An anomaly is any user activity that is sufficiently different from the other
users. We use the metadata in Salesforce Core application logs to build profiles representing
guest users’ data access activities. This threat detection event identifies suspicious attempts
by guest users to access organization data.
Required Editions
Available in both Salesforce Classic (not available in all orgs) and Lightning
Experience.
Available in: Enterprise, Unlimited, and Developer
Editions
Requires Salesforce Shield or Salesforce Event Monitoring add-on
subscriptions.
Investigate Guest User Anomalies It's often necessary to further investigate a guest user anomaly to determine if a data breach occurred or to rule it out as benign.
We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required Cookies
Always Active
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional Cookies
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising Cookies
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.
