INTEGRATE
Integration Mesh

Connect all your business tools into one platform, including Slack, AWS, SAP, and 400+ others

DESIGN
No-code Smart Workflow Studio

Drag and drop from 100+ pre-build automation and decision units in minutes to get a unique workflow for your business automation

Developer Workbench

Bring your custom automation ideas to life with a powerful toolkit for developers

ACT
Autoremediation and Predictions

Use smart behavioral analytics and decision units to prevent incidents before they impact your business

Smartbots

Improve interactions in your teams with in-time notifications and information exchange

ANALYZE
Bot Analytics

Illuminate important business processes and get insights for smart management decisions

DEVOPS, копия (1600 × 450 пикс.)-5

AWS SecOps Solutions

AWS

Partner Network

Validated

Type
Partner

 SecOps Competency


    Hyperautomation competency


    Solution Provider 


    Channel Partner

Botprise is the No-Code Auto Remediation company for mid-size enterprises.  By connecting applications, infrastructure, data, and processes with intelligent, Event & AI driven automation, we make it simple for any user to author/deploy automation at scale.

 

 

 

Botprise platform automates governance across multi-cloud assets and services including visualization and assessment of security posture, misconfiguration detection, and enforcement of security best practices and compliance frameworks

 

CSPM Solutions

Botprise offers a large number of prefabricated Automation Units (BAUs) and ready to use Apps for addressing Cloud Security Posture Management 

 

Security Hub integration:

  • Create a cross-account IAM role in their AWS account and grant access to Botprise for the necessary resources. Add the following section under the trust relationship section of the cross-account role:

  • A cloud formation stack is to be created on a customer AWS account  using the cloud formation template provided by Botprise, which can be accessed using an S3 URL 

  • Navigate to Integration Mesh ( Left Menu ) > Add Integration (Click on the plus sign, the “add integration” button.)

  • On the left, you will see the list of integration categories. Select/Search for Cloud and click on it. 

  • Select AWS from the right panel and click Next

  • Provide a name for the integration, and supply the Arn of the Role that you have created before. Under services, you will select the list of services for which you want to do the remediations. Almost all the services offered by AWS such as  S3, EC2, IAM etc., are supported by the Botprise platform.

 Integrate into CSPM (SecurityHub)

  • Configure CSPM to send events to Botprise 

  • Configure both inbound and outbound integration to CSPM 

  • Recieve the first event on the Botprise 

  • Map and transform the event to Botprise event model 

Event Handling 

  • Create a trigger unit 

  • Extract information from the event 

  • Associate the trigger unit to a remediation app (s3 encryption)

  Remediation execution

  • Process mapping of all manual tasks

  • Deploy integrations to all tools – ServiceNow, AWS

  • Integration into change management process and tools

  • Deploy automations across Installation, Onboarding, Offboarding, configuration change and maintenance – Smart Studio

  Remodel your remediation flow (Optional)

  • Clone and edit the packaged remediation app in SmartStudio (NoCode)

  • Integrate to your application using connector library 

  • Add application specific capabilities to your remediation flow 

  • Save and execute

Amazon Simple Storage Service (Amazon S3) is an object storage service that stores data (files, images, etc) and can be thought of as a cloud drive in the simple sense.

Customers of all sizes and industries can use Amazon S3 to store and protect any amount of data for a range of use cases, such as data lakes, websites, mobile applications, backup and restore, archive, enterprise applications, IoT devices, and big data analytics. There is a lot to lose for these customers if S3 is compromised and therefore its important that the S3 and objects therein are stored and protected

Since S3s are object store houses for files for numerous scenarios mentioned above. Therefore, it is important to secure all S3s to prevent sensitive data from being lost and getting to the hands of malicious users.. Furthermore, if the access to S3s are compromised, there is a potential that attacks such as ransomware and malware can be launched from within. It is also possible that via a compromised S3, a hacker can gain access to other cloud resources further expanding the impact. Financial and reputational losses are a direct consequence of such a compromise.

Some of the reasons why S3s are prone to misconfigurations are – manual provisioning, in-life changes, large scale/high frequency deployments and low security awareness

Encryption disabled, public access (read and write) access enabled, SSL not enabled (insecure access), backup not enabled (low data availability), audit trail and logs disabled 

AWS & Botprise Architecture S3 Remediation

Auto-remediation apps

Data encryption, data access control, secure access, data availability, audit trail

  • Block public access to S3

  • Block public read and write access to S3

  • Enable server side encryption on S3

  • Enable bucket versioning

  • Enable SSL 

  • S3 replication (cross region)

  • Enable and restrict S3 cloud trail logs

Password policy, policy to resource attachment, least privilege access, audit trail

  • Validate password policy for length, characters, lifetime, usage

  • MFA enablement for users

  • Remove IAM policies with full admin privilege 

  • Enable alarm for policy changes

  • Remove/disable unused users credentials

  • Enable rotation of access keys 

  • Remove root access key(s)

  • Enable alarm for policy changes

Upgrades,
Access control, retirements

  • Ensure all traffic is restricted in all default security groups

  • Enable management by AWS System Manager

  • Ensure patch compliance in AWS System Manager

  • Encrypt attached EBS volume 

  • Disable automatic application of public IP to EC2

  • Remove unused security groups

  • Disable public access to EBS snapshots

  • Remove unused NACLs

End-point monitoring not sending data to SIEM

  • EP configuration and access control on network that prevents log data arriving at the data sync (SIEM)

User off-boarding – remove access to cloud resources when an employee or consultant leaves or reduce access when project role is changed

  • Remove/disable users upon request (via integration to external applications that sets up the request – egs: ITSM)

Avoid and restrict using root user for managing accounts including administrative to minimize access risk

  • Create an escalation alarm upon root access usage

  • Remove root access key(s)

  • Enable MFA for root access

Enable logging and audit trail for resources for realtime and post incident forencis

  • Enable cloud trail in all regions

  • Enable cloudtrail log file validation

  • Enable cloudtrail trails integration with cloudwatch logs

  • Enable cloudtrial log at rest encryption

  • Enable alarm for cloudtrail  config changes

How Botprise can change your business?

Botprise as one of the leading hyperautomation players in the market has great experience in S.M.A.R.T. solutions for enterprises. This was reached by a long journey of gathering different ITSM use cases from all the possible spheres of business.

 

S.M.A.R.T. Creator value  

Botprise has a No-code SMART Studio to create, update, change and improve already existing automation. SMART Studio gives users the ability to build automation without technical skills. What is even more important is there will be no need to revise the architecture in case the user needs a different execution, because all parts are represented as a block that is compatible with each other.

 

S.M.A.R.T. Intelligence

One of the areas of initial and continued focus is deploying AI/ML intelligence in all aspects of product use. From deploying intelligence to speed integration/adoption of customized service management applications, to correctly automatically assigning actions from incidents and choosing the correct action to take based on historical data, the Botprise decision engine uses ML models to automate its efforts.

 

S.M.A.R.T. Completeness

For DevSecOps and related use cases, Botprise offers one of the most complete solutions through its out-of-the-box and easily modifiable workflows. With a large set of automation objects (Bots), customers find Botprise a complete solution compared to competitive products and solutions. All models are Botprise Decision Units which can be used on Botprise S.M.A.R.T. Design Studio.

 

S.M.A.R.T. Scalability

Botprise Design Studio is a unique instrument that boosts both your existing processes and time for creating a new one. What makes the S.M.A.R.T. Design Studio so impressive is that such a complicated technology was elegantly put in a friendly Low-code interface. This opens a new horizon for your process development.

 

S.M.A.R.T. Economic value

Automation is a journey that each customer approaches differently where the steps between the start and end are often biased and changed based on real-life experience and benefits garnered along its path. Given no two paths will be the same, we made a conscious effort to align our business success with our customers’ automation success. In that regard, we have an easily understood subscription-based pricing model (by automation) with a reasonable entry cost that encourages adoption and grows exponentially as customer value is achieved.

 

S.M.A.R.T. Creator value 

Botprise has a No-code SMART Studio to create, update, change and improve already existing automation. SMART Studio gives users the ability to build automation without technical skills. What is even more important is there will be no need to revise the architecture if the user needs a different execution because all parts are represented as a block that is compatible with each other.