Slack
The Slack integration detects a variety of data loss prevention, account misconfiguration, and user security risks in an integrated Slack Workspace that could leave you and your organization vulnerable.
- A Slack user account
- Membership in a Slack Workspace (Free, Pro, Business+, or Enterprise Grid)
- If you are not the Workspace Owner and the
Require App Approvalsetting is enabled for the Workspace, request permission ↗ to install apps.
For the Slack integration to function, Cloudflare CASB requires the following Slack API permissions:
channels:read
files:read
groups:read
users:read
These permissions follow the principle of least privilege to ensure that only the minimum required access is granted. To learn more about each permission, refer to the Slack Permission scopes reference ↗.
The Slack integration currently scans for the following findings, or security risks. Findings are grouped by category and then ordered by severity level.
|Finding type
|FindingTypeID
|Severity
|Description
|Slack: User with two-factor authentication disabled
d1cc8596-d22c-435c-9f94-3ba068f019cd
|Critical
|A user in the Slack Workspace does not have two-factor authentication (2FA) enabled for their account.
|Slack: User with unverified email
9fa4ae7c-07f0-453a-b232-e734b0f8877c
|High
|A user in the Slack Workspace has not verified the email they use to sign in.
|Finding type
|FindingTypeID
|Severity
|Description
|Slack: Channel shared externally
d298ba64-f013-4e28-b68a-63f758380355
|High
|A channel in the Slack Workspace has been shared with users who are not members of the Workspace.
|Finding type
|FindingTypeID
|Severity
|Description
|Slack: File publicly accessible with view access
9d96d3a2-696b-4802-98aa-c6c8572e806e
|Medium
|An external link has been created for a file uploaded to the Slack Workspace.
|Slack: File larger than 2 GB
c16d64a8-9f78-4f24-99ff-de7fcdc6871b
|Low
|A file ≥ 2 GB has been uploaded to the Slack Workspace.