Nightfall
HomeLoginDeveloper PlatformContact Us
Search…
Introduction
Why Cloud DLP?
Product Updates
Operationalizing DLP
Informing & Coaching Business Users
Running Historical Scans
Alert Management Guiding Principles
Integrating with Security Tools
Detection Engine
Getting Started
How Detection Works
Detectors
Detection Engine FAQs
Evaluating Detection
Nightfall for Slack
Nightfall for Slack: Demo Video
Getting Started
Alert Management
Remediation Guide
Nightfall for Slack Overview
FAQs
Nightfall for GitHub
Real-Time Scanning
Historical Scanning
Nightfall for GitHub Overview
Radar API Reference
Exporting Reports & Results
Integrating Webhook Endpoints
Integrating with Jira
Remediation Guide
Managed Services
FAQs
NIGHTFALL FOR GOOGLE DRIVE
Getting Started
Alert Management
Nightfall for Google Drive Overview
Remediation Guide
Historical Scanning
Demo Walkthrough Video
Nightfall for Confluence
FAQs
Getting Started
Real Time Scanning
Historical Scanning
Alert Management
Remediation Guide
Nightfall for Jira
Nightfall for Jira Overview
Jira Remediation Guide
Getting Started
Nightfall For Salesforce
Getting Started
FAQs
Account Management
User Administration
Authentication Options
Compliance
SOC 2 Compliance
HIPAA Compliance
PCI Compliance
Resources
FAQs
Login to Nightfall
Developer Platform
Platform Status
Contact Us
Powered By GitBook
Remediation Guide
Sensitive data like personal information or credentials can pose a large risk when found in Slack messages. Read our guide to remediating these DLP risks in Slack.
Nightfall’s Slack integration offers the ability to set up automated remediation workflows. In general, we recommend that before setting up automated remediation workflows, you first test detection while leveraging manual workflows. Once you’ve optimized detection and identified key patterns in the types of violations and required remediation action, you can automate the process.
Slack alerts on violations in real time, and remediation actions are taken from within the Slack interface.
Manual Slack remediation options will appear as options within the violation alert, and include:
  • Delete the violation (Pro and Enterprise)
  • Notify the end user
  • Quarantine the violation (places the violation in the “Content” channel and the “Quarantine channel) (works on Nightfall for Slack Enterprise plan only)
  • Redact message (will replace the message with a set of ** characters, aside from the first few characters) (works on Nightfall for Slack Enterprise plan only - only for messages, not for images/files)
Note: If you are an existing customer interested in using redaction as a remediation action, please reach out to your Customer Success Manager. Setup for redaction will require a reinstallation of the Nightfall for Slack Enterprise application.
There are also Automated actions available for the Slack Pro and Slack Enterprise integrations, which are illustrated below:

For Slack Pro, the options for Automated Actions are to Notify the user, or to Delete the message that caused the violation.
Automated Slack Pro remediation options can be found in the policy, and include:
  • Delete the violation
  • Notify the end user

Remediation options for Slack Enterprise can also be seen in the Policy view, and will include:
  • Delete the violation (Pro and Enterprise)
  • Notify the end user
  • Quarantine the violation (places the violation in the “Content” channel and the “Quarantine channel) (work on Nightfall for Slack Enterprise plan only)
  • Redact message (will replace the message with a set of ** characters, aside from the first few characters)
If you select the Quarantine option, the content of the message will be sent to the ‘#nightfall-content-slack’ channel, and the original message will be replaced with a tombstone message, indicating that the original message is no longer available.
The channel that will receive the alert messages for policy violations from is #nightfall-alerts-slack. Similarly, for messages that are quarantined, an alert will also be sent to the #nightfall-quarantine-slack channel for all quarantined message alerts.
Nightfall for Slack - Previous
Alert Management
Next - Nightfall for Slack
Nightfall for Slack Overview
Last modified 8mo ago
Copy link
On this page
Automated Actions for Slack Pro
Automated Actions for Slack Enterprise