File hosting giant Dropbox is looking to improve cyber security within organizations with the announcement of their soon to be released cyber security bot, dubbed Securitybot.
Engineered primarily for Slack but compatible with other platforms, the bot aims to considerably cut down the alert detection times and response times as a way of streamlining organization’s cyber security.
The bot will work in conjunction with various security monitoring tools and will also seek verification from the employees before alerting the security team of any detected threats.
This way, the bot automatically sifts through the real threats and the false alarms, significantly easing the security teams’ work by only presenting the real threats.
The announced cyber security bot will be an extension of Dropbox’s existing detection and alerting system and holds much promise in terms of threat detection accuracy and shortened response periods.
How Dropbox’s Securitybot will Function
According to Dropbox, their proposed cyber security bot will primarily cut down the time-consuming aspect of event monitoring.
Its automated design will allow the security team to circumvent the tedious task of manually reaching out to employees to confirm an alert before acting upon it.
Even more dangerous is the fact that this manual method could allow plenty of time for the threat to wreak havoc.
Because not all alerts can be confirmed within short periods of time, the cyber security bot will help response teams access as many users as possible within the shortest possible time, thereby making the response times shorter and honing the efficiency of the cyber security system.
To elaborate in detail how the SecurityBot works, here is a scenario.
When Dropbox’s cyber security bot automatically detects alerts from the installed security monitoring tools, it will first seek verification from the employees or users concerned.
The verification will come in the form of a message asking the employee to confirm or deny whether they have performed an action that is potentially malicious.
Two-factor authentication is used to secure the verification process by preventing third parties from deactivating the alert before it reaches the security team.
If the employee confirms that they are responsible for the action, the alert goes away.
The alert is only canceled depending on the responses of the employees in question.
However, if the alternative scenario plays out, Securitybot then takes the next step, which is to alert the security team promptly.
It is a simple, yet highly effective process that drastically saves time and the resources that would have otherwise been used to locate and contact the employees concerned with the alert, as Dropbox explains in a blog post.
This cyber security bot will also help organizations minimize the number of alerts that surface, seeing that most of them will now be handled easily by the people pulling the strings in the background.
That said, there is still the risk of human error and poor judgment in a scenario where an alert requires verification from an employee.
The wrong response could mask a real alert and prevent it from reaching the concerned team.
As such, the system is not completely flawless.
Cyber Security Bot is Full of Advantageous Advancements
Faster response times and fewer resources spent on tracking down false alarms are just the tips of the iceberg when it comes to the benefits of Dropbox’s Securitybot.
Its implementation within an organization will mean that the security team has much more time to focus on enhancing their monitoring measures.
Conversely, the employees will find it much simpler to communicate to an eloquent bot on their computers rather than hold lengthy, technical conversations with security experts every time an alert comes through.
The cyber security bot promises to be an instrumental tool.
Employees can also rest much easier knowing that the tool will be more than capable of detecting any anomalies within their Dropbox accounts.
Dropbox has made Securitybot open source, being a member of the Talk Openly, Develop Openly (TODO) group and a strong advocate for open source code.
The file hosting platform hopes that their newest security tool will prove beneficial to organizations everywhere.