We’re pleased to announce that MetaDefender for Salesforce 6.0 introduces Reputation Service, enabling automated evaluation of IP addresses, domains, and URLs directly within Salesforce. This capability strengthens protection by identifying malicious indicators across records and workflows, extending threat detection well beyond uploaded files.
The parent platform - MetaDefender Cloud - already enables organizations to evaluate IP addresses, domains, and URLs for malicious content through multiple aggregated reputation sources.
Now MetaDefender for Salesforce brings this feature directly into Salesforce workflows, so users get a unified and consistent way to assess the trustworthiness of the content they encounter every day.
Learn more about why Salesforce environments require strong file protection.
Reputation Service: A New Layer of Defense
With this release, MetaDefender for Salesforce now leverages advanced Reputation Service to automatically extract and analyze security signals from multiple vectors, including URLs, IP addresses, domains, text fields, case descriptions, lead notes, and other Salesforce records.
Each item is evaluated against OPSWAT’s threat intelligence to determine whether it is safe, suspicious, malicious, or unknown, providing real-time insight into potential risks across your Salesforce environment.
With this capability, organizations can:
- Prevent access to harmful links
- Reduce exposure to phishing, credential harvesting, and malware distribution sites
- Detect malicious sources by IP and domain reputation
- Apply consistent security policies to files and links
- Strengthen compliance and governance across CRM workflows
Reputation Service integrated directly into Salesforce, provides users with proactive protection, not only from malicious file content and risky links, but also from threats associated with unsafe domains and IPs that could impact everyday business processes.
Technical Enhancements Supporting Reputation Service
The Reputation Service introduces accurate, intelligence-driven evaluation of URLs and related indicators directly within Salesforce data workflows.
This enhancement supports detailed URL analysis, including handling redirects and query-string variations, so that the actual destination can be correctly identified and evaluated using OPSWAT’s aggregated threat-intelligence sources. In addition to URLs, these reputation services also assess domains, and IP addresses, providing a broader understanding of risk associated with referenced resources.
Administrators can apply granular policies that define how each reputation service outcome should be handled, aligning IP, URL, domain, and sandbox with the existing file security controls already enforced through MetaDefender for Salesforce.
Licensing Requirement for URL Reputation
To enable this capability, organizations must have an active MetaDefender Salesforce license as Reputation Service lookups consume the associated reputation query limits.
This ensures access to up-to-date, aggregated intelligence for accurately evaluating URLs, domains, and IP addresses within Salesforce workflows.
Core File Security Features Continue to Evolve
MetaDefender for Salesforce continues to enhance the core protections organizations depend on:
- Metascan™ Multiscanning: Uses multiple antimalware engines to increase detection accuracy.
- Deep CDR™: Removes active threats and produces safe, sanitized files.
- Policy-Based Enforcement: Defines how content is allowed/blocked.
- Native Salesforce Integration: Ensures scanning is fully embedded in existing Salesforce workflows.
Together with Reputation Service, these capabilities offer comprehensive protection for all digital content entering Salesforce.
Why This Release Matters
Threat actors are shifting from file-based payloads to malicious URLs, a prime example being this recent phishing campaign.
It targeted over 6,000 customers across the U.S., Europe, Canada, APAC, and the Middle East. The campaign disguised itself as SharePoint and DocuSign notifications, and the attack primarily targeted consulting, technology, and real estate industries.
In environments like Salesforce where teams routinely exchange documents, notes, and links, URL-based attacks can easily slip into daily workflows.
MetaDefender for Salesforce addresses this challenge by extending the same depth of analysis used for files to URLs, domains, and IP addresses encountered within Salesforce, without requiring users to change the way they work.
MetaDefender for Salesforce is available on the Salesforce AppExchange.
