You can integrate your preferred Slack channel or workspace with Prisma Cloud DSPM to receive real-time notifications on risks and alerts.

Prerequisite

Before integrating a Slack channel with Prisma Cloud DSPM, create a Slack-webhook integration by following the steps in this guide. You will need to create a new Slack app and allow incoming webhooks.

Integration

1. In Prisma Cloud DSPM, go to Preferences > Integrations.
2. Under Notifications, select Slack and click Connect.
   
3. Enter your Slack link (the one you set to use webhooks to send messages).
4. Under Notified On, select whether you want to be notified on Alerts, Risks, or All.
5. Select the Severity Threshold for receiving notifications. The recommended severity is Medium and above.
6. Click Create.
   

Below are examples of a Risk and Alert when sent as a Slack notification:

Note that the Investigation link directs you to the risk or alert page in Prisma Cloud DSPM.

NOTE: To prevent an overload of alerts, in case Prisma Cloud DSPM has sent more than ~30 alerts in 1 hour, it will not send any additional alerts for the next 4 hours. It will send a notification about multiple alerts created.

Once you add a Slack channel, it is listed at the bottom of the page under Channels. From there, you can edit the Notified On column or remove this channel by clicking the X on the right.