Security Orchestration Automation and Response - RPA Component

Products

Studio

Accelerators

Partner Solutions

Professional Services

Collections

Products

Accelerators

Partner Solutions

Professional Services

Collections

Marketplace

Listings

Solution

Security Orchestration Automation and Response

Overview Versions Reviews Q&A

Summary

Overview

Azure public-facing Virtual Machines can be secured from brute force attacks with the solution’s ready to use workflows that block attacker IP addresses in the Virtual Machine’s Network Security Groups. The Azure Security Center Alerts types that can be processed automatically are:
Suspicious authentication activity
Possible incoming SQL brute force attempts detected
Web Fingerprint Detected
Failed SSH brute force attack
Solution Workflows:

1. AzureCreateNSGsForNIs
creates NSGs for the Virtual Machines that don't have at least one associated with one of its Network Interfaces
(optional) it can be scheduled to run 1st - the other workflows will have no effect froma security resolution point of view if deny security rules cant be created for the attacked VM
2. GetAzureSecurityCenterAlerts
gets the Azure Security Center alerts for the supported Brute Force attack types and adds them to an Orchestrator Queue for processing
3. AzureVMsAttackersBlock_AddSecurityRuleToNSG
retrieves the pending Orchestrator queue items 
the new Security Rules have their priority computed dynamically
if the attacker IP is already blocked in an NSG, it will be skipped
4. Block_AttackerIP_in_VM_NSGs
the workflow can be executed on-demand from the Orchestrator web or mobile apps
the specified IP is blocked in all the Network Security Groups associated with the input Virtual Machine

Features

Additional Information

Dependencies

Code Language

Visual Basic

Publisher

UiPath

Visit publisher's page

Trusted Source

License & Privacy

License Agreement

Privacy Terms

Technical

Version

1.1

Updated

Dec 23, 2020

Works with

Studio: 21.10 - 22.10

Certification

Silver Certified

IT Automation for Public, Private & Hybrid Clouds

by UiPath

500

Workflows that enable organizations from all industries to accelerate the automation of their IT ecosystem in the areas of Cloud, Server Virtualization, User Management, Security, Networking and more.

Free

Custom Activity

Microsoft Azure

by UiPath

9.1k

Official UiPath activities for Azure cloud resources provisioning, configuration and management: virtual machines, storage, networking, security.

Free

Solution

UiPath Unattended Robots Auto Scaling

by UiPath

282

UiPath Robots Auto Scaling (RAS) is a workflow based solution that helps optimize IT Infrastructure costs by making RPA Deployments run more efficiently.

Free

Connector

Microsoft Flow Connector

by Dinesh Balasubramanian

617

Integration of UiPath and Microsoft Flow

Free

UiPath Unattended Robots Auto Scaling

Microsoft Flow Connector

Roboyo - Petze – the RPA Quality Code Reviewer

Thales TCT Luna Credential System (FIPS HSM)

IT Automation for Public, Private & Hybrid Clouds

Microsoft Azure

UiPath Unattended Robots Auto Scaling

Microsoft Flow Connector

Roboyo - Petze – the RPA Quality Code Reviewer

Thales TCT Luna Credential System (FIPS HSM)

IT Automation for Public, Private & Hybrid Clouds

Microsoft Azure

UiPath Unattended Robots Auto Scaling

Microsoft Flow Connector

Roboyo - Petze – the RPA Quality Code Reviewer

Thales TCT Luna Credential System (FIPS HSM)