Findings (Daily Alert) with BalkanID Slackbot

BalkanID Risk Managers can get daily alerts for Findings via the BalkanID Slackbot, keeping them up to date on the access issues that should be addressed without needing to visit the app (contact [email protected] to enable this alert).

Daily Alerts

For each Finding Rule that has any findings, an alert will be sent via BalkanID Slackbot to each Risk Manager at 9AM CT every day.

Each such alert message includes the name and severity of the Finding, a summary of number of employees, identities and app integrations affected and a link back to the BalkanID web app for further information.

Additionally a list of matched Users and Identities is shown. See the screenshot below for a couple example alerts.

Configuration

These alerts can be configured on the Configure > System Notifications page under Findings, where the alert can be toggled on and off for all and for individual Finding Rules. Additionally, the alerts for individual Finding Rules can be sent to Slack Channels instead of direct messages from BalkanID Slackbot.

Enable/Disable

Findings (Daily alert) notifications can be disabled entirely with the notification group level toggle, and individually for specific Findings.

Send to Slack Channels

The alerts for each Finding can be be sent to a Slack Channel instead of direct message using the Send to Channel option. Default Channel can be set as a fallback for Findings without a channel individually specified.

Severity Level

If you'd rather not receive alerts for lower priority findings, but don't want to manage individually toggling specific Finding alerts on and off, you can set the Severity Level option, which is the minimum Finding Severity for which an alert will file. The default Severity Level is High to avoid noisy alerts, but it can be lowered or raised as needed.

Rollup

To summarize and reduce notification noise further, multiple Findings can be combined with less details in a single alert, by setting the Rollup toggle for those Findings.

See Notification Preferences for more details on configuring notification preferences such as the Allow user override toggles.