11 time saving tricks to try with Swimlane ChatBot for Slack

by Josh Rickard on February 24, 2022

As a company, we quite literally run on Slack. It has become a staple of our remote culture here at Swimlane, and it’s a critical technology for our daily business operations. That said, it should come as no surprise that I am mildly addicted to Slack. This little obsession inspired me to create a Slack ChatBot for Swimlane, which I like to call Swimmy.

Swimmy’s Architecture & Deployment

Swimmy is written in Python, which allows you to interact with your Swimlane instance directly from Slack. It is a docker-compose project, which makes it really easy to deploy. Before you deploy Swimmy, you’ll need the Swimlane host, your user name and password or an API token, and a few other details. To get started check out the Swimmy documentation here.

My favorite Swimmy backslash commands

I love how easy Swimmy makes it to perform simple tasks, or easily navigate to the sections of my Swimlane instance. Watch this demo video to learn more about Swimmy, or check out the summary of my go-to Swimmy commands below.

/swimmy workspaces – Here we can quickly see all available or configured workspaces within the Swimlane environment. With one click from Slack, you can quickly view the default dashboard view for that workspace.
/swimmy applications – This backslash command pulls up links to all Swimlane applications or use cases like phishing triage, alert and incident management or threat intelligence directly from Slack. This makes it easy to access default report dashboards for each application.
/swimmy assets – In Swimlane, an asset is a reusable, structured, and vendor-specific object that contributes to the successful completion of tasks that contribute to automated workflows. This /swimmy assets command surfaces all assets, like Jira, ServiceNow, or VirusTotal, to see all configured assets and redirect to the asset page in Swimlane.
/swimmy plugins – Get an at a glance view of all of the plugins that are installed. A plugin is a distributable package that provides integration functionality for an application or service. From Slack, you’ll be able to see the plugins name, version installed, descriptions, and a link to them in Swimlane.
/swimmy packages – See all Python packages installed, and quickly identify their name and version. You’ll get a link to their official page and be able to view them individually within Swimlane.
/swimmy users – Identify all of the users who have accounts on your Swimlane instance in seconds. Swimmy will show you all configured users within Slack, and will provide a button to redirect you to see that users profile within Swimlane.
/swimmy health – This command pulls a summary from the Swimlane health endpoint, so that you can get a health check on your Swimlane instance in seconds.
/swimmy search [IOC] – Search for any indicator of compromise (IOC) string or variable. For example, you could search /swimlane search domain.com and Swimmy will return the most recent 10 IOC records associated with it. When you click on the link, it will take you directly to the record within Swimlane.
/swimmy get record [name] – Search for any record, such as the security alert and incident management (SAIM) app. Swimmy will return the record ID, the date it was created and last modified. A button will appear within Slack that will bring you to the record within Swimlane.
/swimmy get [application] tasks – Ask Swimmy to look up all tasks, such as retrieving threat intelligence records, re-assigning a case, creating an incident, restricting access, and more, for a specific use case application.
/swimmy create [application] record – This command provides a button that directs you to the Swimlane instance to create a new record for the specific application.

I hope you enjoy using Swimmy as much as I liked building it. If you’re not a Swimlane customer yet, we would love to talk to you about how Swimlane low-code security automation platform works more holistically.