Do this Salesforce Security Scan NOW!!!

Screen Shot 2016-08-20 at 11.39.10 AMPrior to about a week ago, if you went to this page and requested a Force.com Security Source Code Scan, you would have most likely gotten an error telling you that it could not be done and that you would need to submit a case.

Luckily, Salesforce has resolved this issue and you can now simply go to the link above, enter your credentials and you will be able to scan your org for security and quality rules. The scan will take a while to run (as in several hours or even days perhaps), but I promise it is worth the wait.

What you will get back is a very thorough report that scans your entire codebase for not only security issues (of which I am sure you will be amazed by how many critical violations it will find) but it will also evaluate whether you are utilizing best practices in your code to ensure good quality.

For example, it will scan your code to tell you where you have code that does the following:

  • Queries With No Where Or Limit Clause
  • Multiple Trigger On same sObject
  • Hardcoded Ids
  • DML Statements Inside Loops
  • SOSL SOQL Statements Inside Loops
  • Async Future Method Inside Loops
  • Test Methods With No Assert
  • Need to Bulkify Apex Methods Using Collections In Methods

I think everyone should take the time to have their orgs scanned and review the results. I suspect that even the most diligent of development shops will find some issue that needs to be addressed.

Happy Scanning.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s