Do we need Burp License for the app which is containing Salesforce Apex Component? - Forcetalks

Tagged: Burp, Burp License, Burp Scan, Force.com Source Scanner, Salesforce Apex, Salesforce AppExchange, Salesforce Security

Salesforce® Discussions

Do we need Burp License for the app which is containing Salesforce Apex Component?

Posted by Abhinav on April 30, 2016 at 2:06 PM

Do we need the Burp License for the app which is containing apex component only when releasing it for appExchange?

Avnish Yadav replied 7 years, 7 months ago 2 Members · 1 Reply
1 Reply

Avnish Yadav

Member
September 30, 2018 at 12:28 AM

Hello,

The Burp tool must only be used to evaluate the security of your web application that resides outside of Force.com (e.g. www.partnersite.com). For applications residing completely on Force.com (e.g. partner-visual.force.com, appxpartner.force.com. etc.), please use the Force.com Source Source Scanner . So i don’t think that you need a Burp scan.

Please note that you are not permitted to run this tool against any servers owned and operated by salesforce.com, without prior written approval.

Thanks.

Log In to reply.