Product guides

Slack notifications

Suggest Edits

Account Defender can automatically send you Slack notifications when it detect incidents matching your existing Policy Rules. You can learn how to configure Slack notifications in this article.

Prerequisites

You need a configured Slack integration. See our help article, Slack Integration, for more information.

Set up Slack notifications

To set up notifications, you need to:

  1. Create a Slack Action
  2. Add a Slack Action to a Policy Rule

Create a Slack Action

Once you have integrated with Slack, you must contact our team with the Slack channel you want to send the notifications to.

  1. Add your custom Slack app into a channel in your Slack Workspace. This is the channel that HUMAN will send notifications to.
  2. Contact HUMAN via your Technical Account Manager, Customer Success representative, or email us with the Slack channel's name.

Our team will set up a Slack Action for you for the specified channel. Once it's created, it will be available to be used in your Account Defender Policy Rules.

Next, be sure to add your Action to a Policy Rule so it triggers automatically.

Add a Slack Action to a Policy Rule

Once you have a Slack Action, we recommend adding it to a Policy Rule so you can automate when a request is sent to your organization. Slack messages can be sent with different fields depending on the attack type:

Field nameDescriptionAttack type availability
AppIDThe Application ID the attack was detected onNetwork, Single
Attack TypeThe type of attack (either account takeover or fake account)Network, Single
Matched rule nameThe name of the rule that detected the attackNetwork, Single
ScoreThe severity score assigned to the attack from 0-100Network, Single
Account IDsThe ID of the users in the network attack, or the ID of the user in a single attackNetwork, Single
Network IDThe unique ID for the networkNetwork

To add the Action to a Policy Rule:

  1. Navigate to Account Defender > Policies > Policy Rules.
  2. Select Create new rule or select an existing rule to edit it.
  3. Select Actions and navigate to Alerts & Notifications, which should display your Slack Action.
  4. In the Then section, drag and drop the Slack Action that should be triggered when the If condition is met.
  5. Select Save.

Your Policy Rule has been updated with your Slack Action. Now, whenever your rule is triggered, HUMAN will send a Slack message to the channel you specified so you can be notified immediately.

Updated 12 days ago