Certinia Product Security

Powered by the Salesforce platform

Because Certinia applications are 100% Salesforce-native, all data processed by Certinia applications resides on the Salesforce cloud platform. Certinia applications therefore benefit from the shared security responsibilities model whereby Salesforce is in charge of protecting the hardware, networks and infrastructure, and we secure our applications which sit on top of the Salesforce platform.

Visit the Salesforce Security page for more information.

Product Security Measures

Certinia’s software development lifecycle incorporates a range of security measures, including:

Salesforce AppExchange Security Review

Certinia applications are submitted to Salesforce as part of the AppExchange Security Review process. Salesforce provides the AppExchange Security Review program to assess the security posture of ISV applications published on the AppExchange against industry best practices for security.

During ISV Security Reviews, for OWASP top ten vulnerabilities and Salesforce-specific weaknesses and vulnerabilities are tested by means of automated tools and manual code inspection.

Application Controls

Certinia Financial Management applications include rigorous controls designed to ensure we keep our customer’s data secure.

These application controls include:

Additional Product Security Resources

Trust and Compliance Documentation