Slack Security Posture Management Controls

Learn how to increase your Slack security by configuring security controls.

Written By William Tran (Administrator)

Updated at June 5th, 2024

  1. Severity - Criticality of the control (high, medium, low, info)
  2. Control - Subject and description of the control
  3. Status - Current completion status of the control
  4. Points Achieved - Number of points earned from the control and based on its completion progress, customers can earn all, partial, or no points
  5. Impact - The percent increase of the overall Posture Score once the control is completed
  6. Control User/Global Type - Indication of whether the control can be addressed by an individual user or by an administrator
  7. Control Monitor Type - Indication of whether the control is automatically monitored by the SpinOne platform or is manually monitored by the customer 
  8. Category - Security category the control belongs in

 

Control Overview

Clicking on each control opens up more information and actions customers can take.

  1. Description - A detailed explanation of the control and potential issues if not configured correctly
  2. Insights - Relevant information of assets that meet or do not meet the control
  3. Actions - Detailed instructions on how to correctly configure the control 
  4. Manage & Share - Ability to change status or share control to an integration (explanation below)
  5. Protected Users - The number of users currently protected by the control

 

Manage & Share

Manage allows customers to change the status of the control. Depending on whether the control is automatically or manually monitored, the following control statuses are available:

  • Automated Monitoring - Control is automatically monitored by the SpinOne platform
  • Pass - Control is addressed and fully implemented
  • Alternative Resolution - Control is addressed and fully implemented through alternative methods
  • Risk Accepted - Control is not addressed or implemented but the imposed risk has been accepted
  • To Address - Control is not addressed or implemented at all
  • Suppressed - Control is not relevant 

To change the control status, customers must include their reasoning by adding a note.

 

Share allows customers to share the control to Email, Jira, & ServiceNow integrations. This allows the user to assign the control to different departments within the organization by creating a ticket for them, or acts as a way to notify End Users of changes they need to make from their end.

 

 

Was this article helpful?