity indicators

    Salesforce Shield & Event Monitoring

    Salesforce Shield provides platform encryption, event monitoring, and field audit trail — but only delivers value when configured correctly and reviewed regularly.

    • Event Monitoring coverage and log review
    • Login activity, API calls, report exports and list view usage
    • Setup change monitoring
    • Transaction Security Policies configuration
    • Field Audit Trail retention and gaps
    • Platform Encryption field coverage
    • Security Center readiness
    • Real-Time Event Monitoring (Shield+)

    Permission, Profile & Permission Set Risk

    Permissions accumulate over time. Users change roles, integrations expand, admins create exceptions — and old permission sets remain active.

    • Over-permissioned users and excessive admin access
    • Risky permission sets
    • "View All Data" and "Modify All Data" exposure
    • Object-level access risk
    • Field-level security gaps
    • Public groups and sharing-rule exposure
    • Guest user and Experience Cloud risks
    • Inactive users with access
    • Permission drift over time

    Data & Compliance

    Salesforce holds customer records, contracts, support cases, financial data, and healthcare information. Understanding what's exposed — and what should be encrypted or masked — is critical.

    • Sensitive data locations and unencrypted fields
    • Sandbox data exposure
    • Report and dashboard visibility
    • Data export permissions
    • External sharing settings
    • Compliance gaps for GDPR, SOC 2, ISO 27001, HIPAA
    • Audit trail and evidence readiness

    Sandbox & Data Masking

    Sandboxes often contain production-like data with weaker controls — exposed to developers, consultants, and third-party tools.

    • Sandbox access and production data copies
    • Data masking requirements and configuration
    • Developer and third-party access
    • Sandbox integration connections
    • Admin and contractor permissions

    Agentforce, Einstein & AI Agent Security

    AI agents can search, summarize, update records, call actions, trigger flows, and connect to external systems. This creates new security questions that most orgs haven't fully addressed.

    • Which data can an AI agent access?
    • Which actions can it perform — and can they be triggered externally?
    • Are prompts, topics, and actions properly governed?
    • Are AI tools using user-level or broader service account permissions?
    • Are MCP servers or AI connectors exposing CRM data?
    • Can an external prompt or malicious input cause data leakage?
    • Are AI actions logged, audited, and monitored?
    • Is Agentforce AI data governance configured in Data Cloud?

    CalculateForce helps teams evaluate Salesforce AI security before scaling Agentforce, Einstein copilots, MCP-based integrations, or custom AI workflows.

    Field findings

    Common Salesforce Security Risks We Find

    Unknown Connected Apps

    Many orgs have connected apps approved years ago by former admins or users, with no current business owner and no regular access review.

    Over-Permissioned Integration Users

    Integration users often receive broad permissions to "make the integration work." Over time, these accounts become high-value targets for credential theft.

    Shield Purchased but Not Configured

    Organizations pay for Salesforce Shield but review logs infrequently, have no Transaction Security Policies, and lack encryption on their most sensitive fields.

    Excessive Data Export Access

    Users with report export, API, or bulk data permissions can extract large amounts of CRM data with no technical controls.

    Risky Sandbox Data

    Production data copied into sandboxes can expose customer information to developers, QA engineers, consultants, and third-party tools.

    Permission Drift

    Profiles and permission sets expand over time. Without regular review, users may retain access they no longer need across role changes and departures.

    Weak OAuth Governance

    Refresh tokens, broad OAuth scopes, missing high-assurance policies, and unclear connected-app ownership create long-term data exposure.

    AI Agent Overreach

    Agentforce, Einstein copilots, and MCP-based integrations create powerful access paths when tools, actions, prompts, and permissions are not governed carefully.

    Deliverables

    What You Get From a Security Assessment

    Salesforce Security Risk Report

    Clear summary of your security posture, highest-priority risks, and recommended fixes — written for both technical and executive audiences.

    Connected App & OAuth Inventory

    A practical view of which applications have Salesforce access, who authorized them, what scopes they hold, and what should be reviewed or revoked.

    API & Integration Risk Map

    A breakdown of how external systems, integration users, and APIs interact with your Salesforce data — with risk scores per integration.

    Permission Exposure Review

    A review of high-risk permissions, excessive access, admin privileges, and permission-set drift across profiles and groups.

    Shield & Event Monitoring Recommendations

    Guidance on how to configure Shield, Event Monitoring, Transaction Security Policies, Field Audit Trail, and Platform Encryption for your org size and risk profile.

    AI & Agentforce Security Review

    Review of AI agents, actions, prompts, tools, permissions, MCP connections, and potential data exposure paths — with configuration recommendations.

    Prioritized Remediation Plan

    A simple action plan organized by business risk, effort, and urgency — with clear owners for each item.

    Coverage

    Salesforce Security Domains

    Identity & Access

    MFA, SSO, session settings, login policies, user access, delegated administration, inactive users, and high-risk profiles.

    Data Access

    Object permissions, field-level security, sharing rules, role hierarchy, public groups, guest users, reports, dashboards, and exports.

    App & Integration Security

    Connected apps, external client apps, OAuth scopes, refresh tokens, integration users, API clients, and third-party applications.

    Monitoring & Detection

    Event Monitoring, Setup Audit Trail, login history, report exports, API calls, transaction security, and anomaly detection coverage.

    Data Protection

    Platform Encryption, Field Audit Trail, Data Mask, sandbox controls, backup access, and sensitive data handling.

    AI & Automation

    Agentforce, flows, prompt templates, actions, external tools, MCP connections, AI permissions, Einstein Trust Layer, and automated record updates.

    Audience

    Who This Assessment Is For

    • Salesforce Admins and Architects
    • CISOs and security teams
    • RevOps and IT leaders
    • Compliance and data protection officers
    • Companies using Salesforce Shield
    • Companies preparing for SOC 2, ISO 27001, GDPR, or HIPAA reviews
    • Companies adopting Agentforce, Einstein AI, or MCP integrations
    • Companies with many third-party tools connected to Salesforce

    Process

    How a Salesforce Security Assessment Works

    1. 1

      Step 1: Discovery

      1–2 hours

      Review your Salesforce architecture, clouds, integrations, AI usage, security tools, compliance requirements, and business priorities.

    2. 2

      Step 2: Configuration Review

      2–5 days

      Assess connected apps, permissions, API access, Shield, Event Monitoring, sandboxes, sharing, sensitive data exposure, and AI agent configuration.

    3. 3

      Step 3: Risk Prioritization

      1 day

      Identify the highest-impact security gaps and separate urgent risks from low-priority configuration cleanup.

    4. 4

      Step 4: Remediation Plan

      Delivered in report

      You receive a practical plan with recommended actions, owners, effort level, and expected security impact.

    5. 5

      Step 5: Ongoing Governance

      Quarterly cadence

      Define a repeatable review process for connected apps, permissions, integrations, AI agents, and security monitoring.

    Get a Salesforce Security Assessment

    Find where your Salesforce org is exposed — across Shield, connected apps, OAuth, API access, permissions, Event Monitoring, sandboxes, and AI agents. Includes prioritized remediation plan.

    Salesforce Shield & security FAQ

    What is Salesforce Shield?
    Salesforce Shield is an add-on security layer for Salesforce that includes three core capabilities: Platform Encryption (encrypting data at rest using AES-256), Event Monitoring (detailed audit logs of user and API activity), and Field Audit Trail (extended history retention up to 10 years in Shield+). Shield also includes Transaction Security Policies, Security Center, and encryption key management. It is available as an add-on to most Salesforce editions.
    How much does Salesforce Shield cost?
    Salesforce Shield is typically priced at approximately $25 per user per month as an add-on to existing Salesforce licenses, though actual pricing is heavily contract-dependent and larger organizations commonly negotiate discounts. Salesforce Shield+ (available in Unlimited+ or as an upgrade) adds Real-Time Event Monitoring, 10-year Field Audit Trail, and Einstein Data Detect at approximately $50 per user per month. Salesforce does not publicly list Shield pricing — contact your AE or use CalculateForce to model the cost against your current license tier.
    What is the difference between Salesforce Shield and Shield+?
    Salesforce Shield includes Platform Encryption, Event Monitoring (batch logs), Field Audit Trail with 6-month retention, Transaction Security Policies, and Security Center. Shield+ (or Unlimited+) adds Real-Time Event Monitoring (streaming events, not batch), Field Audit Trail with up to 10-year retention, and Einstein Data Detect for automatic PII/PCI/PHI classification. Shield+ is available as part of the Unlimited+ bundle or as an add-on.
    What is Salesforce Platform Encryption?
    Salesforce Platform Encryption allows you to encrypt data at rest across standard and custom fields using AES-256 encryption. It supports customer-managed keys (BYOK — bring your own key), key rotation policies, and key caching. Platform Encryption is available only with Salesforce Shield. Important: not all Salesforce features work on encrypted fields (e.g., certain SOQL filters, formula fields, and workflow criteria may be affected), so field selection requires planning.
    What does Salesforce Event Monitoring track?
    Salesforce Event Monitoring logs 50+ event types including: login events (including MFA usage, IP, browser, and outcome), API calls (volume, endpoint, user), report exports, list view access, URI events, Apex execution, data loader events, setup changes, permission changes, and more. With Shield+, Real-Time Event Monitoring streams these events immediately rather than batch delivery, enabling instant detection and Transaction Security Policy enforcement.
    What is Salesforce Field Audit Trail?
    Field Audit Trail (FAT) extends the standard 18-month field history retention in Salesforce. With Salesforce Shield, FAT retains up to 6 months of history per field. With Shield+, retention extends to 10 years. FAT stores changes to up to 60 fields per object and is useful for compliance requirements under GDPR, SOC 2, HIPAA, and PCI DSS. Data is stored in the Big Object infrastructure and can be queried via SOQL.
    What are Salesforce Transaction Security Policies?
    Transaction Security Policies are rule-based policies that trigger on Salesforce events and can block or alert on specific activity. Examples: block login from outside a country whitelist, alert when a report exports more than 2,000 records, require MFA re-authentication for admin actions, or block bulk API access from unknown IPs. With Shield, policies use Apex or Condition Builder. With Shield+, policies run on real-time streaming events rather than batch logs.
    Does Salesforce Shield solve all Salesforce security problems?
    No. Salesforce Shield is a powerful set of tools, but it solves only a subset of Salesforce security risk. Shield helps with encryption, monitoring, and audit — but it does not prevent over-permissioned connected apps, weak OAuth governance, excessive user permissions, sandbox data exposure, or AI agent overreach. A comprehensive Salesforce security posture requires Shield plus permission governance, connected app review, integration security, and security monitoring processes.
    What is Agentforce security?
    Agentforce security refers to the controls and governance applied to Salesforce AI agents, including: restricting which data the agent can access (via permission sets), limiting which actions it can perform (topic and action library controls), monitoring agent activity via Event Monitoring (AgentConversation events), protecting against prompt injection attacks via Einstein Trust Layer, and auditing MCP-connected tools that interact with Salesforce.
    How does Agentforce change Salesforce security?
    Agentforce and Einstein AI agents can access records, summarize data, update fields, trigger flows, call external APIs, and interact with business workflows — all without a human user explicitly initiating each action. This creates new security considerations: the agent can inherit over-broad permissions, may be susceptible to prompt injection via CRM data, and its actions may not be adequately logged. Security reviews should address agent permissions, action library scope, audit logging, and prompt injection protections before scaling Agentforce deployments.
    What is MCP security for Salesforce?
    MCP (Model Context Protocol) security for Salesforce refers to the risks and controls around AI tools that connect to Salesforce via MCP servers. MCP servers allow AI assistants (Claude, ChatGPT, Copilot) to query and act on Salesforce data. Security concerns include: over-scoped OAuth tokens granted to the MCP server, lack of audit logging for MCP-originated queries, prompt injection risk via CRM data, and unauthorized record modifications. Salesforce MCP security requires reviewing connected app scopes, OAuth governance, and Event Monitoring coverage for API calls originating from AI tools.
    Why is Salesforce connected app security important?
    Connected apps allow external tools to access Salesforce through OAuth and APIs. Stale, unknown, or over-scoped connected apps are among the most common sources of Salesforce data exposure. If a connected app holds a valid refresh token with admin-level scopes, it can access all CRM data indefinitely — even if the user who authorized it has left the company. A connected app audit should be performed quarterly and after any significant integration changes.
    Can Salesforce APIs create a data exposure risk?
    Yes. Salesforce APIs allow large-scale data access. A user or integration with API-enabled permission and a broad profile can extract millions of records via REST, SOAP, or Bulk API with no built-in volume limit. API security should include least-privilege access, dedicated integration users with narrow permissions, login IP restrictions, and regular review of API activity via Event Monitoring.
    Why are sandboxes a security risk?
    Sandboxes often contain full or partial copies of production data but have weaker security controls, broader developer access, and third-party integrations for testing. Without Data Mask configured, a full sandbox contains real customer records accessible to anyone with sandbox access. Sandbox security practices should include Data Mask on sensitive fields, restricted developer access, and removal of external integrations from non-production environments.
    How often should we audit Salesforce security?
    Connected apps, OAuth access, admin permissions, and integration users should be reviewed at least quarterly. Event Monitoring logs should be reviewed weekly (or monitored via Transaction Security Policies in real time). A full security assessment should be performed annually, after major integrations or AI deployments, post-acquisition, or after any security incident involving CRM data.

    Related Salesforce Tools