Digital Forensics Dispatch

Digital Forensics Blog
by Sensei Enterprises, Inc.

Mobile and Cloud Data: Slack Data?

October 5, 2021

Recently, Allysia Edwards of CloudNine published an article titled Problems and Solutions for Slack Discovery. In the article, Edward discusses the Slack platform. What is Slack? It is an online collaboration platform. It is very similar to several other communication platforms designed for sharing and collaboration of teams and groups. In terms of usability, its features and functions are akin to Microsoft Teams and Discord.

Edward’s article discusses some of the problems that can be encountered when looking at online collaboration platforms. The first problem is common not just among online collaboration platforms but also with standard messaging platforms such as SMS/MMS and iMessage from mobile devices. Edwards identifies it as “[hundreds] of Slack messages are sent every day.”

As with any messaging platform, there can be hundreds to thousands of messages sent or received. To navigate through the deluge of messages that can exist, often keyword searching or date filtering is employed, so that the filtered data set returns the responsive data. When providing terms to the entity doing the collection or filtering of the data, be sure to consult with vendors or experts on how search terms should be run. This can help speed up the process of searching as well as help with removing any false positive search results.

Another problem that Edwards identifies is “[deciphering] Slack exports can be difficult.” Edwards writes “Slack messages are exported through JSON files, a format that’s a bit hard to understand.” The use of a digital forensics firm or company to collect the Slack data may be beneficial to the deciphering of the Slack exports, especially as tools such as Oxygen Forensics Detective and Cellebrite UFED Cloud Analyzer expand their capabilities.

These cloud data extraction and examination tools allow the digital forensic examiner to collect the data with the proper authorization and credentials to the account in question, which includes data from Slack. That data could then be aggregated and processed and searched by other digital forensic programs and then provided in a better format for legal teams to review.

Email: Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com/services/digital-forensics

Sensei Enterprises

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Digital Forensics Dispatch

Mobile and Cloud Data: Slack Data?

Ride the Lightning

Your IT Consultant

Disclaimer