Open Sourcing Automated Security at Scale
Security incidents happen. And when they do, they need to be dealt with—quickly. That’s where detection comes into play. The faster incidents are detected, the faster they can be handed off to the security team and resolved.
A year ago, Slack set out to tackle this very issue. Instead of manually reaching out to employees to verify their actions, they built an automated system designed to reach out and send aggregate results back to the security team. We were inspired: what if our team at Dropbox created an automated, distributed alerting bot of our own. Could we reduce the burden of alerts for our security team, and help them sort through alerts faster than ever before? To answer that question, we developed and deployed Securitybot, and found out that yes, we could.