Review the video below for detailed steps on how to connect Slack to MCAS. This can be used to detect malicious attempts by attackers to become Owner of the environmentįirst things first, you need to connect Slack to MCAS.
MCAS can detect when new users are granted administrative rights to Slack. Users allowed to manage a Channel are changed.No additional configuration is necessary: by simply connecting you will start seeing new alerts when applicable.Īctivity performed by terminated user (requires Azure Active Directory as IdP)Ĭustom policies can be used to be alerted when users perform activities that may cause data leakage, such as creating shared links, adding new users to channels, files being downloaded by anonymous users, etc.Ĭustom policies allow you to detect when critical security settings are being modified, such as allowing public share links to be created The built-in Threat Detection policies in Microsoft Cloud app Security will apply to Slack as soon as you have connected it. Therefore MCAS can be used to protect Slack in the following ways: Slack could be used to access corporate data, to impersonate users, conduct phishing attacks, etc. Why connect Slack?Īs one of the means of communication and data exchange within the company, Slack is prone to be a target for malicious actors. Slack is a widely used communication and collaboration app, and like other applications, it can host critical data, and be compromised by malicious users. Protect Slack using Microsoft Cloud App Securityįollowing popular demand, we are happy to publish our Slack app connector for Microsoft Cloud App Security!
0 kommentar(er)
