Slack Watchman for Enterprise Grid - 2.0.0

This major version release brings multiple updates to Slack Watchman for Enterprise Grid, both in usability, functionality and behind the scenes improvements.

Added

• Support for centralised signatures from the Watchman Signatures repository. This makes it much easier to keep the signature base for all Watchman applications up to date, and to add functionality to Slack Watchman with new signatures. New signatures are downloaded, and updates to existing signatures are applied, at runtime, meaning Slack Watchman for Enterprise Grid will always be using the most up to date signatures.
• Option for terminal optimised logging instead of JSON formatting. This is now the default when running with no output option selected, and is a lot easier for humans to read. Also, colours!
• Option choose between verbose or succinct logging when using JSON output. Default is succinct.
• Debug logging option

Removed

• Support for tombstoning posts that match signatures removed
• Local signatures - Centralised signatures mean that user-created custom signatures can't be used with Slack Watchman for Enterprise Grid anymore. If you have made a signature you think would be good for sharing with the community, feel free to add it to the Watchman Signatures repository, so it can be used in all Watchman applications
• For the reason above, the functionality to have sandbox signatures has been removed as well

Fixed

• Draft searches were giving an error due to not being able to populate some workspace information. This has now been fixed

Slack Watchman for Enterprise Grid - Version 1.1.0

Slack Watchman for Enterprise Grid: 1.1.0 - 2022-04-02

Added

• Docker image now available from the Docker hub, or by building from source.
• Support for Python 3.7
• New logo to play nicely with dark mode

Fixed

• More errors when importing packages

Slack Watchman for Enterprise Grid: 1.0.2

Slack Watchman for Enterprise Grid - 1.0.2 - 2021-12-30

Fixed

• Error when importing packages
• Signatures not being included in the distribution package

Slack Watchman for Enterprise Grid 1.0.1

Slack Watchman for Enterprise Grid - 1.0.1

Slack Watchman for Enterprise Grid uses the Slack Enterprise Grid DLP API to look for potentially sensitive data exposed in your Slack Enterprise.

Note: Slack Watchman for Enterprise Grid is designed for Enterprise Grid subscribers of Slack only. If you use Slack without an Enterprise subscription, you can use the standard version of Slack Watchman

Features

Slack Watchman for Enterprise Grid looks for:

• API Keys, Tokens & Service Accounts
  • AWS, Azure, GCP, Google API, Slack (keys & webhooks), Twitter, Facebook, GitHub
  • Generic Private keys
  • Access Tokens, Bearer Tokens, Client Secrets, Private Tokens
• Files
  • Certificate files
  • Potentially interesting/malicious/sensitive files (.docm, .xlsm, .zip etc.)
  • Executable files
  • Keychain files
  • Config files for popular services (Terraform, Jenkins, OpenVPN and more)
• Personal Data
  • Leaked passwords
  • Passport numbers, Dates of birth, Social security numbers, National insurance numbers, Drivers licence numbers (UK), Individual Taxpayer Identification Number
  • CVs, salary information
• Financial data
  • PayPal Braintree tokens, Bank card details, IBAN numbers, CUSIP numbers
  • Budget files

It looks for this exposed data across all workspaces in the Enterprise, in the following locations:

• Public channels
• Private channels
• Draft messages
• Slack connect channels
• Direct messages
• Multi-person direct messages