The 30 Discord security checks Black Cat runs
Black Cat SSPM evaluates 30 security policies against your Discord configuration on every scan, classifies each finding by risk, and provides remediation steps. Below is the full list, grouped by category.
access control
Enable 2FA requirement for moderator actions in Server Settings
Raise the server verification level to Medium or higher in Safety Setup
Enable Membership Screening to require new members to accept server rules
Remove the Administrator permission from roles that do not require full server control
Remove dangerous permissions from the role and grant only what is necessary
Remove all dangerous permissions from the @everyone role immediately
Reduce the number of roles with Administrator permission to the minimum necessary
Disable the Mention Everyone permission for roles that do not need it
Delete permanent invites and replace them with time-limited invites
Set a maximum use count on all server invites to control membership growth
Remove elevated permission overwrites for @everyone on the flagged channel
Restrict channel access so only appropriate roles can read and send messages
Reduce the number of members with admin-level roles to the minimum required
Reduce the number of members assigned to admin roles to the minimum necessary
Remove Administrator permission from bot-managed roles and configure specific permissions instead
configuration
Re-enable disabled AutoMod rules or delete them if no longer needed
Reduce the number of exempt roles and channels on AutoMod rules to maintain effectiveness
Simplify channel permissions by reducing the number of role and member overwrites
data protection
Set the explicit content filter to scan messages from all members
Disable Server Discovery to prevent the server from being publicly listed
Disable the server widget to prevent public exposure of member count and invite link
Enable AutoMod rules to protect the server against spam, harmful content, and mention abuse
Enable AutoMod keyword filtering to block messages containing harmful or prohibited words
Enable AutoMod spam protection to automatically detect and block spam messages
Enable AutoMod mention spam protection to prevent mass-mention abuse
Review NSFW channel designations and ensure age-restricted channels are intentional
third party risk
Review and remove unused integrations to reduce third-party risk
Review each webhook to confirm it is still needed and properly governed
Delete webhooks whose creator has left the server or that have no known owner
Remove Administrator permission from bot roles and grant only the permissions each bot requires