Integrating Polar Security with Slack

See how Polar Security integration with Slack can help you uncover sensitive information shared in Slack messages and files inside and outside your organization.

Overview

Polar Security App for Slack can help security and compliance teams find any sensitive information shared within Slack Messages and shared files.

Connecting Polar Security to more SaaS applications and Cloud Workloads can show if sensitive information was copied between different cloud accounts, who has access to sensitive information, and how sensitive data flows in your Cloud.

Installation

To connect Polar Security to your Slack:

  1. Login to Polar Security Dashboard
  2. Go to Settings
  3. "Click on Connect Cloud Account" -> "SaaS Application" -> and choose Slack
  4. Follow the instructions on the screen and click on "Open Authorization window"
  5. Approve the OAuth scopes and access permissions

Polar Security will now use the permissions to discover and classify sensitive information shared within files and messages in public Channels.

Slack User Token Scopes

To find sensitive information shared within Messages and shared files, we need to use the following User Token scopes

OAuth Scope Description Reason
bookmarks:read List bookmarks The bookmarks read will be used to track important messages in chats to make sure there is no sensitive data in them
channels:history View messages and other content in a user’s public channels The channels history will be used to read historical chats lists for discovery
channels:read View basic information about public channels in a workspace The channels read will be used to track chats and find sensitive data on them
files:read View files shared in channels and conversations that a user has access to The files read will be used to find sensitive data in files added to chats in public and private channels
groups:history View messages and other content in a user’s private channels The groups history will be used to read historical group chats lists for discovery
groups:read View basic information about a user’s private channels The groups read will be used to track group chats and find sensitive data on them
im:history View messages and other content in a user’s direct messages The IM history will be used to read historical chats lists for discovery of a user's messages and shared files
im:read View basic information about a user’s direct messages The IM read will be used to track chats and files in order to find sensitive data on them
mpim:history View messages and other content in a user’s group direct messages The MPIM history will be used to read historical chats lists for discovery of a user's messages and shared files
mpim:read View basic information about a user’s group direct messages The MPIM read will be used to track chats and files in order to find sensitive data on them
pins:read View pinned content in a user’s channels and conversations The pins read will be used to track important messages in chats to find sensitive data saved in them
remote_files:read View remote files added by the app in a workspace The remote files read will be used to find sensitive data on files added by the app
search:read Search a workspace’s content The search read will be used to supply search params for the customer on the workspace - to find specific messages or files with sensitive information in them
stars:read View a user’s starred messages and files To provide our customers full visibility over the sensitive files in the SaaS applications (specifically for Slack), we require read only permissions for Slack. The starts read will be use to track important messages in chats
team.preferences:read Allows Polar Security to read a workspace's preferences The team.preferences read will be use to understand the team settings about external sharing
team:read View the name, email domain, and icon for workspaces a user is connected to The team read will be used for customer usability, showing the customer the name, domain, and icon for the workspace
usergroups:read View user groups in a workspace The usergroups read will be used to map the team groups to show insights on who has access to sensitive information shared in a message or a file
users.profile:read View profile details about people in a workspace The users profile read will be used to get basic user profile details (like name and email) to show in Polar's dashboard as Owner/Sender information
users:read View people in a workspace The users read will be used to map the team users to show insights on who has access to sensitive information shared in a message or a file
users:read.email View email addresses of people in a workspace The users read email will be used to get internal and external user's email address so we can show as Owner/Sender of sensitive information

Additional Help

Should you have any issues, don't hesitate to contact us at support@polar.security.

Evaluate Your Data Exposure

Get My Assessment