00:00A collaboration platform such as Slack captures every exchange.
00:07Because collaboration systems are designed for openness, not restriction,
00:12secrets shared in the moment often persist long after they're needed.
00:16HCP Vault Radar helps security teams solve this common problem.
00:20So here I am in the HCP Vault Radar overview dashboard
00:23where I can see the latest scan results from a variety of data sources
00:27that I'm currently monitoring for unsecured secrets and data.
00:31Radar supports a large and growing number of data sources
00:34and now supports scanning of Slack instances.
00:38Let's go over to settings and I'll show you how easy it is to add Slack as a new data source.
00:44Radar provides three different methods for scanning for use case flexibility.
00:48A command line tool, agent-based scanning,
00:51and also scanning from the Radar SaaS platform itself.
00:54I'm going to select HCP Vault Radar scan
00:57and then scroll down to select Slack as my data source.
01:02Next, I'll click Connect to Slack to install the Slack app onto the workspace prior to onboarding.
01:08This initiates the OAuth flow with Slack.
01:12Configuring Slack requires authorizing HashiCorp Vault Radar
01:15through Slack's OAuth flow to obtain an access token
01:19that allows secure API calls on your behalf.
01:22Next, I'll select the Slack workspace I want to scan
01:27and allow it to share my permissions with HCP Vault Radar to verify.
01:33I can review the app permissions here as well.
01:37On the next page, you can see I'm successfully authenticated with Slack,
01:41so I'll click Next to set up my scan.
01:43Here, I can choose to initially scan and then monitor all channels
01:48or just select specific channels I want to scan and monitor.
01:52I'm going to select All and then click Finish to kick off my initial scan of this workspace.
01:57Now, in my monitor data sources list, I can see radar scanning to discover active resources.
02:04Once the scan is complete, I see my five monitor channels or resources
02:11and then I'll select my social channel first as it looks like I have quite a few events to investigate.
02:17I'll select my seven medium events and then start at the top of the list in the events pane.
02:22So, here I can see helpful information about this event,
02:27such as the severity, whether the secret is publicly visible, if it's active,
02:32and even who is responsible for introducing the unsecured data.
02:37I can also see whether the secret is currently being managed in Vault
02:41because I've securely connected my Vault cluster with Radar
02:44so it can correlate discovered secrets against those stored in Vault.
02:49This enables me to see if they've potentially been mishandled by someone.
02:53Next, I'll click on a link that takes me directly to the offending secret in the Slack channel
02:58so I can investigate it.
03:02Back in the events pane, I even have a link that takes me directly to documentation
03:06with detailed steps to remediate this problem.
03:10At this point, I've done my triage, so I'm going to change the status of this event to remediate
03:15and hand it over to the developer or other owner so they can remediate the problem.
03:21As you can see, by supporting Slack as a data source,
03:24Vault Radar enables organizations to scan their broader ecosystems
03:28to quickly find and remediate unsecured secrets
03:31to reduce and prevent the risks of secret sprawl.
03:34All right.
03:51You
Comments