New Feature: Support for Risk Commands in Slack

We now support Risk Commands in Slack, designed to elevate visibility, streamline collaboration, and accelerate remediation directly within your chat workflow.

What Are Risk Commands?

With Arnica’s Risk Commands feature, you can now generate risk-specific magic links straight from Slack and Microsoft Teams, empowering quick access to critical insights, no portal browsing required. These links provide read-only access to:

• All risks tied to code you authored, committed or pushed (risks mine)

• All risks tied to products where you are a security champion or a product owner (risks product)

Risk Commands bring alerts and visibility right where your team lives and communicates.

• Instant Context: Skip the navigation in the UI and get risk insights immediately within Slack (and Microsoft Teams).

• Secure Sharing: Links are read-only and expire automatically.

• Reduced Friction:No Arnica access provisioning required for recipients to view findings.

How It Works in Slack

1. Invoke the command
   Go to the Arnica bot on Slack and type:

• /arnica risks mine - to fetch a personalized risk overview.

• /arnica risks product - to fetch risk data scoped to your product.

2. Receive an instant magic link
   Arnica responds with a time-sensitive, shareable link containing a tailored risks view. These magic links are safe, read-only, and make context-sharing frictionless, even if recipients don't have full Arnica access.

Smart by Design: Magic Link Expiration

To safeguard your data and maintain control, Arnica’s magic links automatically expire based on your organization's settings, whether that’s a set time or limited usage count. By default, links expire after 24 hours but can be customized to your organization’s security posture.

‍

‍