Links

Can I redact sensitive message content in Slack?

Redacting Sensitive Messages in Slack
In the Slack integration, you are now able to use redaction as a remediation action for messages. Similarly to how you can notify, quarantine, or delete messages, you can also choose to redact the sensitive info out of messages, so that only the first two characters of the sensitive token are shown, and the rest of the message is then shown as a set of *** characters. (Note: Redaction is only available for messages, and cannot be used for images/files shared in Slack) This is available in the Slack Enterprise integration. Please find some screenshots below, for what this workflow may look like:
  1. 1.
    A potential sensitive message is posted in a channel that is being monitored by a Nightfall Slack policy:
2. The Nightfall Alert is Generated:
3. Once the 'Redact message' option is chosen:
4. Once you confirm you would like to redact the message:
An audit log is generated showing that a redaction action was taken on the message
The original message has now been redacted
You can now see the redacted message in the original message location, as well as a small message that notifies the user their message has been redacted as it may contain sensitive information. In the Slack Policy itself, it will be shown in the list of Automated actions, along with the other remediation actions as well:
You can use this option from the console to automatically redact sensitive messages within Slack