DEVOPSdigest

Opsera announced the latest enhancements to its Salesforce DevOps platform that ensures the highest security and compliance standards are met for Salesforce releases through source-driven development and native integrations with security tools.

Securing and maintaining Salesforce releases is a major challenge for engineering teams. Every change and additional tool in the pipeline introduces complex and manual work. Today's modern CI/CD environments prioritize speed of releases, meaning security often becomes an afterthought, is addressed late in the release process, or ignored entirely.

With Opsera, security is built-in by design with templatized workflows to add vital security and authenticity checks, customizable gates, thresholds, and other quality controls throughout the Salesforce release process. Opsera enables secure Salesforce releases through:

■ Source-Driven Development: Opsera's source-driven development allows developers to continuously deliver changes to the Salesforce platform in an efficient and controlled manner. Unlike other Salesforce DevOps platforms, Opsera integrates with existing DevOps toolchains including source code management tools, git scanners, code scanners, test automation and more – along with governance processes.

■ Security Tool Integrations: Opsera's Salesforce DevOps platform integrates with CodeAnalyzer, SonarQube and any native static application security testing (SAST) to scan apex code for code coverage, bugs, vulnerabilities, best practices, etc. Opsera also includes a native Hashicorp Vault integration for credentials management in a single click.

■ Static Code Analysis: Static code analysis gives programmers a better grasp of their code base and ensures it is secure and compliant. With Opsera, users easily connect Git accounts inside Opsera pipelines and quickly check the quality of their code using a native code analyzer or tools like SonarQube.

■ Scan for Secrets: Opsera's GitCustodian focuses on Git security to prevent secrets, tokens or any other sensitive information from being leaked. GitCustodian verifies that there are fewer vulnerabilities and coding problems by scanning all branches in private repositories. GitCustodian is a free tool which can be downloaded here with no login required.

"Salesforce releases are cumbersome and challenging to secure," said Kumar Chivukula, CEO and co-founder of Opsera. "With Opsera's Salesforce DevOps platform, Salesforce developers, architects and admins are enabled to improve security, agility and productivity significantly. They can go to market faster by 65% and improve security and quality posture by 60%."