Begin Scanning a Slack for Enterprise App

To begin scanning a Slack for Enterprise app:
  1. Enable the privileges required for communication between Prisma SaaS and the Slack app.
    To establish communication, confirm the following:
    • Application installation applies to enterprise customers only, and must occur at the top-level enterprise organization.
    • The organization owner must contact exports@slack.com and request that the app is enabled for DLP API and integration with Prisma SaaS for successful cloud app connection.
      Only an organization owner can install Prisma SaaS.
    • The app is enabled for DLP API access. DLP API access provides visibility into the assets in Slack and allows Prisma SaaS to monitor the sharing of assets.
  2. Add the Slack app.
    1. From the Prisma SaaS
      Dashboard
      ,
      Add a Cloud App
      .
    2. Select
      Slack
      .
      slack-tile-frame.png
    3. Connect to Slack Account
      .
    4. Enter your team’s Slack domain and
      Continue
      .
    5. Sign in
      with an email address and password for the Slack account with administrative privileges.
    6. Review and
      Authorize
      the access and changes privileges for Prisma SaaS.
      slack-waiver.png
      Upon successful authentication, the new Slack app is added to the list of Cloud Apps as Slack 
      n,
      where
      n
      is the number of Slack app instances that you have connected to Prisma SaaS.
  3. (Optional)
    Give a descriptive name to this app instance.
    1. Select the Slack 
      n
      link on the Cloud Apps list.
    2. Enter a descriptive
      Name
      to differentiate this instance of Slack from other instances.
    3. Click
      Done
      to save your changes.
  4. Add policy rules.
    When you add a new cloud app, Prisma SaaS automatically scans the app against the default data patterns and displays the match occurrences. As a best practice, consider the business use of your app to determine whether you want toAdd a New Asset Rule to look for risks unique to Slack.
  5. (Optional)
    Configure or edit a data pattern.
    You can Configure Data Patterns to identify specific strings of text, characters, words, or patterns to make it possible to find all instances of text that match a data pattern you specify.
  6. Start scanning the new Slack app for incidents.
    1. Select
      Settings
      Cloud Apps & Scan Settings
      .
    2. In the Cloud Apps row that corresponds to the new Slack app, select
      Actions
      Start Scanning
      .
  7. Monitor the results of the scan.
    As Prisma SaaS scans files and matches them against enabled policy rules, you can Monitor Scan Results on the Dashboard to verify that your policy rules are effective. Monitoring the progress of the scan during the discovery phase allows you to Fine-Tune Policy to modify the match criteria and ensure better results.

Related Documentation