Security Health Check has six new settings. These changes apply to both Lightning Experience and Salesforce Classic.
We added the following high-risk security setting.
- Require Secure Connections (https) for all third-party domains
We added these medium-risk security settings.
- Enable Content Security Policy protection for email templates
- Enable XSS protection
- Enable Content Sniffing protection
We added the following low-risk security settings.
- Require identity verification during two-factor authentication registration
- Require identity verification for change of email address