| Team Information |
|---|
| Team name |
Slack CSIRT |
|---|
| Official team name |
Slack CSIRT |
|---|
| Member since |
August 19, 2020 |
|---|
| Host organization |
Slack Technologies |
|---|
| Country of team |
United States of America (the) US
|
|---|
| Date of establishment |
2016-06-01 |
|---|
| Website |
https://www.slack.com |
|---|
| Team Contact Information |
|---|
| Regular telephone number |
Email Preferred |
|---|
| Emergency telephone number |
Email Preferred |
|---|
| E-mail address |
security-first@slack-corp.com |
|---|
| Facsimile number |
n/a |
|---|
| Other communication facilities |
page for emergencies at security@slack.pagerduty.com |
|---|
| Postal address |
500 Howard St
San Francisco, CA 94105 |
|---|
| Business Hours |
|---|
| Timezone |
Pacific Standard PST |
|---|
| Description of business hours |
0900-1700 |
|---|
| How to contact outside business hours |
For emergencies: security@slack.pagerduty.com |
|---|
| Constituency |
|---|
| Type of Constituency |
Other commercial |
|---|
| Source of Constituency |
Both external and internal |
|---|
| Description of Constituency |
Our CSIRT is layered over the whole of the Security organization. The two teams responsible for discovering and responding to incidents are the Security Operations team and the Product Security (AppSec) team. Both teams follow the same documented response processes. The Security Operations team are responsible for detecting and responding to incidents having to do with systems and infrastructure in both the corporate fleet and Slack’s backend. These teams are primarily responsible for detecting and responding to unwanted activity and actively exposed vulnerabilities in endpoints. The Product Security team is responsible for the Secure Development Lifecycle and Bug Bounty programs which often identify vulnerabilities in the product, itself, such as a vulnerable library, code practice, or design. Where deemed incident-worthy, the Product Security team is responsible for acting as the subject matter expert and responding to such an incident to closure. |
|---|
| Internet Domain Address |
http://www.slack.com |
|---|
| Country of Constituency |
United States of America (the) US
|
|---|
| Cryptography |
|---|
| PGP key id |
0x61EC4BB63D7039FC
|
|---|
| PGP fingerprint |
411AD6D2444FF0DFE0E2681861EC4BB63D7039FC |
|---|
| Team PGP public key |
411A D6D2 444F F0DF E0E2 6818 61EC 4BB6 3D70 39FC
Slack Security <security@slack-corp.com>
Updated on May 15, 2020 19:10 UTC
Expires on May 13, 2028 19:10 UTC |
|---|
Team contact information provided for Incident Response purposes only. FIRST strictly prohibits the use of contact information for solicitation or marketing.
FIRST follows the International Olympic Committee (IOC) country name listings.
