INFRA
INFRA
INFRA
Dropbox’s new security bot politely inquires about suspicious actions
Modern cybersecurity tools can detect even the most subtle sign of suspicious activity in a company’s network, but administrators often don’t have time to check up on every alert. Dropbox Inc. set out to elevate the problem today by open-sourcing a chatbot that aims to automate much of the repetitive communications involved in the chore.
Like so many other of the collaboration giant’s projects, the agent was originally created to address an internal requirement. The Dropbox engineering team first got the idea after stumbling across a blog post that was published on Slack Inc.’s developer blog last February. In the piece, Slack outlined a homegrown virtual assistant that automatically reaches out to its workers when they perform a potentially malicious action to save information technology administrators the hassle of following up on their own.
Securitybot, as Dropbox calls its new creation, serves the same basic purpose. The agent can plug into a company’s threat detection infrastructure and quickly spot when someone raises the alarms. A few moments later, the worker in question receives a customized chat message asking them to confirm whether the person is responsible for the action.
The verification process relies on a two-factor authentication mechanism that requires users to submit a specific answer via the chat window and open a push notification sent to their mobile device. According to Dropbox, the idea is to help security professionals quickly detect when a hacker is exploiting stolen credentials to access internal data.
If a user verifies his or her identity, the response and the corresponding security alert will be merged into the administrative team’s log stream as normal. In the event that the process is not completed successfully, however, Securitybot will bump the incident to the top of the list so to ensure that the issue is addressed as quickly as possible.
Dropbox says that the entire workflow is managed in a way that aims to minimize the disruption for end-users. Among others, the agent suspends prompts for a certain period of time after an action is cleared to prevent overwhelming workers who frequently perform sensitive tasks as part of their work. This feature should be a particularly big convenience for IT personnel and developers who interact with their company’s backend infrastructure on a regular basis.
The source code for Securitybot is available immediately on GitHub. While originally built for Slack, the agent is based on a modular architecture that Dropbox says can be ported to other messages services with relatively little work.
Image courtesy of Dropbox
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
