Threat intelligence chat bots are useful friends. They perform research for you and can even be note takers or central aggregators of information. However, it seems like most organizations want to design their own bot in isolation and keep it internal.
To counter this trend, the Cylance Team created a repeatable process using a completely free and open source framework, an inexpensive Raspberry Pi (or even virtual machine), to host a community-driven plugin framework to open up the world of threat intel chat bots to everyone from the home user to the largest security operations center.
“We were thrilled to debut the end result of our research (a chat bot that we affectionately call CyBot) at Black Hat Arsenal Vegas,” said Tony Lee, Senior Director of Professional Services Consulting.
“We took the great feedback and ideas from an enthusiastic crowd and brought CyBot to Black Hat Europe for more fun. Now we are bringing CyBot to Asia to complete the world tour by spreading the word and increasing global collaboration.”
• Event: Black Hat Asia 2018
• Session: CYBOT - OPEN-SOURCE THREAT INTELLIGENCE CHAT BOT WORLD TOUR
• Speaker: Tony Lee, Professional Services Senior Director Consulting
• Date: March 22 and 23
• Times: Thursday, March 22 | 12:00pm-1:50pm and Friday, March 23 | 1:40pm-3:15pm
So, if you know even a little bit of Python, you can come to the session at Black Hat Asia 2018 to help write plugins and share them with the community. If you want to build your own CyBot, the instructions in this project will let you do so with about an hour of invested time and anywhere from $0-$35 in expenses.
Come join us at Black Hat Asia and make your own threat intelligence bot today!