Platform as a Service

Heroku Shield

Name: Heroku Shield
Brand: Salesforce

by Salesforce

Moderate ImpactAuthorized

Impact Level

Moderate

Status

Authorized

Pricing

mid market

Authorization Date: March 22, 2020 | Sponsoring Agency: GSA

Overview

Heroku Shield is a compliance-focused PaaS that extends the Heroku developer experience with FedRAMP Moderate security controls. It provides private spaces, trusted IP ranges, and enhanced logging for regulated workloads. Heroku Shield simplifies compliance while maintaining developer productivity.

Key Features

✓FedRAMP Moderate baseline controls

✓Private Spaces isolation

✓Trusted IP ranges

✓Audit trail logging

✓Automated compliance reporting

✓Shield Postgres encrypted database

Defense Contractor Use Case

Defense contractors use Heroku Shield for rapid prototyping and deploying customer-facing applications that require FedRAMP Moderate authorization without the overhead of managing infrastructure.

Related Products

HighAuthorized

Salesforce Government Cloud

Salesforce

ModerateAuthorized

GitHub Enterprise Cloud for Government

Microsoft (GitHub)

More Platform as a Service Products

High

Azure App Service (Government)

Microsoft

High

AWS Elastic Beanstalk (GovCloud)

Amazon Web Services

Moderate

Google App Engine (Government)

Google

Moderate

Red Hat OpenShift for Government

Red Hat

Frequently Asked Questions

What is the FedRAMP authorization level for Heroku Shield?

Heroku Shield is authorized at the FedRAMP Moderate impact level, with authorization granted on 2020-03-22 sponsored by GSA. The FedRAMP Moderate baseline includes approximately 325 security controls covering confidentiality, integrity, and availability.

Can defense contractors use Heroku Shield for CUI?

Heroku Shield is authorized at the FedRAMP Moderate baseline. While FedRAMP Moderate covers a broad range of government data, defense contractors handling CUI should carefully evaluate whether Moderate controls meet their specific DFARS 252.204-7012 and NIST 800-171 requirements. Some CUI categories may require FedRAMP High authorization depending on the sensitivity of the data and contract requirements.

How does Heroku Shield pricing compare to commercial?

Heroku Shield government pricing is generally competitive with commercial pricing, though the government edition may carry a premium of 10-20% to cover FedRAMP compliance and dedicated infrastructure costs. Mid-market organizations can often access government pricing through GSA Schedule contracts or reseller partners. Contact Salesforce for a quote tailored to your organization size and requirements.

Browse All FedRAMP Authorized Tools

Search and filter 80+ FedRAMP authorized products for your defense contracting needs.

Open FedRAMP Finder

← FedRAMP Authorized Products

Frequently Asked Questions