This is the web version of the newsletter which you can subscribe »
Hello
This week's edition covers a solid mix of topics worth your attention. Security is front and center - recent breaches hitting companies like Grubhub, Qantas, and Google through Salesforce-connected systems are a wake-up call. If you haven't reviewed your org's security posture lately, now's the time.
On the ecosystem side, Salesforce officially merged AppExchange, Slack Marketplace, and Agentforce into a single platform called AgentExchange, backed by $50M in funding. Big move, and worth understanding what it means for how you discover and deploy solutions going forward.
For developers, there's a practical piece on the Single Responsibility Principle in Apex - a good reminder that "God Classes" always come back to haunt you - plus an interesting look at how one team boosted code coverage by 28% purely through data model restructuring, no new tests required.
As always, links below. Dig in and let me know what resonates.
For everyone
-
Do Salesforce Customers Have a Security Problem?
https://www.salesforceben.com/do-salesforce-customers-have-a-security-problem/
Salesforce customers are facing a serious security problem - major companies like Grubhub, Loblaw, Hallmark, Qantas, Chanel, and Google have all been hit with data breaches over the past year, exposing millions of customer records including names, addresses, credit card numbers, and phone numbers. The hacker group ShinyHunters is behind most of these attacks and has warned that more breaches are coming. Salesforce customers clearly need to figure out what steps to take to protect themselves, and Salesforce needs to help make that happen. -
How Salesforce Admins Can Override Default System Email Addresses
https://www.salesforceben.com/how-salesforce-admins-can-override-default-system-email-addresses/
Salesforce is tightening security for system emails - now they'll only send if coming from trusted domains or if a special setting gets turned on. Admins can override default email addresses to cut down on emails sent from regular user accounts. The trick is switching to Org-Wide Email Addresses instead, which helps organizations stay compliant with the new rules while making emails more reliable and consistent. -
AppExchange, Slack Marketplace, and the Agentforce Ecosystem Are 'Now One' With Fresh $50M Funding
https://www.salesforceben.com/appexchange-slack-marketplace-and-the-agentforce-ecosystem-are-now-one-with-fresh-50m-funding/
Salesforce merged AppExchange, Slack Marketplace, and Agentforce into one unified platform called AgentExchange, backed by $50M in funding. Now users can browse over 10,000 apps, 1,000+ pre-built agents, and 2,600+ Slack apps in one place without jumping between different platforms. The platform includes smart semantic search powered by Data 360 - launching fall 2026 - that finds solutions based on what you actually need, not just keywords. Agentforce Builder gets what you're building and automatically suggests relevant agents, sub-agents, and tools to match your project, making it way easier to discover and manage everything. -
Meet the New MuleSoft Agent Fabric: Salesforce's Solution to Rogue Agents
https://www.salesforceben.com/meet-the-new-mulesoft-agent-fabric-salesforces-solution-to-rogue-agents/
Salesforce just upgraded its MuleSoft Agent Fabric - a tool that helps companies manage AI agents from different vendors all in one place. The new update adds better controls, security, and oversight so businesses can actually see what all their agents are doing. The whole point is to stop "agent sprawl," which happens when AI agents are scattered across different systems with no coordination. Agent Fabric gives companies a central dashboard to track and control everything, preventing chaos when multiple agents operate independently. -
Allow Salesforce Access to Customer Data
https://salesforcetime.com/2026/04/30/allow-salesforce-access-to-customer-data/
Salesforce has a default setting that lets the company use anonymized customer data for research, product improvement, and AI development - and many people didn't realize it was on. This doesn't mean Salesforce staff are casually reading customer records, but it's worth paying attention to, especially if the org handles sensitive or regulated info. The smart move is to understand what it actually does, talk it over with the right people, and decide intentionally whether to keep it enabled or turn it off, rather than just leaving it as-is. -
Salesforce: CURRENCYRATE()
https://www.simplysfdc.com/2026/05/salesforce-currencyrate.html
Salesforce has two currency exchange rate types - standard (which everyone gets) and dated (which you can turn on if you want). The CURRENCYRATE() function works great for making formula fields, but here's the catch - it only handles standard exchange rates, not dated ones, so your formulas will stick to the basic rate.
For devs
-
Build native React apps using the Salesforce Multi-Framework
https://www.infallibletechie.com/2026/04/build-native-react-apps-using-the-salesforce-multi-framework.html
Salesforce just made building React apps way easier with their new Multi-Framework tool. Instead of dealing with messy external hosting or iframe workarounds, you can now run React apps directly on Salesforce - no extra setup needed. Your apps automatically get Salesforce's security, authentication, and powerful backend right away. This guide helps architects, developers, and admins get started with building native React components using Agentforce Vibes, step-by-step. -
Single Responsibility Principle (SRP) in Salesforce Apex
https://salesforcecodex.com/salesforce/single-responsibility-principle-srp-in-salesforce-apex-a-complete-guide/
Salesforce developers often build massive "God Classes" that handle everything at once - data validation, API calls, calculations - all crammed into one trigger or helper class. It might seem faster initially, but it turns into a maintenance nightmare and doesn't scale. The Single Responsibility Principle solves this by ensuring each class does just one thing, making code easier to maintain and way cleaner. -
Say Goodbye to Hardcoded Event Handlers: LWC's lwc:on Directive in Spring '26
https://www.salesforcebolt.com/2026/05/Dynamic-Event-Listners-LWC-Salesforce.html
Lightning Web Components developers constantly struggle with hardcoded event handlers cluttering their templates - onclick, onmouseover, onfocus, onkeydown - all baked into HTML. When requirements shift at runtime, messy workarounds become necessary, but Spring '26 brings the lwc:on directive to solve this problem by letting developers attach and manage events dynamically instead of hardcoding them. -
Managing Agentforce using Salesforce Lightning Web Component
https://www.infallibletechie.com/2026/05/managing-agentforce-using-salesforce-lightning-web-component.html
Salesforce's Agentforce lets developers build smart, conversational AI tools for custom interfaces using Lightning Web Components - a fast, native framework. This guide walks through managing and integrating Agentforce with the lightning/accApi module, covers the key ideas, shares working code examples, and shares best practices to make sure your setup is ready for real business use.
For architects
-
Think, Show, Influence: The Real Path to Becoming an Architect for Devs and Admins
https://sforcemaximizer.com/think-show-influence-the-real-path-to-becoming-an-architect-for-devs-and-admins/?utm_source=rss&utm_medium=rss&utm_campaign=think-show-influence-the-real-path-to-becoming-an-architect-for-devs-and-admins
A developer working across different tech platforms loved building things but wondered what set architects apart - they coded less, skipped details, yet somehow got people's attention and made decisions happen. That question stuck around for years and completely shifted how to think about career growth. -
Integration Testing with Data Warehouse
https://mirketa.com/integration-testing-data-warehouse-guide/
Data warehouses help companies store and organize huge amounts of data from different sources for better decision-making. But just dumping data into a warehouse isn't enough - it needs to be accurate and properly transformed, or it'll lead to wrong conclusions and bad business choices. Integration testing solves this by checking the entire journey of data from source systems through transformation processes all the way to the warehouse, making sure nothing gets lost, corrupted, or messed up along the way. -
How We Increased Code Coverage by 28% Without Writing a Single Test
https://engineering.salesforce.com/how-we-increased-code-coverage-by-28-without-writing-a-single-test/
Tom Noah, a Senior Software Engineer at Salesforce's Security Mesh platform team, found a clever way to boost code coverage by 28% without writing any new tests - just by reorganizing data models. Working on systems that pull security signals from CrowdStrike, Okta, and internal monitoring to catch suspicious activity, the team needed reliable detection capabilities that wouldn't introduce bugs. Code coverage requirements were blocking feature releases at the file level even when modules met targets. Instead of adding tests, Tom restructured how the data models worked, which fixed the coverage issue and solved the metric distortion problem, letting the team ship new detection features while keeping everything trustworthy and stable.
Reddit Discussions
-
Dirty org security cleanup
https://old.reddit.com/r/salesforce/comments/1fi6ecr/dirty_org_security_cleanup/
Someone just inherited a messy Salesforce org with 150 users and way too many roles and profiles/permission sets all mixed together - nobody can figure out what the actual security setup is. Looking for advice on tools and steps to clean this up, plus any spreadsheets that map out dependencies. Thinking about starting fresh but first needs to show the business what a disaster it currently is so they get why this matters. -
A custom Salesforce AI agent framework running multi-step pipelines end to end, without Agentforce or Data Cloud
https://old.reddit.com/r/salesforce/comments/1slxc05/a_custom_salesforce_ai_agent_framework_running/
A custom Salesforce AI agent framework demo shows how to run multi-step support workflows as structured pipelines without Agentforce or Data Cloud. The framework breaks processes into focused agent stages - like Support Intake Agent, Case Dispatch Agent, and Escalation Review Agent - each handling specific tasks while the framework orchestrates everything together. The demo processes a support case through three sequential stages, tracking execution data for the entire pipeline plus each individual step, making the whole run inspectable and reportable. It handles real business operations like priority normalization, queue routing, rep assignment, and escalation review, then updates actual Salesforce records with final outcomes. The key difference from just chaining prompts is that it models pipelines as parent executions with child executions for each step, enabling proper inspection, reporting, and failure handling. Built on custom code, it's free and open-source under MPL 2.0, with docs and repo available - recently renamed from AI Agent Studio to Pluto. The framework creator is open to answering questions about pipeline orchestration and execution tracking. -
Solo Admin - NonProfit - Burnout
https://old.reddit.com/r/salesforce/comments/1smx5hc/solo_admin_nonprofit_burnout/
Solo admin at a nonprofit for 5 months, already burned out. Started right when Salesforce initiatives kicked off and immediately jumped into two simultaneous integrations - massive data transformation work that needed developer skills. On top of that, handled daily admin tasks, overhauled dev functions, and managed everything from discovery to training and project management. Created an Asana board tracking 320+ completed tasks. Now another big project plus data cleanup is coming, and they're feeling the burnout hitting hard while gathering requirements. Currently at 80k USD and seriously considering asking for a major raise - pretty justified given the workload. -
Hit the 500 field limit on Opportunity ? How can I identify unused Fields?
https://old.reddit.com/r/salesforce/comments/1so4ugp/hit_the_500_field_limit_on_opportunity_how_can_i/
Someone's Salesforce org hit the 500-field limit on Opportunity and needs to figure out which fields are actually being used - basically looking for dead weight to delete. They're asking for the best way to check field usage across the board, see which ones have actual data in them, and spot the unused ones that can be removed. Want to know if there are any tools, reports, or standard methods to track this kind of thing at scale without manually checking everything.
For AI enthusiasts
-
What Is Agentforce Labs? Salesforce's Experimental Hub for AI Agents
https://www.salesforceben.com/what-is-agentforce-labs-salesforces-experimental-hub-for-ai-agents/
Salesforce quietly launched Agentforce Labs at TDX - basically an experimental playground where admins and developers can test out early-stage AI agent tools before they go mainstream. It's not a finished product, but rather an open space filled with cutting-edge prototypes and AI research projects that Salesforce's teams are still working on. Think of it as early access to future features where users can explore new ideas, experiment with how these tools might work for their own projects, and help shape what Agentforce becomes next. -
Complete Guide to Creating an Agent in Agentforce
https://www.salesforceben.com/complete-guide-to-creating-an-agent-in-agentforce/
Agentforce is Salesforce's powerful new tool that makes AI agents accessible and easy for any business to use. Unlike regular chatbots that just talk about things, agents actually take action - they can do real work, not just give advice. Salesforce envisions a future where teams work with AI agents to handle specific tasks, making humans way more productive. Agentforce lets admins build these agents through Agentforce Studio to automate work across the business. For example, service teams can use agents to quickly find related Case records instead of jumping between screens manually, saving valuable time when every second counts. -
Deploying Agentforce in the Public Sector the Right Way
https://www.salesforceben.com/deploying-agentforce-in-the-public-sector-the-right-way/
Maria's been a benefits caseworker for eleven years and knows her stuff, but outdated systems slow her down every day - slow databases, scattered policy documents, and case backlogs that have nothing to do with her skills and everything to do with broken infrastructure. This problem is everywhere in government, and that's where AI conversations usually go sideways. Salesforce's Agentforce for Public Sector looks like the fix - it promises AI agents to help automate and scale government services - but here's the catch: the tech itself is only a small piece. The real work is in how you actually set it up, what data feeds it, and whether your systems are built to support it properly. Get those details wrong, and you don't improve anything - you just make mistakes faster.
Summer'26
-
What's New in the Salesforce Mobile App: Summer '26 Release
https://salesforcebreak.com/2026/05/07/new-mobile-app-summer-26/
Salesforce's Summer '26 mobile app is coming soon with some solid upgrades - smarter notifications, AI transcription, and React Native support across platforms. While it's still in preview, the changes matter if you manage mobile setups or build on the platform. Mobile often gets forgotten compared to bigger features, but for most teams it's where actual work happens - sales reps in the field, managers checking in between meetings, quick actions that matter. These updates make Salesforce way more usable on phones, which is usually what determines whether people actually adopt it or not.
View upcoming Salesforce events (next 7 days)
 |
Grzegorz Skaruz
|
If you no longer want to receive messages from me, you can always unsubscribe