Heroku’s Next Chapter

news , Heroku General Manager and Salesforce EVP

Back in May, I wrote about my enthusiasm to be part of the Heroku story, and I remain just as passionate today about helping write the next chapter. I’ve had many customer meetings over the past few months, and the theme is consistent — you want to know where we are taking Heroku. We want to be clear: The priority going forward is to support customers of all sizes who are betting projects, careers, and businesses on Heroku. These are companies like PensionBee, who help people manage their pensions; MX, who help small businesses with loans; Furnished Quarters, who built a portal for corporate clients booking short-term rentals; and EIGENSONNE, who built an app to connect with their...

April 2022 Incident Review

news , Heroku General Manager and Salesforce EVP

We have concluded our investigation and want to provide our customers with an overview of the threat actor’s actions, direct mitigations we have taken because of this incident, and additional changes we will make in the face of a continually evolving threat landscape. Our incident summary outlines what we have learned during the course of our investigation starting on April 13, 2022, and ending May 30, 2022. This incident summary and numerous actions we’ve taken to add to our overall security posture is part of our ongoing commitment to maintain your trust.

On April 13, 2022, GitHub notified Salesforce of a potential security issue, kicking off our investigation into this incident. Less...

[Update: May 25, 2022 - GitHub integration is now re-enabled. You can connect to GitHub immediately or wait for the enhanced integration as described below. To re-establish your GitHub connection now, please follow these instructions.]

We know you are waiting for us to re-enable our integration with GitHub, and we've committed to you that we would only do so following a security review. We are happy to report that the review has now been completed.

One of the areas of focus was a review of the scope of tokens we request from GitHub and store on your behalf. Currently, when you authenticate with GitHub using OAuth, we request repo scope. The repo scope gives us the necessary...

We've Heard Your Feedback

news , Heroku General Manager and Salesforce EVP

I started as Heroku GM a few weeks ago with intense enthusiasm to be a part of such a storied team. As you might expect, the last few weeks have not been what I would have imagined. But, contrary to what you might expect, I’m energized.

I’ve been deeply impressed by the skills and dedication of the Heroku team, and the commitment of Salesforce to Trust as our #1 value. I’m also energized because it is clear that the Heroku team does not stand alone inside Salesforce. To respond to this incident, Salesforce colleagues from around the company have augmented the Heroku team in every way possible. The Heroku team and their colleagues have worked around the clock, including nights and...

Browse the archives for news or all blogs Subscribe to the RSS feed for news or all blogs.