Slack adds AI exclusion zones, DLP in February 2026 update
Alexander Shlimakov specializes in Salesforce, Tableau, Mulesoft, and Slack consulting for enterprise clients across the CIS region. With a proven track record in technical sales leadership and a results-oriented approach, he focuses on the financial services, high-tech, and pharma/CPG segments. Known for his out-of-the-box thinking and strong presentation skills, he brings extensive experience in solution sales and business development.
Slack's Feb 2026 update adds AI exclusion zones, built-in DLP for secrets, and DMARC banners, addressing key regulatory needs.
Slack's February 2026 Update: AI Exclusion Zones, DLP, and Advanced Security
In a significant security enhancement, Slack adds AI exclusion zones, DLP, and new compliance controls in its February 2026 update. Enterprise+ administrators can now designate channels, canvases, or lists as off-limits to Slack's AI, preventing data from being used in search, summaries, or upcoming AI APIs. This exclusion status is clearly visible to all members, providing transparency about data handling. Initial reports from pharma firms, where local integrators already run Slack alongside Salesforce CRM, show these zones are being applied to secure attorney-client discussions, M&A strategy, and clinical trial data. These powerful tools are included with the Enterprise+ plan, offering enhanced control and security at no additional cost.
What new security and compliance features did Slack introduce in its February 2026 release?
Slack's February 2026 release introduces critical security and compliance tools for Enterprise+ customers. Key features include AI-exclusion zones to prevent AI access to sensitive data, a built-in DLP for real-time secret detection, email security banners for DMARC/SPF/DKIM validation, and CIS-aligned controls for streamlined auditing. All features are included at no extra cost.
The update also delivers a built-in data loss prevention (DLP) engine that detects hard-coded secrets like API tokens and RSA keys in real-time. Unlike previous solutions requiring third-party tools or after-the-fact scans, this native engine instantly quarantines the offending message and notifies security teams. A case study with a telecom provider demonstrated it caught 38% more leaks than an external proxy by analyzing message edits and replies that stay within Slack.
To combat email-based threats, messages forwarded to channels now display a DMARC/SPF/DKIM confidence banner when the source domain fails email authentication checks. While the message is still delivered, this visual warning has reportedly reduced employee clicks on phishing attempts by 22% in its first month.
What "CIS alignment" really means
Slack's claim of 'CIS alignment' means its new controls have been internally mapped to existing CIS Benchmarks for Windows 11 and Oracle Cloud. Since no official Slack benchmark exists, this documentation provides a framework for auditors to validate Slack's security posture against established industry standards.
There is currently no official CIS Benchmark for Slack. The "CIS alignment" claim refers to a mapping exercise conducted by Slack's engineers. They have correlated the new security features with relevant controls from the CIS Microsoft Windows 11 Enterprise v5.0.0 and CIS Oracle Cloud Foundations v3.1.0 benchmarks. This internal mapping shows a one-to-one match for 61% of Level-1 controls and 43% of Level-2 recommendations, enabling auditors to grant a "CIS-aligned" status.
| CIS Control family (Win 11 v5.0.0) | Slack 2026 analogue | Coverage |
|---|---|---|
| Account & Authentication (L1) | Enforced SSO + 2FA, session timeouts, device trust | 100% |
| Audit & Logging (L1) | Audit Logs API, 2-year retention, SIEM streaming | 100% |
| Data Protection (L2) | AI exclusions, secret-scan DLP, EKM with customer-held keys | 61% |
| Malware Defences (L1) | File-execution blocks on jail-broken mobiles, link warnings | 33% |
Competitive heat from Teams
The release comes amid increasing competition from Microsoft Teams. Following its March 2026 update, Teams boasts over 400 compliance certifications compared to Slack's 65 and includes Purview DLP at no extra charge. Microsoft also leads in the public sector, with Teams certified for GCC-High while Slack is at FedRAMP Moderate.
Slack's strategic response emphasizes cross-platform openness. Its upcoming Model Context Protocol (MCP) will provide a privacy-preserving endpoint for third-party and custom AI models to query Slack data while respecting AI-exclusion flags. This allows granular control, such as making a channel visible to a local AI but not a public one - a capability Microsoft's Purview stack currently lacks.
"Customers do not want to rip-and-replace; they want one compliance dashboard that covers Windows, Mac, SaaS and now generative AI. Slack's move gives auditors a single sentence: 'AI-excluded channels are never transmitted outside the tenant boundary.' That sentence is gold during a PCI or HIPAA review."
- Central-Asia security lead, Big-4 firm
Adoption signals from the field
Early adoption cases highlight the immediate impact of these features. During a 2025 Salesforce and Slack rollout for 1,800 field reps, integrator Customertimes used CT Mobile and Slack canvases for sales and routing. To comply with Kazakhstani data-residency laws, the project leveraged Enterprise Key Management in a local cloud and enabled AI-exclusion for all channels with customer data. Since launch, audits confirm zero outbound AI calls across 6.3 million messages, helping the client secure a 7% insurance premium discount.
"We did not need another certificate on the wall; we needed evidence that the AI never saw the data. Slack's February release gave us that evidence in two clicks."
- CIO, multi-brand retail group
Road-map snippets leaked at Salesforce & Tableau Day Almaty
Leaked roadmap details from a recent Salesforce event indicate further enhancements are planned:
- Real-time search API (Q3 2026) will stream search results without logging queries, ensuring excluded data remains private.
- Expanded Secrets-scan DLP will expand to cover Slack canvases and uploaded PDFs, not just messages.
- MCP Server Beta (June) enters private beta, with Red-team reports claiming response latency under 120 ms for 10-turn conversations.
Crucially for existing customers, this entire security bundle is included with the Enterprise Grid plan at no additional license cost, eliminating the need for separate DLP or AI governance tools. This pricing strategy competes directly with Microsoft's bundled security model but on a platform that preserves IT's flexibility to choose its preferred SSO, EDR, and SIEM solutions instead of being locked into a single vendor's ecosystem.