What is the security status of force.com?

force.com has a security score of 67/100, rated as Moderate Risk. The website may have security concerns that should be addressed.

Is force.com safe to use?

Our security scan shows force.com is Moderate Risk. SSL security issues detected. Always practice safe browsing habits.

Does force.com have viruses?

Our comprehensive security scan analyzes multiple security factors. Based on the overall security score of 67/100, the website is rated as Moderate Risk. However, websites can change over time, so always use updated security software.

What is force.com's trust score?

force.com has a security score of 67/100. This score is based on multiple factors including SSL security, security headers, DNS health, and compliance checks.

Is force.com Safe? Security Analysis for Salesforce

https://force.com

Check if force.com is a scam or legitimate. Free security scan and reviews.

TechnologyUnited Statesenterprise

JavaScriptVidyard video playerGoogle Tag ManagerOneTrust (cookie consent)Optimizely (A/B testing)+2 more

Analyzed 9/5/2025Completed 12:36:43 AM

Security Score

MEDIUM RISK

AI Summary

Salesforce is a leading enterprise cloud computing company specializing in CRM, AI, data, and application development platforms. The Salesforce Platform integrates multiple capabilities including AI-powered agents, data cloud, security, and low-code development tools to empower businesses to build scalable and secure applications. The company holds a strong market position with a comprehensive product portfolio and a global enterprise customer base. Technically, the website demonstrates modern infrastructure, fast performance, and excellent mobile optimization, leveraging Salesforce's proprietary frameworks and third-party tools for analytics and consent management. Security posture is robust with HTTPS, security headers, and compliance certifications such as ISO 27001 and SOC 2. Privacy policies and cookie consent mechanisms are well implemented, reflecting GDPR compliance. Overall, the website and platform exhibit high professionalism, trustworthiness, and technical maturity.

Detected Technologies

JavaScriptVidyard video playerGoogle Tag ManagerOneTrust (cookie consent)Optimizely (A/B testing)Boomerang (performance monitoring)Salesforce proprietary frameworks

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

Salesforce operates primarily in the technology sector, targeting enterprises and IT professionals seeking CRM, AI, and cloud platform solutions. Its business model is SaaS-based with revenue streams from subscriptions to various platform tiers and add-ons. The company has strategic subsidiaries like MuleSoft and Tableau that enhance integration and analytics capabilities. Salesforce's competitive advantage lies in its unified platform approach, extensive ecosystem, and strong brand reputation. Growth indicators include continuous product innovation, AI integration, and expansion into security and compliance domains. The partnership ecosystem includes integrations with major cloud and analytics providers. Salesforce maintains a strong global presence with a focus on compliance and data privacy.

Security Posture Analysis

Comprehensive Security Assessment

Salesforce demonstrates a mature security posture with enforced HTTPS, comprehensive security headers, and adherence to industry standards such as ISO 27001 and SOC 2. The platform integrates security and privacy features deeply into its offerings, including data residency options and compliance tools. No vulnerabilities or exposed sensitive data were detected in the website content. However, incident response contact information is not prominently displayed, which could be improved. The company maintains cookie consent mechanisms and privacy policies aligned with GDPR. Overall, Salesforce shows strong security culture and readiness, suitable for enterprise customers with high compliance requirements.

Strategic Recommendations

Priority Actions for Security Improvement

Enhance visibility and accessibility of incident response and security contact channels on the website.

✨Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

Salesforce

Description:

The Salesforce Platform unifies Data, AI, CRM, Development, and Security into a single, comprehensive platform. It offers tools for building, customizing, and securing applications including Agentforce and Customer 360.

Key Services:

Agentforce autonomous agentsAI and predictive analytics (Einstein)Data Cloud for customer data activationLow code and pro code app developmentSecurity and compliance toolsIntegration via MuleSoftAnalytics via Tableau

Content Quality:

excellent

Branding:

consistent

Technical Stack

Technologies:

JavaScriptVidyard video playerGoogle Tag ManagerOneTrust (cookie consent)Optimizely (A/B testing)Boomerang (performance monitoring)Salesforce proprietary frameworks

Frameworks:

Salesforce Page BuilderLightning Web Components

Platforms:

Salesforce Platform

Performance:

fast

Mobile:

excellent

Accessibility:

good

SEO:

good

Security Assessment

Security Score:

90/100

Best Practices:

HTTPS enforced
Security headers implemented
No exposed sensitive data in HTML
Use of secure cookies and consent mechanisms

Analytics & Tracking

Services:

Google AnalyticsEvergage

Tracking Level:moderate

Privacy Compliance:good

Advertising & Marketing

Tracking Pixels:

EvergageAdobe Demdex

Marketing Tools:

Optimizely

Transparency Level:good

Website Quality Assessment

Design Quality:excellent

User Experience:excellent

Content Relevance:excellent

Navigation Clarity:excellent

Professionalism:excellent

Trustworthiness:high

Key Observations

Website is fully accessible with rich content and multimedia.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

60/100

Score

Weak Strict-Transport-Security configuration

LOW

Current value: "max-age=86400"

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Weak X-XSS-Protection configuration

LOW

Current value: "0"

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

55/100

Score

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

87/100

Score

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

SPF

Sender Policy Framework

DKIM

DomainKeys Identified Mail

DMARC

Domain-based Message Authentication

MX Records

Mail Exchange Records

BIMI

Brand Indicators

MTA-STS

Mail Transfer Agent Security

TLS-RPT

TLS Reporting

DNSSEC

DNS Security

SPF Details

Record:

v=spf1 include:_spf.google.com include:_spf.salesforce.com exists:%{i}._spf.corp.salesforce.com ~all

DKIM Selectors Found

Selector:s1(1440-bit rsa)

DMARC Details

Policy:reject

Aggregate Reports:d@rua.agari.com

Forensic Reports:d@ruf.agari.com

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

0/100

Score

Unable to retrieve SSL certificate

CRITICAL

Could not establish secure connection to retrieve certificate information

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

85/100

Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

DNS Records

A Records:23.1.35.132, 23.1.99.130, 23.1.106.133, 104.109.10.129, 104.109.11.129, 184.25.179.132, 184.31.3.130, 184.31.10.133

Name Servers:

pch1.salesforce-dns.comDNS only

pch2.salesforce-dns.comDNS only

udns1.salesforce.comDNS only

udns2.salesforce.comDNS only

udns3.salesforce.comDNS only

udns4.salesforce.comDNS only

MX Records:

10: mxa-00177002.gslb.pphosted.com

10: mxb-00177002.gslb.pphosted.com

DNSSEC Status

DNSSEC Not Enabled

SPF Analysis

SPF Record:

v=spf1 include:_spf.google.com include:_spf.salesforce.com exists:%{i}._spf.corp.salesforce.com ~all

⚡Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100

Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website is built on Salesforce's proprietary Experience Cloud and Page Builder frameworks, utilizing modern JavaScript libraries and integrations with analytics and consent management tools. Performance is optimized with preloading, preconnect, and asynchronous script loading. Mobile responsiveness and accessibility features are well implemented. The tech stack includes Vidyard for video, Google Tag Manager for marketing, and Optimizely for experimentation. Hosting is on Salesforce's cloud infrastructure, ensuring scalability and reliability. Technical risks are minimal, with no outdated or vulnerable libraries detected. Opportunities exist to further enhance accessibility and incident response integration.

Analyze Another Website

Is force.com a Scam? Security Check Results - Salesforce Reviews

Is force.com Safe? Security Analysis for Salesforce

AI Summary

Detected Technologies

🧠AI Business Intelligence

Business Intelligence

Security Posture Analysis

Strategic Recommendations

✨Observations

AI-Enhanced Website Analysis

Business Insights

Technical Stack

Security Assessment

Analytics & Tracking

Advertising & Marketing

Website Quality Assessment

Key Observations

🛡️Security Headers

Security Headers

Weak Strict-Transport-Security configuration

Missing Content-Security-Policy header

Weak X-XSS-Protection configuration

Missing Permissions-Policy header

Sensitive data may be cached

👤GDPR Compliance

GDPR Compliance

No Cookie Policy found

No Cookie Consent Banner found

Privacy policy may not be GDPR compliant

GDPR Compliance Analysis

🛡️NIS2 Compliance

NIS2 Compliance

No vulnerability disclosure policy

No incident response procedures found

No security contact information

No vulnerability reporting mechanism

No NIS2 reference found

📧Email Security

Email Security

No MTA-STS Policy

No TLS-RPT Record

SPF Details

DKIM Selectors Found

DMARC Details

🏆SSL/TLS Security

SSL/TLS Security

Unable to retrieve SSL certificate

OCSP Status

📊DNS Health

DNS Health

DNSSEC Not Enabled

CAA Records Not Configured

DNS Records

DNSSEC Status

SPF Analysis

⚡Network Security

Network Security

Good Network Security Posture

🔧Technical Analysis

Technical Analysis

Additional Findings

Related Partner Domains

mulesoft.com

tableau.com

own.com