New Feature: Verified Stolen Credential Detection

Push Help Center
Ready to help
Help for administrators
Help for admins
Help for employees
Help for employees
Help for administrators
/
ChatOps

ChatOps topic guide: Security findings

Get ChatOps security team notifications about new security findings, such as when Push finds employees are using stolen, leaked, weak or reused passwords or shared accounts, or when their accounts lack MFA protection. When the issue is fixed, Push will also let you know.

What kind of messages are sent?

You can choose to be notified about all new security finding types, or just the ones you care about. In the Push admin console, go to ChatOps > Security findings and then disable any subtopics you don’t need.

ChatOps security finding topic - config screen - KB 10093

You can choose to be notified about the following findings:

  • Stolen credentials: Employees using stolen credentials found on criminal marketplaces

  • Leaked passwords: Employees using leaked passwords

  • Password weakness: Employees using weak passwords

  • Password reuse: Employees reusing passwords

  • Shared accounts: Employees sharing account credentials

  • Password manager not in use: Employees manually typing their passwords

  • Multi-factor authentication not registered: Employees not registering for MFA

  • Unused third-party integrations: Employees not using integrations in the last 90 days

When the Push platform observes a security finding, you’ll get notifications to your specified Slack or Microsoft Teams channel like this:

Security finding chat message - reused password - KB 10093

When a finding is resolved, the message will be updated to look like this:

ChatOps message - security finding - resolved - KB 10093

If a finding is resolved more than 90 days after the original finding message was sent, Push will send a separate resolution message.

Who will be messaged?

Your designated Slack or Teams channel. You do not need to activate ChatOps for individual Push administrators using these channels. Once you enable the topic, messages will begin to be sent to your channel.

When will they be messaged?

Immediately after Push observes a new finding or a resolution to an existing finding. Note that Push must observe the resolution (such as an employee logging in with their newly changed password) in order to report it.

What do I need to do?

You can learn more about a finding by clicking the link in the chat message, or by logging into the admin console and going to the Apps page. Use the filter icon to filter the list to the type of findings you want to review more closely.

You can also filter the Employees list by finding type to see findings for a particular person.

Related articles

Need more help?
Questions, feedback, tech support, sales support - anything you need.
We’ll get back to you within a day.