The 25 Notion security checks Black Cat runs
Black Cat SSPM evaluates 25 security policies against your Notion configuration on every scan, classifies each finding by risk, and provides remediation steps. Below is the full list, grouped by category.
access control
Remove unnecessary guest users from the Notion workspace
Remove or deactivate inactive members who have not accessed the workspace recently
Ensure all workspace members have a valid email address configured
Add a description to the Notion integration to document its purpose
Restrict integration capabilities to the minimum required permissions
Remove or deactivate integrations that have not been active recently
Restrict the integration to specific pages or databases instead of workspace-wide access
Review workspace membership and remove unnecessary members to reduce access sprawl
Review and reduce guest accounts when they exceed 50% of workspace membership
Configure a descriptive name for bot users to enable proper auditing
configuration
Review and archive or delete pages that have not been edited in over 180 days
Investigate orphaned pages without a parent and move or delete them
Review and archive or delete databases that have not been edited in over 180 days
logging
Investigate audit log events with unidentifiable actors
sharing
Disable public web sharing for the flagged Notion page
Update or disable public sharing for stale publicly accessible pages
Remove unnecessary external guest access from the flagged Notion page
Disable public web sharing for the flagged Notion database
Disable public page sharing at the workspace level in Notion settings
Disable guest invitations at the workspace level to prevent external access
Disable content export at the workspace level to prevent unauthorized data extraction
Move publicly shared pages out of the workspace root or disable public sharing
Update or disable public sharing for databases not edited in over 90 days
Move publicly shared databases out of the workspace root or disable public sharing
Disable public sharing for inline databases that may expose structured data