Uipath Marketplace
MarketplaceStudioソリューションSecurity Orchestration Automation and Response

はじめてのオートメーションをわずか数分で作成できます。Studio Web を試す

Security Orchestration Automation and Response

Security Orchestration Automation and Response

作成者: UiPath

StarStarStarStarStarStarStarStarStarStar

0

ソリューション

ダウンロード数

<100

[戻る] ボタン
[戻る] ボタン
carouselImage0
[次へ] ボタン
[次へ] ボタン

要約

要約

Workflow Solution built on top of the official UiPath IT Automation activities for automating the resolution of Azure brute force attacks security incidents targeting public facing virtual machines.

概要

概要

Azure public-facing Virtual Machines can be secured from brute force attacks with the solution’s ready to use workflows that block attacker IP addresses in the Virtual Machine’s Network Security Groups. The Azure Security Center Alerts types that can be processed automatically are:

  • Suspicious authentication activity
  • Possible incoming SQL brute force attempts detected
  • Web Fingerprint Detected
  • Failed SSH brute force attack

Solution Workflows:

1. AzureCreateNSGsForNIs

  • creates NSGs for the Virtual Machines that don't have at least one associated with one of its Network Interfaces.
  • (optional) it can be scheduled to run 1st - the other workflows will have no effect from a security resolution point of view if deny security rules cant be created for the attacked VM.

2. GetAzureSecurityCenterAlerts

  • gets the Azure Security Center alerts for the supported Brute Force attack types and adds them to an Orchestrator Queue for processing.

3. AzureVMsAttackersBlock_AddSecurityRuleToNSG

  • retrieves the pending Orchestrator queue items. 
  • the new Security Rules have their priority computed dynamically.
  • if the attacker IP is already blocked in an NSG, it will be skipped.

4. Block_AttackerIP_in_VM_NSGs

  • the workflow can be executed on-demand from the Orchestrator web or mobile apps.
  • the specified IP is blocked in all the Network Security Groups associated with the input Virtual Machine.

機能

機能

The solution works like a digital cyber-security officer that resolves the supported brute force attacks 24/7, thereby increasing your organization's cloud security. Also, the workflows are easy to integrate with existing ITSM ecosystems for end to end security incident management.

その他の情報

その他の情報

依存関係

UiPath.Azure.Activities (>=1.1.0)

コード言語

Visual Basic

公開者

UiPath

公開者ページを表示

信頼できるソース

ライセンス契約とプライバシー条項

MIT

プライバシー条項

技術情報

バージョン

1.1

更新日

2023年6月14日

対応製品

Studio: 21.10 - 22.10

認定

シルバー 認定済み

アプリケーション

Microsoft Azure

コレクション

サポート

UiPath コミュニティ サポート

リソース

類似のコンポーネント