Agentic security operations for Salesforce.
TrailSight is building agentic penetration testing, continuous observability, alerting, and agentic remediation for Salesforce orgs—so security teams can detect, explain, and fix risk faster (with human control).
Salesforce posture · runtime signals · attack simulation · safe remediation
What TrailSight is building
Stealth now. Platform later.
Agentic PT for Salesforce
Continuous, scenario-driven testing tailored to Salesforce risk: identity, permissions, connected apps, APIs, data access paths, and business logic exposure.
- Attack-path enumeration + validation
- Evidence-backed findings (not vibes)
Observability & detection
High-signal telemetry for security posture and runtime behavior—designed to reduce noise, increase context, and make investigation fast.
- Config drift + risky change detection
- Identity & access anomalies
Agentic remediation
Turn findings into safe, auditable actions—suggested fixes, playbooks, approvals, and controlled execution.
- Change plan + rollback baked in
- Human approval by default
Capabilities
Security teams need signal and control, not another dashboard.
Detect
Spot high-risk changes and suspicious behavior with context and evidence.
- Privilege expansion & risky PermissionSet changes
- Connected app / OAuth / token misuse patterns
- Suspicious API activity and data access anomalies
Explain
Get answers you can act on: what changed, who did it, why it matters, and how to fix it.
- Clear blast radius and impacted objects/users
- Evidence pack for audit + incident response
- Noise reduction via baselines and correlation
Remediate
Move from alert to fix with safe, reversible, auditable steps.
- Suggested playbooks with guardrails
- Approval workflow (default on)
- Full change log + rollback strategy
Integrate
Fit into your existing stack instead of replacing it.
- Export findings to ticketing & alerting pipelines
- SIEM/SOAR-friendly data shape (later: native)
- API-first platform posture
How it works
Designed for safety: observe → suggest → approve → execute.
Ingest signals
Collect relevant security and config telemetry from your Salesforce environment(s).
Model & correlate
Establish baselines, connect related events, and rank risk with evidence.
Simulate attack paths
Agentic PT scenarios validate whether a risk is exploitable in your context.
Remediate safely
Generate a change plan, require approval, and keep a rollback-ready audit trail.
Design partners
We’re looking for a small number of teams to build with.
Good fit
- You run Salesforce as a core system (enterprise / regulated / high scale)
- You care about permission hygiene, OAuth sprawl, and change control
- You want fewer alerts, better context, faster remediation
What you get
- Early access to prototypes and roadmap influence
- Hands-on threat modeling + PT scenario design
- Faster path to “safe autopilot” remediation
Is this autonomous remediation?
The goal is agentic remediation with control: suggested plans first, approvals by default, and execution only inside guardrails. “Autonomous” is a spectrum; we start safe.
Do you need full admin access?
Not necessarily. We design for least privilege and scoped access. Specific permissions depend on the signals and actions you enable.
When will you launch publicly?
When the product is useful and boring (in the best way). Until then, we’re iterating with a small number of teams.
Contact
Send a note. We’ll reply with next steps.
Message us
This form opens your email client (static-site friendly). You can also email directly: hello@trailsight.io.