DBOT by Demisto
DBOT is free and open source Security Bot integrated into Slack. DBOT scans all the URLs, Files and IP addresses on the channels, groups and private messages in the background. It alerts users of malicious URL/files before the user clicks and gets compromised.
Really another Bot? For what?
Slack is becoming the operating system for businesses. It is not just a collaboration tool. It is becoming a single place where people chat, exchange technical information, collect the tweets, news articles of their interest, automate their processes etc. With this level of content flowing into Slack from users and also automated sources, there is no security on the content today. The content can be malicious and then end up spreading across your organization very quickly.
Take an example – you have subscribed to feed for competitive white papers with a pattern match which gets delivered into Slack via an email or some other integration. This trigger results in a malicious file getting delivered to your Slack channel or a URL which hosts malware on it. At this time your entire slack can click on it and suddenly everybody in compromised. This is faster than even email spreading the malware.
Effectively, DBOT provides security for Slack users and also enables security automation for security analysts using Slack.