SLASH
SLASH connects your security assessment workflow to Slack, keeping your team informed and enabling quick actions on vulnerabilities—all from your Slack workspace.:bell: Real-Time Notifications
Get instant notifications in your Slack channels when:
• New vulnerabilities are discovered
• Vulnerability statuses change
• Comments are added to vulnerabilities
• Pentest statuses are updated
• Reports are published:zap: Interactive Actions
Take action directly from Slack without switching apps:
• Change vulnerability status with a dropdown menu (New, Triaged, In Progress, Resolved, Won't Fix)
• Add public comments to discuss vulnerabilities with your team
• Add internal comments for private team discussions
• Reply in threads to continue conversations:dart: Smart Configuration
• Link different Slack channels to different pentests
• Filter notifications by severity (Critical, High, Medium, Low)
• Enable or disable specific notification types
• Configure per-pentest channel routing:lock: Security & Privacy
• Secure OAuth 2.0 authentication
• Organization-based access control
• Internal comments from security teams remain private
• User verification ensures only authorized team members can take actions:bar_chart: Perfect For
• Security teams managing multiple pentests
• Client organizations tracking vulnerability remediation
• Teams collaborating on security assessments
• Organizations needing real-time security updatesSLASH streamlines your security workflow by bringing critical information and actions directly to where your team already works—Slack.---
Need help? Contact support or check our documentation for setup instructions.
---
Get instant notifications in your Slack channels when:
• New vulnerabilities are discovered
• Vulnerability statuses change
• Comments are added to vulnerabilities
• Pentest statuses are updated
• Reports are published:zap: Interactive Actions
Take action directly from Slack without switching apps:
• Change vulnerability status with a dropdown menu (New, Triaged, In Progress, Resolved, Won't Fix)
• Add public comments to discuss vulnerabilities with your team
• Add internal comments for private team discussions
• Reply in threads to continue conversations:dart: Smart Configuration
• Link different Slack channels to different pentests
• Filter notifications by severity (Critical, High, Medium, Low)
• Enable or disable specific notification types
• Configure per-pentest channel routing:lock: Security & Privacy
• Secure OAuth 2.0 authentication
• Organization-based access control
• Internal comments from security teams remain private
• User verification ensures only authorized team members can take actions:bar_chart: Perfect For
• Security teams managing multiple pentests
• Client organizations tracking vulnerability remediation
• Teams collaborating on security assessments
• Organizations needing real-time security updatesSLASH streamlines your security workflow by bringing critical information and actions directly to where your team already works—Slack.---
Need help? Contact support or check our documentation for setup instructions.
---
SLASH will be able to view:
SLASH will be able to do:
Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.
General
Developer
SECURITYWALL LLC
Company headquarters location
United States
Terms of service
Privacy & data governance
Data retention policy
We retain customer's information only as long as necessary:
- Active Engagement: During the course of service delivery and engagement
- Assessment Records: Security assessment data retained for 7 years (industry standard and compliance requirements)
- Certificates: Certificate records maintained indefinitely for verification purposes
- Communication: Customer communication retained for 3 years
- Legal Requirements: Some data retained longer when required by law or regulation
After retention periods, data is securely deleted or anonymized
Data archiving and removal policy
SecurityWall will remove Customer Data in accordance with the following policy:
• Upon Request: Customer Data will be removed within 30 days of receiving a valid deletion request, subject to legal retention requirements
• Request Process: Deletion requests must be submitted in writing to support@securitywall.co with verification of account ownership
• Retention Exceptions: Certain data may be retained longer when required by:
- Legal obligations (e.g., court orders, regulatory requirements)
- Legitimate business interests (e.g., dispute resolution, fraud prevention)
- Industry standards (e.g., security assessment records retained for 7 years)
- Contractual obligations with customers
• Deletion Methods: Upon removal, Customer Data is:
- Permanently deleted from active systems within 30 days
- Removed from backup systems within 90 days (backup rotation cycle)
- Securely overwritten to prevent recovery
- Verified through deletion audit logs
• Archival Process:
- Data may be archived (moved to secure, encrypted long-term storage) before final deletion if required for legal or compliance purposes
- Archived data remains encrypted and is only accessible for legal or regulatory purposes
- Archived data is subject to the same retention periods and will be permanently deleted upon expiration
• Third-Party Data: Data shared with third-party integrations (Slack, Jira) will be removed from our systems per this policy, but may remain in those third-party services according to their retention policies
Data storage policy
SecurityWall stores Customer Data in accordance with industry best practices and compliance requirements:
• Storage Infrastructure: Customer Data is stored on SOC 2 Type II compliant cloud infrastructure with enterprise-grade security controls
• Geographic Locations: Data is primarily stored in secure data centers located in the United States and Germany. Specific locations are disclosed in service agreements
• Encryption at Rest: All Customer Data is encrypted at rest using AES-256 encryption standards
• Encryption in Transit: All data transmission uses TLS 1.2 or higher protocols
• Access Controls: Data access is restricted through role-based access controls (RBAC) with mandatory multi-factor authentication (MFA)
• Backup and Redundancy: Regular encrypted backups are maintained with geographic redundancy to ensure data availability and disaster recovery
• Data Segregation: Customer Data is logically segregated and isolated to prevent unauthorized access between customer environments
• Infrastructure Security: Our cloud infrastructure providers maintain certifications including SOC 2, ISO 27001, and other relevant security standards
• Monitoring and Logging: All data access and storage activities are logged and monitored for security and compliance purposes
We ensure that Customer Data storage complies with applicable data protection laws and industry regulations.
Data center location(s)
Germany, United States
Data hosting details
Cloud
Data hosting company
AWS , CONTABO
App/service has sub-processors
no
App/service uses large language models (LLM)
no
Certifications & compliance
GDPR commitment
Data deletion request procedure
SecurityWall processes data deletion requests within 30 days of receiving a verified written request to support@securitywall.co. We permanently delete data from active systems within 30 days and from backup systems within 90 days, using secure overwriting. Exceptions apply when retention is required by law, regulatory obligations, legitimate business interests (e.g., dispute resolution), industry standards (e.g., 7-year retention for security assessment records), or contractual obligations. Data may be archived in encrypted long-term storage for legal or compliance purposes before final deletion. Certificate records are maintained indefinitely for verification but can be anonymized upon request. Data shared with third-party integrations (Slack, Jira) is removed from our systems per this policy, but may remain in those services according to their retention policies. We provide written confirmation upon completion of data removal.
HIPAA compliant
no
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack Marketplace, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Security
Date of latest pen test
2025-11-04
Executive summary is available to potential customers upon request
yes
Supports Security Assertion Markup Language (SAML)
no
Has a dedicated security team
yes
Contact for security issues
support@securitywall.co
Has a vulnerability disclosure program
yes
Vulnerability disclosure program URL
Vulnerability disclosure program covers Slack app
yes
Has a bug bounty program
no
Requires third party authorization/connections
no
Uses token rotation
no