Clari/Salesloft

Clari/Salesloft

Search the Trust Center...
Ctrl +K

Clari/Salesloft | Trust Center

Everything you need to complete your security review is here. Browse documents, certifications, and compliance details with confidence. Our Trust Center is regularly updated to reflect the latest audit results, and subprocessor disclosures.


Badges

ccpa
CCPA
csa
CSA
eu-us-data-privacy
EU-US DPF
gdpr
GDPR
uk-extension-to-eu-us-dpf
UK-US DPF

Quick Summary

One or more annual third-party audit(s)

Annual third-party penetration testing

Has a disaster recovery plan

Subprocessors list available

Has cyber insurance

Will enter into a DPA

Has a bug bounty or vulnerability disclosure program

Deletes customer data on request

Has an API available

Uses a centralized IAM solution (SSO) to manage employee access

Has a status page

Has a privacy policy

Has an AI policy


Our Philosophy

Clari/Salesloft’s mission is to help our customers realize their fullest potential by transforming their revenue operations to be more connected, efficient, and predictable. We believe that we need to secure your data and that protecting it is one of our most important responsibilities. We’re committed to being transparent about our security practices and helping you understand our approach.

On this page you will find all our security documentation, including audit reports, certifications and answers to most common security questions.


Announcements

Salesloft new Sub-Processor announcement

1Mind has been added as a new subprocessor for the Salesloft/Clari services (including Drift), effective May 30, 2026. We have uploaded a detailed FAQ to the document section of the portal at https://trust.salesloft.com/d/salesloft-sub-processor-notice-1-mind/qxjCEu?lng=en


New Sub-processor Announcement

Ada Chatbot has been added as a new subprocessors for the Salesloft services (including Drift), effective March 20th, 2026. We have uploaded a detailed FAQ to the document section of the portal.


New Subprocessor Announcement

Confluent Cloud Kafka has been added as a new subprocessors for the Salesloft services (including Drift), effective February 9th, 2026. We have uploaded a detailed FAQ to the document section of the portal.


Summary of the Mandiant Investigation of Drift Applications

This investigation summary details the Mandiant investigation, which has concluded. Mandiant was engaged by Salesloft, Inc., on August 26, 2025, to investigate a suspected intrusion impacting the Drift product. The investigation aimed to 1) determine the root cause and scope; 2) assist with containment and remediation; and 3) verify segmentation between Drift and Salesloft applications. The Mandiant investigation and remediation concluded on September 30, 2025, and the following information is accurate as of that date.

The intrusion timeline, spanning March 22, 2025 to September 5, 2025, involved suspicious activities such as API calls from The Onion Router (TOR) and anonymizing proxy services, the use of Salesloft GitHub Personal Access Tokens (PATs) for reconnaissance and secret enumeration, and the exfiltration of environment variable secrets and code repositories.

Mandiant has not identified ongoing compromise of the Drift product, and has verified the remediation activities taken during the investigation.

Mandiant partnered with Salesloft for containment and hardening efforts across the Drift technology environment. These efforts included code vulnerability analysis, credential management, logging enhancements, CI/CD workflow review, and security configuration reviews, including:

Drift Application:

  • Critical Vulnerability Identification
  • Code Vulnerabilities Identification
  • Credential Rotation
  • Isolated Integration Points
  • Rapid Threat Model Assessment
  • Application Architecture Review
  • Front-End/Back-End Component Review

Drift AWS Infrastructure:

  • Drift AWS Lockdown
  • AWS Infrastructure Configurations related to in scope accounts
  • Security Group & Network ACL Analysis
  • IAM Role & Policy Review
  • Container Security
  • Logging and Monitoring enhancement

GitHub Configurations & Security:

  • Repository-Level Security
  • Added Secrets Prevention Tooling and Rotated Secrets Found in Code
  • Organization-Wide Settings
  • DependaBot - SCA Report Analysis
  • Provided GitHub Hardening Playbook
  • Privileged Access Review and Enhancement
  • Eliminated Personal Access Tokens and External Collaborators as means of access

Salesloft Environment Proactive Threat Hunt: No Evidence of Attacker Activity Found

Additionally, Mandiant conducted threat hunts across the Salesloft environment and found no evidence of compromise in the following areas:

  • Salesloft endpoints
  • Salesloft GCP and AWS production application environments
  • Salesloft email platform

Mandiant has verified the technical segmentation between Salesloft and Drift applications and infrastructure environments. The analysis has not found evidence beyond limited reconnaissance related to the Salesloft application environment.


Drift Is Now Back Online

We are pleased to report that Drift was brought back online on Tuesday, September 16, and rolled out to Drift customers earlier this week. Drift customers can once again leverage the core chat and reporting capabilities of the Drift application with confidence.

We are currently restoring additional connectivity, including third-party integrations. Many of these integrations are online now, and we will continue enabling other integrations as a top priority. We will provide customers with updates as new integrations are restored.

This help article provides essential information and best practices for getting Drift back up and running on customer websites.

The security of customer data and operations remains our highest priority. While Drift has been offline, we have taken several steps to ensure the security of the Drift environment, including rotating customer and internal credentials such as OAuth tokens, employee passwords, and other application secrets. To strengthen our infrastructure, we have also improved our logging to better detect and prevent threats, upgraded authentication methods for privileged users, shortened session lengths for internal systems, and limited privileges to the lowest levels necessary to perform the function.

For assistance, please contact Customer Support at help.salesloft.com.
For ongoing updates, please subscribe to trust.salesloft.com.


Important Update Regarding Drift Security

The following provides additional information to our trust site post on September 6, 2025, regarding our current Drift remediation and fortification efforts and those going forward. We are continuing our efforts on remediation and additional security controls.

We are focused on the ongoing hardening of the Drift Application environment. This process includes rotating credentials, temporarily disabling certain parts of the Drift application and strengthening security configurations.

Furthermore, we are implementing new multi-factor authentication processes and further refining limitations to the application environment. These measures are complemented by an ongoing analysis of available logs and configuration settings, as well as the remediation of secrets within the environment and GitHub hardening activities.

As a part of this process, we have systems that will be turned on over the weekend that may send you automated notifications originating from Drift. Please disregard these notifications as they are part of our security testing process. Until we provide you with a definitive update that the Drift application has been restored and re-enabled, it will remain inaccessible to customers and third party integrations.

All of this is focused on continuing to harden the Drift environment prior to and after re-enabling the Drift application — which we expect to be soon.


Drift Status Update

Most Recent: We want to provide you with an update regarding the status of the Drift application while it is temporarily offline.

On Sept 6, we posted a trust site update detailing the initial results of our investigation and remediation efforts to date. While Drift is offline, Salesloft is working to confirm the root cause of the security incident and implement additional security measures to avoid similar incidents in the future and to restore the application as soon as possible. We hope to be able to provide an ETA soon for getting Drift back online.

At this time, we are advising all Drift customers to treat any and all Drift integrations and related data as potentially compromised.

The security of your data and operations remains our highest priority, and we are committed to providing a safe and secure platform for all users. Thank you for your patience during this time.

For ongoing updates, please subscribe to trust.salesloft.com.


Salesforce/Salesloft Integration Is Restored

We are pleased to report that the integration between the Salesloft platform and Salesforce is now restored.

Salesforce users can once again leverage the full capabilities and integrations of the Salesloft platform with confidence. For more information, read our most recent trust site update.

While the connection between systems was disabled, both Salesloft and Salesforce continued to run independently. The Salesloft Customer Success team will be reaching out to you directly to help you with data reconciliation before we can re-enable your Salesforce sync. Once we connect with you, the restoration should be relatively quick.

The step-by-step process for re-syncing your data and activities between Salesloft and Salesforce can be found in this help article.

The security of your data and operations remains our highest priority, and we remain committed to providing a safe and secure platform for all users. Thank you for your patience during this time and for your continued partnership.

For assistance, please contact Customer Support at help.salesloft.com.
For ongoing updates, please subscribe to our trust site (trust.salesloft.com)


Update on Mandiant Drift and Salesloft Application Investigations

On August 28, 2025, Salesloft retained Mandiant to investigate the compromise of the Drift platform and its technology integrations. The objectives of the investigation are to determine the root cause, scope of the incident, and assist Salesloft with containment and remediation. Mandiant was subsequently engaged to examine the Salesloft environment to determine if it was compromised and verify the segmentation between the Drift and Salesloft environments.

The following is an update as of September 6, 2025:

What Happened:

Mandiant’s investigation has determined the threat actor took the following actions:

  • In March through June 2025, the threat actor accessed the Salesloft GitHub account. With this access, the threat actor was able to download content from multiple repositories, add a guest user and establish workflows.
  • The investigation noted reconnaissance activities occurring between March 2025 and June 2025 in the Salesloft and Drift application environments. The analysis has not found evidence beyond limited reconnaissance related to the Salesloft application environment.
  • The threat actor then accessed Drift’s AWS environment and obtained OAuth tokens for Drift customers’ technology integrations.
  • The threat actor used the stolen OAuth tokens to access data via Drift integrations.

Response and Remediation Activities:

As part of a comprehensive response, Salesloft performed containment and eradication activities, validated by Mandiant, in the Drift and Salesloft application environments, including but not limited to:

  1. Drift Application Environment:
  • Isolated and contained the Drift infrastructure, application, and code.
  • The Drift Application has been taken offline.
  • Rotated impacted credentials
  1. Salesloft Application Environment:
  • Rotated credentials in the Salesloft environment.

  • Performed proactive threat hunting of the environment and noted no additional Indicators of Compromise (“IOCs”) found.

  • Rapidly hardened Salesloft environment against the known methods used by the threat actor during the attack.

  • Threat hunting based on Mandiant Intelligence across Salesloft infrastructure and technologies: IOC analysis, Analysis of events associated with at-risk credentials based on threat actor activity, Analysis of events associated with activity that would permit the threat actor to circumvent Salesloft security controls.

  • Mandiant has verified the technical segmentation between Salesloft and Drift applications and infrastructure environments.

Based on the Mandiant investigation, the findings support the incident has been contained. The focus of Mandiant’s engagement has now transitioned to forensic quality assurance review.


Third-Party Drift Integration Partners FAQ (9:00PM ET)

We are providing the following FAQs in order to help Drift integration partners get answers to their questions quickly.

Q: If our software integrates with Drift, what do I need to be aware of?

We are recommending that all third-party applications integrated with Drift via API key, proactively revoke the existing key for these applications. For ongoing updates, subscribe to our trust portal at trust.salesloft.com

Q. How do we determine if we have malicious activity against our integration?

Our investigation has revealed a number of indicators of malicious activity observed in this incident. We are including them in this message to help check your integration and environment for signs of compromise. We urge you to check your logs against these Indicators of Compromise.

Mandiant has published a blog with detailed recommendations for impacted organizations: https://cloud.google.com/blog/topics/threat-intelligence/data-theft-salesforce-instances-via-salesloft-drift

All Drift integration traffic should come from a set of known Source IPs owned and operated via Drift. Those IP’s are detailed in this document. Any successfully authenticated connections utilizing Drift tokens from any IP address other than those listed in the Public IP Address document above should be considered suspect, investigated as possibly malicious and reported to Salesloft immediately.

Additionally, our investigation has revealed a number of known Indicators of Compromise (IOC) that we urge you to search for in your logs. Although Drift integration traffic should only come from the IP’s listed above, the following IP’s are confirmed as malicious and any traffic from them to a Drift integration with a successfully authenticated Drift connection should be considered malicious.

IP Addresses
154.41.95.2
176.65.149.100
179.43.159.198
185.130.47.58
185.207.107.130
185.220.101.133
185.220.101.143
185.220.101.164
185.220.101.167
185.220.101.169
185.220.101.180
185.220.101.185
185.220.101.33
192.42.116.179
192.42.116.20
194.15.36.117
195.47.238.178
195.47.238.83
208.68.36.90
44.215.108.109
User-Agent Strings
python-requests/2.32.4
Salesforce-Multi-Org-Fetcher/1.0
Python/3.11 aiohttp/3.12.15

Q. What steps should I take for integrations with the Salesloft Application?

Please note the Salesloft application is not included in this advisory and this is exclusive to the Drift application and integrations. We see no current indicators of any malicious activity involving any integrations with the Salesloft application. Out of an abundance of caution, we recommend changing passwords and rotating integration tokens as a security best practice.


Notice: Drift Temporarily Offline Effective Friday, September 5, 2025 at 6 a.m. ET.

Most Recent: As previously communicated, Drift will temporarily be taken offline beginning Friday, September 5, 2025 at 6 a.m. ET.

We are taking this action in order to fortify the security of the application and its associated infrastructure. This will provide the fastest path forward to building additional resiliency and security into the system and to return the Drift application to full functionality.

As a result of this action, the Drift chatbot will not be available on customer websites, and all Drift features — including Drift Fastlane and Drift Email — will not be accessible during this time. While Drift is unavailable, the core Drift JavaScript snippet installed on your website also will not load Drift.

For OAuth users, Salesloft rotated all centrally managed client keys, which invalidated all affected tokens and prevented re-entry from threat actors into the Drift environment via OAuth tokens.

However,for all Drift customers who manage their own Drift connections to third-party applications via API key, we continue to recommend that you proactively revoke existing keys. This only relates to API key-based Drift integrations. These actions will need to be taken directly within the third-party provider's application.

Salesloft is working with its third-party cybersecurity partners to restore the Drift application as soon as possible. At this time, we do not have an ETA for Drift service restoration. We will notify Drift admins directly via email and continue to make updates here on our Trust Site as additional information becomes available.

We sincerely regret any inconvenience and disruption this action may cause and thank you for your continued patience.

For assistance, please contact Customer Support at help.salesloft.com. Subscribe to trust.salesloft.com for ongoing updates.


Salesloft FAQs about Salesforce Interruption (10:10AM ET)

We are providing the following FAQs in order to help customers get answers to their questions quickly.

Q: Can I still use Salesloft?
Yes, you can still use the Salesloft platform and browser extension for your day-to-day work. For instructions on how to continue using Salesloft while the Salesforce integration is currently disconnected, refer to this Trust Site update from August 31, 2025.

Q: What happens to my existing Salesforce data in Salesloft?
Salesloft will continue to operate against the last data that was synchronized from CRM prior to the disconnection. Your teams can continue to operate against this as they normally would within Salesloft.

Q: Will I lose any critical data while Salesloft and Salesforce are disconnected?
While the connection between systems is disconnected, each side will continue to run independently. Salesloft is working to ensure data is reconciled once the connection is restored.

Q: Are any of Salesloft’s AI Agents impacted? Will they still work?
No, Salesloft AI Agents are not impacted. The Account Research Agent, Person Research Agent, Email Personalization Agent, and Buyer Identification Agents will continue to work against all data that was previously synced from your CRM along with any ongoing activity and web data generated by Salesloft. The Deal Summary agent will work against the last sync from CRM until the connection has been restored.


Drift Will Be Temporarily Offline (1:55PM ET)

Most Recent: All Drift Admins Please Note — Drift will be temporarily taken offline in the very near future. This will provide the fastest path forward to comprehensively review the application and build additional resiliency and security in the system to return the application to full functionality As a result, the Drift chatbot on customer websites will not be available, and Drift will not be accessible.

We regret any inconvenience and disruption this action may cause.

Our top priority remains ensuring the integrity and security of our systems and our customers’ data. Our team is working alongside our third-party cybersecurity partners, Mandiant and Coalition, to resolve this as quickly as possible.

Thank you for your continued patience and understanding.


Salesloft-Salesforce Integration Update (4:30PM ET)

The Salesforce–Salesloft integration remains paused as we continue to investigate a security incident involving our Drift application. The disconnection of Salesloft was done as a precautionary measure initiated by Salesforce and there is no evidence of any unusual or malicious activity with the Salesloft platform. Mandiant, a recognized leader in cyber defense and threat intelligence, is conducting a thorough review of the Salesloft platform to verify the platform’s security and integrity.

We are working closely with Salesforce at every level to resolve the issue as quickly as possible. Customers can still use the Salesloft platform for your day-to-day work, as its core functions remain fully operational except where specifically outlined in the previous announcement.

Thank you for your continued patience while we work to resolve this issue with Salesforce. We will continue to provide updates here as new information becomes available.
Subscribe to trust.salesloft.com for ongoing updates.


Salesloft Functionality During Temporary SFDC Disconnection (2:30PM ET)

Most recent: This update outlines what is affected by the temporary disconnection of Salesloft from Salesforce and what is currently still available to users.

What is affected:

  • Individual users and integration user have been disconnected from Salesforce
  • Activities will not log from Salesloft to Salesforce while the integration is disabled
  • Records cannot be imported from Salesforce including: Manual import of Individual Records, Automation Rule Imports, Scheduled Report Imports, Salesloft Chrome Extension Imports
  • Field Updates on Leads, Contacts, Accounts, Opportunities will not sync from Salesforce to Salesloft or Salesloft to Salesforce
  • Records in Salesloft cannot be created in Salesforce
  • New or unlinked records in Salesloft cannot be linked to a CRM record
  • Automation Rules and Plays will not execute for people/account/opportunity/custom objects that rely on Salesforce field updates
  • Deals and Forecasting will be inaccessible while the CRM connection is down. Users will either see a stale dashboard or the setup & configuration screen until the connection has been restored.

What is not affected:

  • Cadencing - Users can add people to cadences and complete cadence steps
  • Importing - Users can import records into Salesloft via: Third Party Integrations like ZoomInfo, Cognism, Pocus; CSV Files; Manual Record Creation
  • Importing - Users can import records into Salesloft via: Directly from Gmail or Outlook; Please reach out to your Salesloft Representative to enable permissions if you do not see these import options in Salesloft
  • Conversation Intelligence - meetings and dialer calls will be recorded as expected
  • Salesloft Chrome Extension - Users can perform these actions as normal: Loft their emails from Gmail or Outlook; Add records to Salesloft from Gmail or Outlook; Insert templates or snippets into emails from Gmail or Outlook; Complete cadence steps, phone cadence step, other cadence steps, dialer calls, send emails from the extension while viewing a record in Salesforce
  • Salesloft Plays (email reply, meetings- reminder/prepare/follow up, person/account iPass plays, custom signals)
  • Meetings - Users can book meetings through their calendar and expect to see the meeting reflected in Salesloft
  • Dialer - Users can call people through cadence steps, one-off calls, or through the Chrome Extension

Subscribe to trust.salesloft.com for ongoing updates.


Salesloft Security Update: Can customers still use Salesloft? (12PM ET)

Customers can still use the Salesloft platform and browser extension for your day-to-day work.

You can import contacts and leads into Salesloft and Cadences using a CSV file or directly through applications like ZoomInfo:

For more context, please watch this tutorial video walkthrough of CSV Importing.


Salesloft Security Update: Salesforce Integrations (6:15PM ET)

Salesloft is currently responding to a security incident related to our Drift product. As a result of the incident, Salesforce has elected to temporarily disable all Salesloft integrations with Salesforce.

Upon detecting the incident, Salesloft immediately took steps to secure our systems and contain and mitigate the incident. As part of those efforts, Salesloft engaged Mandiant and Coalition, two leading cybersecurity firms, to assist with a comprehensive investigation and remediation of the Drift incident, as well as verify the integrity of the Salesloft platform.

Based on the investigation to date, there is no evidence of malicious activity detected in the Salesloft integrations related to the Drift incident. Additionally, at this time, there are no indications that the Salesloft integrations are compromised or at risk.

A comprehensive investigation and confidence in the security of our operations is our top priority. We are working with Salesforce and our third-party partners to restore Salesloft integrations as soon as possible.

Our focus remains on ensuring the integrity and security of our systems and your data. We will continue to provide updates as we have new information.

Subscribe to our Trust Site at trust.salesloft.com for the latest updates.


Drift Security Update: Salesforce Integrations (3:30PM ET)

Most Recent: In our commitment to transparency, we are writing to provide new information about a critical update with the Drift security incident.

We have received a notification from Salesforce that, as a precautionary measure, Salesforce has temporarily disabled the Drift integration between Salesforce, Slack, and Pardot. This decision was made while we conduct a joint exhaustive investigation with Salesforce into the incident. During this period, Salesforce, Slack, and Pardot will not connect with Drift.

We want to assure you that this is our top priority, we are acting with the utmost urgency. As we previously shared, Salesloft has engaged Mandiant and Coalition, leading cybersecurity experts, to assist us in our investigation and to support containment and remediation.

Our focus remains on ensuring the integrity and security of our systems and your data. We will continue to provide updates as we have new information.

Subscribe to trust.salesloft.com for ongoing updates.


ACTION NEEDED: Drift API Integrations

Most Recent Update: As a part of our ongoing investigation of the Drift security incident, Salesloft has engaged Mandiant and Coalition, leading cybersecurity experts, to assist us in our investigation and to support containment and remediation. We are taking every possible step to ensure the integrity of our systems and your data.

We are recommending that all Drift customers who manage their own Drift connections to third-party applications via API key, proactively revoke the existing key and reconnect using a new API key for these applications. This only relates to API key-based Drift integrations. OAuth applications are being handled directly by Salesloft.

These actions will need to be taken directly within the third-party provider’s application. You can see a list of your current connected integrations within the Drift Admin settings. In order to see your integrations, follow these steps:

  • Settings > Integrations > [Your connected Drift integrations will appear here]
  • Take action directly in each third-party provider’s application
  • When ready, update your API key in each connected Drift integration

We understand that security is a top priority for you, and it's our top priority too. We are committed to maintaining an open dialogue with you, our valued partners and customers, and we'll continue to provide updates as we have them.


Drift/Salesforce Security Update

The following is the most recent update regarding the recent security incident concerning the Drift integration with Salesforce: From August 8 to August 18, 2025, a threat actor used OAuth credentials to exfiltrate data from our customers’ Salesforce instances. All impacted customers have been notified.

Initial findings have shown that the actor’s primary objective was to steal credentials, specifically focusing on sensitive information like AWS access keys, passwords, and Snowflake-related access tokens. We have determined that this incident did not impact customers who do not use our Drift-Salesforce integration. Based on our ongoing investigation, we do not see evidence of ongoing malicious activity related to this incident.

In collaboration with Salesforce, we took immediate action to proactively revoke all active access and refresh tokens for the Drift application. As a result, administrators must re-authenticate their Salesforce connection to re-enable the integration. We have also hired a third party digital forensics and incident response (DFIR) firm to assist in the investigation and to ensure all appropriate remediation steps have been taken.

We are working in collaboration with Salesforce to provide all customers with detailed information regarding attacker actions in their respective environments.

We have included indicators of compromise (IOCs) below to assist customers in their investigations – we will continue to update this list of IOCs as needed.

IOCs

The following indicators have been associated with this incident:

User-Agent Strings
python-requests/2.32.4
Salesforce-Multi-Org-Fetcher/1.0
Python/3.11 aiohttp/3.12.15

IP Addresses
154.41.95.2
176.65.149.100
179.43.159.198
185.130.47.58
185.207.107.130
185.220.101.133
185.220.101.143
185.220.101.164
185.220.101.167
185.220.101.169
185.220.101.180
185.220.101.185
185.220.101.33
192.42.116.179
192.42.116.20
194.15.36.117
195.47.238.178
195.47.238.83
208.68.36.90
44.215.108.109

The threat actor executed queries to retrieve information associated with various Salesforce objects, including Cases, Accounts, Users, and Opportunities. Two sample queries are provided below, but this is not an exhaustive list.

Crawl of common fields for Case objects:
SELECT Id, Description, Subject, Comments FROM Case WHERE CreatedDate >= ORDER BY CreatedDate DESC NULLS FIRST LIMIT 2000

Mining a field in Case objects for known secret patterns:
SELECT Id FROM Case WHERE SuppliedEmail LIKE LIMIT 1000

As stated above, we are working in collaboration with Salesforce to provide all customers with detailed information regarding attacker actions in their respective environments.


Drift/Salesforce Security Update

Our investigation regarding the incident between Drift and Salesforce is ongoing. We are actively collaborating with Salesforce and will provide updates as soon as we are able. Currently, we do not see any evidence of ongoing malicious activity. Please continue to direct your questions through our customer support portal (help.salesloft.com) to ensure we are able to address each question appropriately.


Drift/Salesforce Security Notification

Today, we detected a security issue in the Drift application. Out of an abundance of caution, we have proactively revoked connections between Drift and Salesforce, and we are asking Drift admins to re-authenticate their Salesforce connection.

In order to re-authenticate Salesforce in Drift:

  1. Go to Settings > Integrations > Salesforce;
  2. Click Disconnect;
  3. Click Connect Account;
  4. Log in with your Salesforce credentials and authorize the connection.

Note: You may need to give the app a minute or so to process before refreshing the page, at which point you should see a successful connection.
Please note that the above referenced issue does not impact any Drift customers who do not integrate with Salesforce.

We are continuing to investigate and will provide more information as it becomes available. We apologize for any disruption this incident may have caused and appreciate your patience.


Salesloft+Drift statement on reported breaches of Snowflake.

The Salesloft+Drift Security Team has been monitoring reports of breaches of Snowflake data. All of the intelligence our team has seen indicates that there has not been a breach of the Snowflake platform but rather multiple instances of successful credential-stuffing attacks against individual Snowflake user accounts that were required to use only basic password authentication. Salesloft/Drift user access to Snowflake requires authentication through the company’s IdP/SSO solution, which enforces multi-factor authentication (MFA). Even though there have been no reports or indications of attacks on Salesloft/Drift user accounts for Snowflake, and the likelihood of a successful compromise of one of our accounts is very low due to the use of MFA, the Salesloft Information Security Team initiated an investigation and confirmed that there is no indication that any Salesloft/Drift accounts have been attacked or compromised. For the avoidance of doubt, there has been no impact on the security of any Salesloft/Drift user accounts or the data that Salesloft/Drift stores and processes in Snowflake.


GuidePoint Authentication and Security Attestation

Clari proactively engaged a leading independent security assessor, GuidePoint Security, to conduct a deep-dive assessment of our authentication and authorization controls. We did this proactively — not because of an issue at Clari, but to stay ahead of the kinds of attacks recently seen in the industry. Specifically, we’re tightening our security in response to the recent high-profile supply chain incidents involving authentication token compromise and authorization bypass vulnerabilities through third-party integrations. Please review the GuidePoint attestation and our FAQs within the "Documents" section of the Assurance Center.


Strengthen Security with IP Restrictions

At Clari, protecting your data is our top priority. As organizations increasingly rely on integrated systems like Salesforce and Clari, it’s more important than ever to take proactive steps to safeguard access. One simple, but highly effective measure you can implement today is restricting access by IP address.

To help customers configure IP restrictions, we’re providing the list of IP addresses associated with Clari’s public resources, available at: https://clari.my.site.com/customer/s/article/Strengthening-Security-with-IP-Restrictions-Protecting-Your-Clari-Salesforce-Data



Featured Documents


Documents & Knowledge Base FAQs


Trusted by

Siemens
IBM
3M
stripe.com
Greenhouse Software
LeadIQ
Citrix
PandaDoc
Powered by Conveyor, the first end-to-end customer trust platform.
Learn more