Anypoint API Community Manager uses the same secure hardware, backup, disaster recovery, and business continuity systems as Salesforce and Anypoint Platform.
API Community Manager is part of Anypoint Platform, and each member has one Anypoint Platform account, which is also used as their API Community Manager account.
All connections between API Community Manager and related systems, such as Salesforce and Anypoint Exchange, are encrypted with Transport Layer Security (TLS).
During initial configuration, you can set API Community Manager to use a third party single sign-on (SSO) provider, such as Okta, for member connections to both Anypoint Platform and Salesforce systems.
If you discover a security vulnerability, follow the steps in How to Report Vulnerabilities or Security Issues on Mule Products to send a report to firstname.lastname@example.org with detailed steps to reproduce the vulnerability.