What to Do in the First 24 Hours After a Salesforce Data Breach, Matt Meyers
It is not a question of whether your Salesforce org will be breached, but when. In 2025, connected app compromises exposed 960+ orgs and most teams had no playbook for what came next. This session delivers a technical breakdown of breach response covering blast radius assessment across connected apps and OAuth tokens, executing token revocation and credential rotation without breaking production integrations, and preserving forensic evidence while coordinating stakeholders under pressure. You will leave with a complete breach-to-recovery response plan covering every critical decision from the moment you discover a compromise to the moment your org is back in production.