The 39 Slack security checks Black Cat runs
Black Cat SSPM evaluates 39 security policies against your Slack configuration on every scan, classifies each finding by risk, and provides remediation steps. Below is the full list, grouped by category.
access control
Enable SAML single sign-on for the workspace
Enforce SAML SSO as the only allowed authentication method
Restrict public channel creation to workspace admins or owners
Enable admin approval for workspace invitations
Restrict workspace analytics access to admins only
Restrict app installation and management to workspace admins
Require all apps to be sourced from the Slack App Directory
Set a session duration limit for Slack desktop clients
Set a session duration limit for Slack mobile clients
Prevent SSO-managed users from changing their email address in Slack
Enforce display name synchronisation from the SSO identity provider
Enable TLS-enforced delivery for workspace email invitations
Restrict Slack Connect shared channel creation and management to admins
Restrict Slack Connect direct messages to verified external organisations
Restrict guest access to slash commands and app interactions
Reduce the number of workspace admins to the minimum necessary
Reduce the number of workspace owners to two or fewer
Remove admin privileges from guest accounts
Ensure at least two workspace owners exist for business continuity
Convert multi-channel guests to single-channel guests or full members as appropriate
Require admin approval before app installation
compliance
Configure a custom message retention policy for public channels
data leakage
Disable public file sharing links for the workspace
governance
Set a time limit on how long members can edit messages
Restrict Slackbot custom response creation to workspace admins
Restrict @channel and @everyone mentions in
Restrict channel archiving to workspace admins only
Restrict deletion of public channels to workspace admins only
Restrict Workflow Builder creation to workspace admins only
Enable notifications when new members join the workspace
Restrict deletion of private channels to workspace admins only
Restrict user group creation and management to workspace admins
Restrict @channel and @here usage to workspace admins
Require members to use their real (full) names as display names
Reduce default channels to only the essential ones for new members
Archive inactive channels with no recent activity
Ensure all installed apps have descriptive names and documented purpose
mfa
Enable mandatory two-factor authentication for the workspace
Enable two-factor authentication for the flagged user account