Skip to main content
Skyhigh Security

About Skyhigh CASB for Slack

Skyhigh CASB for Slack provides compliance and security governance through Data Loss Prevention (DLP) policies for data stored in Slack.

There are two ways to integrate Skyhigh CASB and Slack:

  1. API. Using the API integration allows you to use near real-time DLP, collaboration control (including quarantining files). Skyhigh CASB for Slack supports real-time scanning of active files within a Slack implementation through the Slack API, and nearly all aspects of Threat Protection and activity monitoring.
  2. Reverse Proxy. Best for those who want to have an inline real-time control over the data (Files/Chat messages/Snippets) being transferred to Slack and Contextual Access Control. The Skyhigh CASB Reverse Proxy solution doesn't require any endpoint control and integrates via SSO. The use case currently supported is to redirect all managed devices and block unmanaged devices. In general, native apps won't work and mobile browsers are supported. It needs to be validated based on the latest changes in native apps whether traffic comes to proxy and it can be supported through request headers attributes coming via SAML/MDM (Mobile Device Management solutions like Ivanti Neurons, Microsoft Intune, VMware) or via agents like Skyhigh Security Mobile Control Security (MMCS) or via User Agents

Slack Huddles Support

Skyhigh CASB for Slack provides a way for organizations to extend existing data loss prevention (DLP) policies to Slack huddles, which are used to set up quick meetings with internal or external users of a channel.

Slack huddles provides the following use cases:

  • Pure Content. Identifies the sensitive content of the messages or files shared by any user in the huddle and takes Quarantine/Delete as remediation actions.
  • Pure collaborations. If a user joins a huddle, Skyhigh CASB does not receive any event, so the pure collaboration policies cannot be applied.
  • Content-aware-collaboration. The collaboration policies are evaluated based on all channel members rather than the members who are present in the huddle. Although messages/files are shared in the huddle, Skyhigh CASB receives only channel information in the events and the received event does not contain any information about members who are present in the huddle.

Slack Canvas Support

Skyhigh CASB for Slack provides a way for organizations to extend existing data loss prevention (DLP) policies to Slack canvases, which are used to set up meeting notes, project briefs, checklists, company newsletters, and more with internal or external users via channels, direct messages (DMs), Huddle and more within Slack. 

Skyhigh CASB API Integration for Slack Canvas supports the following use cases:

Supported Content-based Use Cases for Slack Canvas
Content-based Use Cases Supported DLP Protection DLP Policy Response Actions
Messages Yes Messages sent in Canvas comments
  • Create an Incident
  • Delete
  • Send Bot Notification
Files Yes

Files uploaded to Canvas and in Canvas comments

  • Create an Incident
  • Quarantine
  • Send Bot Notification
Text added to the Canvas No API Limitation N/A
Canvas embedded into a Canvas No API Limitation N/A
Supported Content-aware Collaboration Use Cases for Slack Canvas
Content-aware Collaboration Use Cases Supported DLP Protection DLP Policy Response Actions
Canvas shared via Slack Channels (Public/Private/Shared) Yes Files uploaded to Canvas
  • Create an Incident
  • Quarantine
  • Delete
  • Send Bot Notification
Canvas shared via Direct Messages (DMs) Yes Files uploaded to Canvas
  • Create an Incident
  • Quarantine
  • Delete
  • Send Bot Notification
Canvas shared via Multi-Party DMs (MPDM)  Yes Files uploaded to Canvas
  • Create an Incident
  • Quarantine
  • Delete
  • Send Bot Notification
Canvas shared via Slack Connect connections Yes Files uploaded to Canvas
  • Create an Incident
  • Quarantine
  • Delete
  • Send Bot Notification
Canvas shared via Huddles Partially Files uploaded to newly created Canvas
  • Create an Incident
  • Quarantine
  • Delete
  • Send Bot Notification
Canvas shared via Copy Links No API Limitation

N/A

  • Was this article helpful?