Marketplace logo
Search button

Accelerators

Partner Solutions

Professional Services

Collections

Sign In

Accelerators

Partner Solutions

Professional Services

Collections

MarketplaceListingsSolutionSecurity Orchestration Automation and Response
back button
back button
carouselImage0
next button
next button

Summary

Summary


Overview

Overview

Azure public-facing Virtual Machines can be secured from brute force attacks with the solution’s ready to use workflows that block attacker IP addresses in the Virtual Machine’s Network Security Groups. The Azure Security Center Alerts types that can be processed automatically are:
  • Suspicious authentication activity
  • Possible incoming SQL brute force attempts detected
  • Web Fingerprint Detected
  • Failed SSH brute force attack
Solution Workflows:

1. AzureCreateNSGsForNIs
  • creates NSGs for the Virtual Machines that don't have at least one associated with one of its Network Interfaces
  • (optional) it can be scheduled to run 1st - the other workflows will have no effect froma security resolution point of view if deny security rules cant be created for the attacked VM
2. GetAzureSecurityCenterAlerts
  • gets the Azure Security Center alerts for the supported Brute Force attack types and adds them to an Orchestrator Queue for processing
3. AzureVMsAttackersBlock_AddSecurityRuleToNSG
  • retrieves the pending Orchestrator queue items
  • the new Security Rules have their priority computed dynamically
  • if the attacker IP is already blocked in an NSG, it will be skipped
4. Block_AttackerIP_in_VM_NSGs
  • the workflow can be executed on-demand from the Orchestrator web or mobile apps
  • the specified IP is blocked in all the Network Security Groups associated with the input Virtual Machine

Features

Features


Additional Information

Additional Information

Dependencies


Code Language

Visual Basic

Publisher

UiPath

Visit publisher's page

Trusted Source

License & Privacy

License Agreement

Privacy Terms

Technical

Version

1.1

Updated

Dec 23, 2020

Works with

Studio: 21.10 - 22.10

Certification

Silver Certified

Tags

security
azure
cloud
cybersecurity
security orchestration
soar

Application

Microsoft Azure

Support

UiPath Community Support

Resources

Similar Listings