Have you independently verified your Salesforce Drupal Security for:

  • Cyber attack

  • Vulnerable code

  • Website exploits

NDP Studio is a Drupal agency that specialises in Enterprise Support for business. We have built deep technical Drupal Security expertise for Single, or Regular Audits and ongoing Enterprise Drupal Security and Site Support
Your website, and its integration into Salesforce, sits at a crucial point in your digital estate.
Get total peace of mind that your website, and Salesforce, is secure and your business critical functions are robustly tested across your:
  • Drupal configuration, modules, custom code base
  • Salesforce CRM integration
  • Data systems and processes within Drupal
  • Website Security and Data policies
  • GDPR, and PCI compliance 
  • Prefered cyber security compliance standard
  • Salesforce Drupal best practice


Our role is to discover, audit and report vulnerability across your Drupal estate.
Once fully audited, we provide you with an understanding of what the status is, and solutions to remove or mitigate risks and issues.
number 1

Drupal Audit 


Review your Drupal configuration, modules, custom code base

Review your data systems and process within Drupal

Review any relevant Security and Data policies you apply

Refer to GDPR, PCI, and your prefered cyber security compliance standards

Refer to Drupal best practice

Refer to NDP Security "Usual Suspects, and known Bugs" directory

number 2

Salesforce integration Audit


Review the granular Salesforce API permissions. We ensure that only appropriate access is used and is well documented. 

Making sure the Drupal Salesforce Suite is robust and well-tested. In addition to its innate security, we implement controls where necessary such as removing old data or other techniques including encryption on sensitive data.

Check the communication between Drupal and Salesforce is secure. We review that you are using HTTPS and tested REST APIs and OAuth for authentication, rather than less secure connection schemes that are used in some other systems.

Check proper usages of Salesforce built-in API rate limits and API usage. This allows your IT team to monitor any unexpected activity.

number 3

Drupal Security and Risk Assessment Report


Red list of live and urgent vulnerabilities with immediate actions

Amber list of theoretical risks and best practises, and common issues that should be addressed if we identify that they affect your websites

Blue list of common misconfigurations or vulnerabilities

Green list of areas and processes that meet your standards of compliance

To-do list of high-level and detailed suggestions on Drupal security and data protection

We will also act as a trusted partner in any further conversations, with IT functions, development teams or penetration testers.


We'd love to hear more about your digital world, and how Salesforce integrates into it.

Click here to email

Click here to call 020 3905 7400



Before you go