Skip to content

The 25 Notion security checks Black Cat runs

Black Cat SSPM evaluates 25 security policies against your Notion configuration on every scan, classifies each finding by risk, and provides remediation steps. Below is the full list, grouped by category.

access control

mediumGuest User Sprawl

Remove unnecessary guest users from the Notion workspace

mediumInactive Member

Remove or deactivate inactive members who have not accessed the workspace recently

mediumMember Without Email

Ensure all workspace members have a valid email address configured

lowBot Without Description

Add a description to the Notion integration to document its purpose

highBroad Integration Capabilities

Restrict integration capabilities to the minimum required permissions

mediumStale Integration

Remove or deactivate integrations that have not been active recently

mediumUnrestricted Integration

Restrict the integration to specific pages or databases instead of workspace-wide access

lowExcessive Workspace Members

Review workspace membership and remove unnecessary members to reduce access sprawl

mediumExcessive Guest Ratio

Review and reduce guest accounts when they exceed 50% of workspace membership

lowBot User Without Name

Configure a descriptive name for bot users to enable proper auditing

configuration

mediumStale Page

Review and archive or delete pages that have not been edited in over 180 days

lowOrphaned Page Without Parent

Investigate orphaned pages without a parent and move or delete them

mediumStale Database

Review and archive or delete databases that have not been edited in over 180 days

logging

mediumAudit Log Anonymous Actor

Investigate audit log events with unidentifiable actors

sharing

highPublicly Shared Page

Disable public web sharing for the flagged Notion page

highStale Public Page

Update or disable public sharing for stale publicly accessible pages

mediumExternal Guest Access

Remove unnecessary external guest access from the flagged Notion page

highPublicly Shared Database

Disable public web sharing for the flagged Notion database

highPublic Sharing Enabled

Disable public page sharing at the workspace level in Notion settings

mediumGuest Invitations Enabled

Disable guest invitations at the workspace level to prevent external access

mediumExport Enabled

Disable content export at the workspace level to prevent unauthorized data extraction

highRoot Level Public Page

Move publicly shared pages out of the workspace root or disable public sharing

highStale Publicly Shared Database

Update or disable public sharing for databases not edited in over 90 days

highRoot Level Public Database

Move publicly shared databases out of the workspace root or disable public sharing

mediumInline Public Database

Disable public sharing for inline databases that may expose structured data

See these checks run on your stack

Start a free 14-day trial — no credit card required.

Start Free Trial