SalesForce Setup Requirements

One of these two methods are required to allow Nessus access:

  • Add the scanner IP to the Trusted IP Ranges in Salesforce.
  • Use a security token.

Adding a trusted IP range

  • In Salesforce, go to Setup -> Security Controls -> Network Access.
  • Add the public IP the scanner will use to connect to Salesforce, or a range of IP addresses. This is the IP address as it will appear to Salesforce, not an internal IP behind NAT.
  • When you enter the credentials in Salesforce plugin preferences in Nessus:
    • Enter the username.
    • Enter the user password.

Using a security token

  • Log in as the user you will use and reset their security token if you do not already have it. The security token is sent via email to the user.
  • When you enter the credentials in Salesforce plugin preferences in Nessus:
    • Enter the username
    • Append the security token to the user password (e.g., If the security password is”MyPassword” and the security token is “MyToken”, enter “MyPasswordMyToken”)