CyberFurl currently shows slack.com at 75/C+ based on the latest saved public scan.

Does slack.com use DMARC, SPF, and DKIM?

The public report for slack.com summarizes SPF, DKIM, DMARC, MX, and transport-policy evidence when it is present in the latest saved email scan.

What does CyberFurl check for slack.com?

CyberFurl checks DNS posture, email authentication, web security, malware telemetry, breach exposure, and supporting evidence such as WHOIS, headers, ports, and subdomains for slack.com.

When was slack.com last scanned?

The current public report reflects 2026-05-02T21:20:13.510705+00:00.

Why does the public report for slack.com hide some sections?

The public page shows the highest-value shared signals first while deeper remediation, premium evidence, and workspace-only layers stay gated.

slack.com scored 75/C+ on CyberFurl

Preparing the security report

Privacy controls

CyberFurl can load analytics only after you opt in. Core product features work without analytics consent.

slack.com Security Audit — DNS, Email & SSL Report | CyberFurl

Security report

Completed

CyberFurl completed this security preview for slack.com. DNS posture is strongest right now, while Email authenticity needs the most attention.

Unified external risk score across DNS, email, web, malware, breach exposure, and technical readiness signals.

Check another

Latest report

Ready to share

5/3/2026, 12:08:14 AM

Coverage

7/7 stages

100% collected

Leading signal

DNS posture

90/A

Priority area

Email authenticity

62/D

Public sections

4/7 visible

DNS, email, SSL, IP, comparison, and history blocks below

Immediate priority

DKIM signing and key strength

5 MX routes Record detection does not confirm enforcement or key strength.

Email the full report to get the email authentication checklist.

Unified score

Latest saved external posture

5/3/2026, 12:08:14 AM

75Combined scoreGrade C+

Current posture3 issues need review

Strongest signalDNS posture 90/A

Risk levelMedium

Based on CyberFurl's latest external security audit, slack.com has a security score of 75/100 (Grade C+). This score is calculated across DNS configuration, email authentication (SPF, DKIM, DMARC), SSL/TLS certificates, web security headers, malware signals, and breach exposure data. The scan identified 3 issues that need attention.

View issues Get full report

Score breakdown

A score of 75/100 indicates moderate security posture. slack.com has good fundamentals but there are areas that need attention to reduce external exposure.

85–100

Grade A · Strong

Industry-leading security controls

70–84

Grade B · Good

Solid fundamentals, minor gaps

50–69

Grade C · Needs work

Significant improvements needed

0–49

Grade D/F · Critical

Immediate remediation required

Industry Comparison

slack.com (75)Avg (72)

This domain scores 3 points above the average for modern SaaS companies.

Email security

CyberFurl checks the public email authentication records for slack.com including SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance). These protocols determine whether emails from slack.com can be trusted by receiving mail servers and whether they are likely to reach the inbox or be flagged as spam.

Email score

62/D

Risk level

Medium

Key finding

DKIM signing and key strength

Get the full email deliverability breakdown in the PDF report

Public findings

Issues at a glance

A public summary of the checks that surfaced the strongest visible signals in this report.

Check

Status

Severity

Explanation

DNS settings need attention

Review

warning

Resolver health is grade a.

DKIM signing and key strength

Review

urgent

5 MX routes Record detection does not confirm enforcement or key strength.

Web security needs attention

Review

warning

HTTPS target: https://slack.com

3 issues found that need attention

Get the full remediation workbook with step-by-step fixes delivered to your inbox.

Trusted by 2,400+ security teams worldwide

Get free report

Executive summary

DNS posture is currently the strongest area for slack.com at 90/A, while Email authenticity needs the most attention at 62/D. Priority issues include DNS settings need attention and DKIM signing and key strength. Email the report to get the full narrative and prioritized fix list.

Email the full report for the business summary, supporting context, and prioritized actions.

Strengths

DNS posture

Dns health grade: a. zone transfer blocked.

Web security

HTTPS target: https://slack.com

B+

Control and exposure map

One primary exposure, one strongest control, and the remaining stages arranged as report rows instead of equal-weight dashboard tiles.

Primary exposure

Email authenticity

Completed

DKIM signing and key strength

D · medium

Mail auth

3/3 core records detected

5 MX routes Record detection does not confirm enforcement or key strength.

SPF

Present

DKIM

Present

DMARC

Present

Strongest control

DNS posture

Dns health grade: a. zone transfer blocked.

A · low

Audit frame

Coverage

100% collected

7/7 stages

Signals

3 issues to review

Freshness

Ready to share externally

Checked today

Web security

Completed

Web security needs attention

B+ · low

Passing checks17/19

Failed checks2

HTTPS target: https://slack.com

Malware intelligence

Limited detail

No active threat signal was detected

B+ · low

Signals0

VerdictClean

Threat-feed telemetry and blacklist reputation were reviewed without an active hit.

Supporting evidence

Domain, infrastructure, and incident proof

Saved signals that support the scored audit without introducing another score layer.

Email Authentication (SPF, DKIM, DMARC)

Public section

Email security deep dive

Status

completed

Saved SPF, DKIM, DMARC, BIMI, MTA-STS, TLS-RPT, DANE, and MX evidence was included from the latest shared email scan.

Included in the current public preview

SPF recordv=spf1 include:_spf.qualtrics.com include:mail.zendesk.com include:_spfextra.slack.com -all

SPF lookups3/10 lookups

DKIM selectorsMissing

DMARC pMissing

DMARC spNot set

DMARC pct100

DMARC ruaNot set

DMARC rufNot set

MX routes5

BIMIUnknown

MTA-STSMissing

TLS-RPTMissing

DANEUnknown

DNS Configuration

Public section

DNS Records snapshot

Status

completed

Saved DNS records were included from the latest shared DNS scan.

Included in the current public preview

A3.68.124.95, 52.29.238.212

AAAA0 records

MX5 alt1.aspmx.l.google.com., 5 alt2.aspmx.l.google.com.

NSns-606.awsdns-11.net., ns-1493.awsdns-58.org.

TXT"google-site-verification=2PK67oVPNyEtS1avSlr3PhH5nSiFuticbQv_bT4pM2k", "google-site-verification=o2grd1TLmZZ8GrqbhVIFtzO2MRLTtSUpBBIBYfhQVCQ"

SSL/TLS Certificate

Public section

SSL/TLS certificate panel

Status

completed

Saved certificate validity, protocol support, negotiated cipher, and transport-hardening evidence was included from the latest TLS scan.

Included in the current public preview

IssuerCN=R13,O=Let's Encrypt,C=US

Valid from2026-04-04T09:47:06+00:00

Valid to2026-07-03T09:47:05+00:00

Days remaining61 days · Caution

TLS versionsTLSv1.3, TLSv1.2

Cipher suite gradeA+

Negotiated cipherTLS_AES_256_GCM_SHA384

HSTSMissing

OCSP staplingUnknown

CT logsUnknown

Accepted cipherTLS_AES_256_GCM_SHA384

Web Security Headers

infratools

HTTP security headers

Status

Partial

The latest active web scan detected 4 browser-hardening issue(s). A saved header snapshot would provide exact header values.

Waiting for saved evidence

Issues detected4

Observed targethttps://slack.com

Missing / weakBrowser security headers are missing or incomplete

Subdomains & Infrastructure

Public section

IP intelligence

Status

completed

Saved resolved IP, ASN, provider, and location evidence was included from the latest shared infrastructure snapshot.

Included in the current public preview

Resolved IPs3.68.124.95, 52.29.238.212, 3.68.175.98, 18.159.197.225

SubdomainDiscovery

Subdomain footprint

Status

Partial

Saved subdomain enumeration rows are not available yet, but the public preview still recovered a minimal infrastructure footprint.

Waiting for saved evidence

Discovered9

Host 1slack.com

Host 2www.slack.com

PortScan

Network exposure

Status

Partial

Saved port-scan rows are not available yet, but the preview recovered the primary web-facing surface.

Waiting for saved evidence

Open ports443, 80, 25, 587, 465

Closed portsUnknown

Top ports443, 80, 25, 587, 465

AccessControlValidator

Access control exposure

Status

Partial

Saved access-control rows are not available yet, but the preview confirmed the primary web target.

Waiting for saved evidence

Issues detectedUnknown

FindingsPending saved evidence

Categoriesslack.com

TracerouteAPI

Network route telemetry

Status

Partial

Saved traceroute rows are not available yet, but the destination endpoint was resolved from the latest DNS evidence.

Waiting for saved evidence

Hop countUnknown

RoutePending saved evidence

Average RTTUnknown

BrandAbuseWatch

Brand abuse watch

Status

Partial

Saved typosquatting rows are not available yet, so only the base brand target is shown on this preview.

Waiting for saved evidence

Base brandslack.com

LookalikesPending saved evidence

WHOIS & Registration

Public section

WHOIS panel

Status

partial

Saved WHOIS lookup is not available yet, but authoritative nameserver evidence was recovered from the latest DNS scan.

Public section scaffolded, waiting for saved evidence

Nameserversns-606.awsdns-11.net., ns-1493.awsdns-58.org., ns-166.awsdns-20.com.

Extended coverage

Locked intelligence layers

These deeper checks are already part of the audit model and unlock in the emailed report or full workspace.

Locked signal

Vulnerability scanning

Pending

Expanded surface validation, exposure review, and deeper internet-facing checks.

Deeper vulnerability evidence and remediation sequencing stay inside the full report.

Use the full workspace for validated remediation steps and ownership guidance.

Get details via email

Locked signal

Malware and phishing detection

Completed

External threat feeds, blacklist references, and malware heuristics.

Threat-feed matches and remediation sequencing stay inside the full report.

This stage is designed to flag live reputation issues without exposing feed internals publicly.

Get details via email

Locked signal

Data breach monitoring

Skipped

Public-source incident monitoring is included. Private credential-corpus and employee-exposure intelligence expand on paid plans.

Public incident disclosures, ransomware listings, and regulatory notices can appear in this prev…

Paid plans add broader credential-corpus visibility and continuous breach alerting.

Upgrade to see breach exposure

Locked signal

Compliance assessment

Pending

Surface readiness for public-infrastructure controls across common frameworks.

Framework mapping and control-by-control gaps stay inside the workspace.

The emailed report can carry a lighter stakeholder snapshot of this stage.

Get details via email

Immediate priorities

DNS settings need attention

Resolver health is grade a.

Warning

Next step

Email the full report to get the DNS fix checklist.

DKIM signing and key strength

5 MX routes Record detection does not confirm enforcement or key strength.

Urgent

Next step

Email the full report to get the email authentication checklist.

Web security needs attention

HTTPS target: https://slack.com

Warning

Next step

Email the full report to get the web hardening checklist.

Recommended actions

Fix first

DKIM signing and key strength

Fix next

MTA-STS transport policy

Requires workspace

Deeper validated remediation and evidence stay inside the full audit workspace.

Report context

Frequently Asked Questions

Short answers that explain how to interpret the public findings on this report page.

Keep investigating

How does slack.com compare to other e-commerce sites?

Compare this report to similar domains, jump back to the report index, or open the glossary and free tools referenced by the findings.

Related security reports

stripe.com zoom.us walmart.com notion.so ebay.com amazon.com github.com google.com cloudflare.com shopify.com

Glossary and report terms

DMARC DKIM DNSSEC

Internal links

Security report index Monitoring Pricing DNS Benchmark

Free PDF Report

Enter your work email to receive the full, shareable PDF report for slack.com. Includes the executive summary, expanded findings, and a step-by-step remediation workbook.

Upgrade to Shield Create account for full audit Log in on this URL

slack.com External Security Audit & Risk Exposure Report

slack.com Security Posture: Is This Domain Safe?

slack.com Security Score & Industry Benchmark

slack.com Email Deliverability & DMARC Authentication

Issues at a glance

slack.com Executive Summary & Key Threat Intelligence

slack.com Attack Surface: DNS, Web & Exposure Analysis

Email authenticity

Email Authentication (SPF, DKIM, DMARC)

DNS Configuration

SSL/TLS Certificate

Web Security Headers

Subdomains & Infrastructure

WHOIS & Registration

slack.com Vulnerability Fixes & Recommended Actions

slack.com Technical Evidence & Infrastructure Details

Frequently Asked Questions

Is slack.com safe?

Does slack.com use DMARC, SPF, and DKIM?

What does CyberFurl check for slack.com?

When was slack.com last scanned?

Why does the public report for slack.com hide some sections?

How does slack.com compare to other e-commerce sites?

Download the Complete slack.com Security Audit PDF