Abstract: A system and method for adapting a security tool for performing security analysis on a software application. In one embodiment, a method includes maintaining a registry of security tools; receiving code for a software application; and comparing component criteria for each security tool against each component of the software application, wherein the component criteria for each respective security tool indicate which components the respective security tool is designed to analyze for security vulnerabilities. The method also includes generating a tool-specific package for each component of the software application, wherein the tool-specific package comprises one or more security tools that are designed to analyze the respective component for security vulnerabilities.

Abstract: A system and method for performing security assessments in an online services system. In one embodiment, a method includes receiving an accepted security assessment agreement from a user, where the security assessment agreement is associated with a software application utilized in an online services system. The method also includes receiving configuration data associated with the software application; receiving scanning data associated with the software application; and sending the configuration data and scanning data to one or more security assessment systems.

Abstract: Disclosed are systems, apparatus, methods, and computer readable media for determining a confidentiality for a site record. In one embodiment, a site record for analysis is identified at a computing device. The computing device may identify a source for the site record and determine, based on the source, a source-based confidentiality for the site record. The computing device may identify, based on the site record, a designated confidentiality for the site record, and determine that the designated confidentiality is different from the source-based confidentiality. Responsive to the determination that the designated confidentiality is different from the source-based confidentiality, the computing device may store the source-based confidentiality for the site record on a storage medium.

Abstract: In accordance with embodiments, there are provided mechanisms and methods for rendering data of an on-demand database service safe. These mechanisms and methods for rendering on-demand database service data safe can enable embodiments to alleviate any security risk that would otherwise be posed by such data. The ability of embodiments to provide such additional safety may lead to improved security in the context of an on-demand database service.

Abstract: Disclosed are systems, apparatus, methods, and computer readable media for analyzing computing site information. In one embodiment, an analysis tool for analyzing a first site record stored on a storage medium may be selected. The first site record comprising information may relate to a computing site. The computing site may comprise a unit of computing functionality accessible via a network. When it is determined that first confidentiality level for the computing site exceeds a trust level for the analysis tool, the first site record may be modified to create a second site record, the second site record having a second confidentiality level, the second confidentiality level not exceeding the trust level.

Abstract: A system and method for performing security analysis on a software application. In one embodiment, a method includes receiving application architecture information for a software application; and determining an application type based on the application architecture information. The method also includes performing one or more security tests on the software application based on the application type and the application architecture information; and approving the software application to be available in an online marketplace if the software application passes the one or more security tests.

Abstract: Disclosed are systems, apparatus, methods, and computer readable media for determining a combined trust level for a website. In one embodiment, a user account associated with the creation or maintenance of the website may be analyzed. The analysis of the user account may be capable of identifying the presence or absence of a first risk factor affecting a likelihood that the user account is engaged in a malicious activity. A source code file capable of being used to create a message for sending to a remote computing device may be analyzed. The analysis of the source code file may be capable of identifying the presence or absence of a second risk factor affecting a likelihood that the source code file is facilitating a malicious activity. Based on the analysis, a combined trust level for the website may be determined.

Abstract: In accordance with embodiments, there are provided mechanisms and methods for rendering data of an on-demand database service safe. These mechanisms and methods for rendering on-demand database service data safe can enable embodiments to alleviate any security risk that would otherwise be posed by such data. The ability of embodiments to provide such additional safety may lead to improved security in the context of an on-demand database service.

Abstract: A system and method for performing security assessments in an online services system. In one embodiment, a method includes receiving an accepted security assessment agreement from a user, where the security assessment agreement is associated with a software application utilized in an online services system. The method also includes receiving configuration data associated with the software application; receiving scanning data associated with the software application; and sending the configuration data and scanning data to one or more security assessment systems.

Abstract: A system and method for adapting a security tool for performing security analysis on a software application. In one embodiment, a method includes maintaining a registry of security tools; receiving code for a software application; and comparing component criteria for each security tool against each component of the software application, wherein the component criteria for each respective security tool indicate which components the respective security tool is designed to analyze for security vulnerabilities. The method also includes generating a tool-specific package for each component of the software application, wherein the tool-specific package comprises one or more security tools that are designed to analyze the respective component for security vulnerabilities.

Abstract: A system and method for performing security analysis on a software application. In one embodiment, a method includes receiving application architecture information for a software application; and determining an application type based on the application architecture information. The method also includes performing one or more security tests on the software application based on the application type and the application architecture information; and approving the software application to be available in an online marketplace if the software application passes the one or more security tests.

Abstract: A system and method for performing code analysis in a database system. In one embodiment, a method includes receiving a request to scan code for a software application. The method further includes fetching metadata associated with a user, fetching the code for the software application, and scanning the code.

Abstract: Disclosed are systems, apparatus, methods, and computer readable media for analyzing computing site information. In one embodiment, an analysis tool for analyzing a first site record stored on a storage medium may be selected. The first site record comprising information may relate to a computing site. The computing site may comprise a unit of computing functionality accessible via a network. When it is determined that first confidentiality level for the computing site exceeds a trust level for the analysis tool, the first site record may be modified to create a second site record, the second site record having a second confidentiality level, the second confidentiality level not exceeding the trust level.

Abstract: Disclosed are systems, apparatus, methods, and computer readable media for determining a combined trust level for a website. In one embodiment, a user account associated with the creation or maintenance of the website may be analyzed. The analysis of the user account may be capable of identifying the presence or absence of a first risk factor affecting a likelihood that the user account is engaged in a malicious activity. A source code file capable of being used to create a message for sending to a remote computing device may be analyzed. The analysis of the source code file may be capable of identifying the presence or absence of a second risk factor affecting a likelihood that the source code file is facilitating a malicious activity. Based on the analysis, a combined trust level for the website may be determined.