If you're working with a partner, it's critical to ensure they do not modify global instance security settings without explicit review/approval from your platform team. One recurring issue we see are vendors enabling 'ALL' level outbound REST logging platform-wide to troubleshoot a single integration. This often captures authorization headers in plain text for every outbound call, which is a significant and avoidable risk. To Partners: Please don’t enable elevated outbound lo
