10 Slack security tools compared

Slack does a good job of protecting its own code, but you'll need help to stop malware delivered through Slack messages or to avoid exposing personal information.

Slack logo / security / network
Slack / Your Photo / Getty Images

Slack is fast becoming one of the most popular communication and collaboration tools for business, corporate and professional users. Its elegant interface and overall ease of use has allowed Slack to outpace most other instant messaging deployments. With over 10 million daily active users, it’s even making a run at replacing email in some organizations.

In terms of protecting messages from outside eyes, the Slack platform does a good job. It features end-to-end encryption which includes data at rest. The platform also holds high-level security and compliance certifications from both government and private sector regulatory organizations.

As good as messaging protection is in Slack, a native installation of the application remains vulnerable in a few key areas. For one, Slack has over 900 bots and apps to connect it to third-party programs like Salesforce and Google Drive. That means that vulnerabilities in any of those external programs could carry over to Slack.

More critically, while protecting messages from unauthorized and outside users is handled well, Slack natively does not scan for malware, protected content, personal information or even objectionable material. Whether by unintentional users, turncoat insiders or hackers who have compromised an authorized user’s credentials, there is nothing preventing Slack from being used to spread malware or acting as a jumping off point for lateral movement by skilled attackers.

To lockdown, monitor and control internal messages and content within Slack, the company opened up the platform to third-party developers. Now about 80 apps are designed to do everything from filtering URLs to blocking malware to remediating threats within Slack. Here are ten tools that can help protect your Slack deployment.

To continue reading this article register now

The 10 most powerful cybersecurity companies