Skip to content
Digadop
‹ Products

Lynceon

Coming soon

Salesforce security posture: find and fix the risk

Turn Salesforce access into security judgment.

Where Who Sees What shows the facts of access, Lynceon is designed to judge them and help you act: continuous monitoring, risk findings with severity, remediation guidance, a posture score, and threat detection. The standalone Salesforce security product in the Digadop family, coming soon.

How it works

How Lynceon will work

1 Connect Salesforce OAuth 2 Monitor re-checks on every change 3 Judge ranked risk findings 4 Remediate opt-in, you approve

What it does

Key capabilities

Continuous posture monitoring: designed to re-check who can see what every time your org's metadata changes, instead of only at a point in time.

Drift and differential alerts that show exactly what changed and who is newly exposed: a new sharing rule, a profile edit, an Apex class that started running without sharing.

Every risk finding paired with remediation guidance: the specific setting, sharing rule, or code change that closes the gap, prioritized by real exposure.

The full detail of all risk findings across every severity, including the deeper findings that Who Sees What only previews.

Deterministic detection (Salesforce Code Analyzer: PMD for Apex, ESLint, RetireJS, and data-flow analysis) for CRUD and field-level violations, sharing bypass, cross-site scripting, and hardcoded secrets, with AI used only to triage and explain findings, never to detect them.

Built on the Who Sees What access graph, reading beyond it into full org metadata for its analysis.

A posture score and exposure-drift view that track your security model over time and across multiple orgs.

Opt-in auto-remediation: apply a recommended fix in your org under a separate elevated authorization, off by default (on the roadmap).

A higher Compliance tier with threat detection and SOC 2 / ISO / NIST mapping plus audit-ready evidence (planned).

Who it is for: Salesforce admins, security teams, and compliance owners who need continuous, judged security-posture monitoring rather than a one-time snapshot of access.

Example finding

A finding you can act on

RiskHigh: 23 users can edit Accounts they should not

  • SeverityHigh, ranked by real exposure across your org.
  • CauseA permission set grants "Modify All" on Account to the Support profile.
  • Who is affected23 active users, listed by name.
  • RemediationRemove "Modify All" from the Support Tier 1 permission set.

Illustrative example of the planned product. Lynceon is coming soon; remediation is opt-in and applied only under a separate, per-change authorization.

Maturity

What is live, and what is coming

Available now

  • Nothing customer-facing yet. Lynceon is coming soon; today the site offers a waitlist.

Coming soon

  • The customer-facing continuous Salesforce posture-monitoring product, launching after Who Sees What.
  • Opt-in, separately-authorized auto-remediation (off by default).
  • A Compliance tier: threat detection, SOC 2 / ISO / NIST mapping, audit-ready reports, and a multi-org program view.
  • Planned list price $2,499 per org per month. Not purchasable yet.

Trust

Designed to be safe, even when it can act.

Reads your security metadata

Connects through Salesforce OAuth and reads the org security metadata it needs to judge posture, never your business-record contents. It does not change your org unless you turn on remediation.

Every change is opt-in

Auto-remediation is off by default and applies a fix only under a separate elevated authorization, with each change approved and logged.

Coming soon

Lynceon is not purchasable yet. Join the waitlist and we will tell you when it is ready.

See Lynceon in your org.

Part of the Digadop platform: one security and data model across the family.