Dropbox has released its open source bot to offer an automated system to secure monitoring and communication at scale. Called Securitybot, the new development is inspired by a Slack technology that was released last year to reach out and send aggregate results back to the security team automatically.
Securitybot collects new alerts from the monitoring tools used by Dropbox and then communicate with employees to find the roots of malicious actions. Once an alert is received by the bot, employees get a message asking them to confirm whether they performed a potentially malicious action. The responses are then stored and later sent to the security team.
Unlike a traditional alert detection system that manually reaches each single employee to find the flaw, Dropbox’ Securitybot releases alerts augmented with employees’ responses. It generates an alert to the security team if an employee fails to perform an action to the given message.
By this way, protection and security can be implemented at a faster pace and investigation of any malicious action can consume lesser time than a conventional method.
“Securitybot ensures that user interaction is prompt and streamlined. For each alert, we simply ask an employee whether they triggered it and for a brief explanation,” Dropbox engineer Alex Bertsche explains in a blog post.
Protected via two-factor authentication
Though Securitybot is initially available within the detection and alerting system at Dropbox and its Slack instance, you can have its presence on other platforms as well. The engineers have protected responses using two-factor authentication. Moreover, the automated technology is touted to be secure enough to protect the responses and alerts even if an attacker would compromise Slack.
Community support to bring ‘distributed security’ model
Dropbox has opted to release Securitybot as an open source project to grow its presence among developers and bring improvements and tweaks directly from the community.
“We hope that by putting forward an initial open source implementation, we can help others to improve their internal detection and easily get their distributed security up and running,” concludes the Dropbox engineer.
You can access the Securitybot code from a GitHub repository. It helps you create your own security alert system and build an advanced internal monitoring for your operations.