DBOT

Protecting you from malicious links while you "Slack"

get it

Reviews

Discussion

You need to become a Contributor to join the discussion - Find out how.
Rishi BhargavaMaker@rishi_bhargava · Co-founder, Demisto
Slack is becoming the "operating system" for businesses. It is becoming a single place where people chat, exchange technical information, collect the tweets, news articles of their interest, automate their processes etc. With this level of content flowing into Slack from users and also automated sources, the content can be malicious and then end up spreading across your organization very quickly. Also, for Security Analysts, wouldn’t it be great to have a BOT that you can ask about reputation of url, files and IP addresses? DBOT (open source and free, forever, no gotcha) solves both of these issues! Single click install and out of your way once configured (invisible security). You don't need to be an admin to use DBOT for your Slack channels. Effectively, DBOT provides security for Slack users and also enables security automation for security analysts using Slack. Would love to hear feedback from the hunters and community. Tweet to us or email me at rishi@demisto.com.
Eric WillisHunter@erictwillis · Working on something new
DBOT is a free and open source Slack plugin that protects users by scanning their messages for malicious URL, files and IP addresses. This is the first product from Demisto building Collaborative and Automated Security Response Platform.
Ouriel Ohayon@ourielohayon · CodenameDjango, CEO/ isai (VC)
how can a malicious link land in slack?
Rishi BhargavaMaker@rishi_bhargava · Co-founder, Demisto
@ourielohayon Take an example – you have subscribed to feed for competitive white papers with a pattern match which gets delivered into Slack via an email or some other integration(notify.ly, zapier). This trigger results in a malicious file getting delivered to your Slack channel or a URL which hosts malware on it. At this time your entire slack can click on it and suddenly everybody in compromised. This is faster than even email spreading the malware. Or a user is infected and they upload an infected file.