Blog

Introducing in-browser app banners: Set guardrails for cloud apps | Learn more →

Ready to help

ChatOps topic guide: Security findings

Get ChatOps security team notifications about new security findings, such as when your employees use leaked, weak or reused passwords or share accounts, or when their accounts lack MFA protection. When the issue is fixed, Push will also let you know.

What kind of messages are sent?

You can choose to be notified about all new security finding types, or just the ones you care about. In the Push admin console, go to ChatOps > Security findings and then disable any subtopics you don’t need.

ChatOps security finding topic - config screen - KB 10093

You can choose to be notified about the following findings:

  • Leaked passwords: Employees using leaked passwords

  • Password weakness: Employees using weak passwords

  • Password reuse: Employees reusing passwords

  • Shared accounts: Employees sharing account credentials

  • Password manager not in use: Employees manually typing their passwords

  • Multi-factor authentication not registered: Employees not registering for MFA

  • Unused third-party integrations: Employees not using integrations in the last 90 days

When the Push platform observes a security finding, you’ll get notifications to your specified Slack or Microsoft Teams channel like this:

Security finding chat message - reused password - KB 10093

When a finding is resolved, the message will be updated to look like this:

ChatOps message - security finding - resolved - KB 10093

If a finding is resolved more than 90 days after the original finding message was sent, Push will send a separate resolution message.

Who will be messaged?

Your designated Slack or Teams channel. You do not need to activate ChatOps for individual Push administrators using these channels. Once you enable the topic, messages will begin to be sent to your channel.

When will they be messaged?

Immediately after Push observes a new finding or a resolution to an existing finding. Note that Push must observe the resolution (such as an employee logging in with their newly changed password) in order to report it.

What do I need to do?

You can learn more about a finding by clicking the link in the chat message, or by logging into the admin console and going to the Apps page. Use the filter icon to filter the list to the type of findings you want to review more closely.

You can also filter the Employees list by finding type to see findings for a particular person.

Related articles