Bemærk
Adgang til denne side kræver godkendelse. Du kan prøve at logge på eller ændre mapper.
Adgang til denne side kræver godkendelse. Du kan prøve at ændre mapper.
This SIT is also included in the All credentials bundled SIT.
Important
You must enable Advanced classification scanning and protection if you want to use a credential scanning SIT in an endpoint DLP policy. This requirement is specific to the combination of credential scanning SITS and endpoint DLP policies. The advanced classification article gives you information about enabling advanced classification, and about configuring endpoints and the supported file types.
Format
A combination of up to 34 characters consisting of letters, digits, and special characters.
Pattern
A token prefix (case-sensitive) xoxp-, xoxb-, xoxa-, xoxr-, xoxo-, xoxs-, or xoxe-
A combination of up to 29 characters:
- 29 a-z (not case-sensitive)
- 0-9 or hyphens (-)
for example:
xoxp-abcdef-abcdef-abcdef-abcdef
Credential example
slack_token= xoxp-abcdef-abcdef-abcdef-abcdef;
Checksum
No
SITs that have checksums use a unique calculation to check if the information is valid. This means when the Checksum value is Yes, the service can make a positive detection based on the sensitive data alone. When the Checksum value is No, additional (secondary) elements must also be detected for the service to make a positive detection.
Keyword Highlighting
Supported
When keyword highlighting is supported in the contextual summary for a sensitive information type or a trainable classifier, in the Contextual Summary view of activity explorer, the keywords in a document that were matched to a policy are highlighted.
Definition
This SIT is designed to match the security information that's used to access Slack platform functionalities (for example Bot tokens, User tokens and App-level tokens).
It uses several primary resources:
- Patterns of Slack user/bot/workspace token.
- Patterns of CredentialName, CredentialFeatures, AccountIdentityName, AccountIdentityValue, ResourceType, ResourceName.
- Patterns of mockup values, redactions, and placeholders.
The patterns are designed to match actual credentials with reasonable confidence. The patterns don't match credentials formatted as examples. Mockup values, redacted values, and placeholders such as credential type or usage descriptions that are in the position where an actual secret value should be present won't be matched.
Keywords
Keyword_SlackTokens:
xox