Slack Integration with Grip Security - Posture (SSPM)

Overview

Slack integration with Grip’s SSPM module allows Grip to assess critical security configurations in your Slack Enterprise Organization.

Prerequisites

• A “Slack Enterprise Grid” is required

• A Grip user with Slack owner permissions

• We recommend reading the  “Introduction to Posture Management” article to learn about posture at Grip.

Configuration in Slack

Create a new app

From the Slack admin panel, go to “Configure apps” (1) >> click on Build (2).

Click on” Create New App” (3) and select the” From scratch” option (4).

• Give your App a name – (Recommended to include the SSPM in the name) (5) and select the workspace to develop your app in (6).

• Click the “Org Level Apps” in the side menu (7) >> “Enable Org-Readiness button” (8).

• Check the “I understand...” checkbox >> “Yes, Enable” button (9).

Add scopes

From the side menu, click on OAuth & Permissions (10) and add the following scopes:

• Bot Token Scopes -  Users:read (11).

• User Token Scopes – admin.users:read & users:read (12)

Scroll up and click the “Install to Organization” button (13).

Click on “Allow”.

Copy the “User OAth Token”, you will need it when connecting the SSPM integration.

 Connecting Slack to Grip SaaS Security Posture Management

From the Grip portal, go to “Posture” (1) >> “Add Tenant”(2)  

• Click on “Slack” (3)

• In the “Tenant Details” section, enter your own “Display Name” (4).

• in the “User OAUTH Token” field (5), paste the “User OAuth Token” from the previous step.

• Click on “Add Tenant”.

Once connected, the Tenant will be added to the “Connected Tenants” list 

Click the tenant to see and filter your policy statuses, assess your security posture, and begin fixing it.