Top Threats Affecting Automation Anywhere Bots
Top Considerations for Security of the Bot and Network it is being deployed into
The assets we want to protect, People and Actors Interacting with the Bot and Environment in which the Bot is Deployed
The assets we want to protect
-> Unauthorized access to customer data.
People and Actors Interacting with the Bot
-> User credentials and API keys.
Environment in which the Bot is Deployed
-> Malicious code embedded into bots.
-> Server or Computer running the bot.
-> Remote or Connections or Services.
Maliciously embedded DLL Files.
References to external or local system DLLS.
Plain text communication.
Credential Management.
Use of insecure dependencies.
Threat : Malicious or Vulnerable Embedded DLL Files
-> Dependencies and more specifically chained dependencies.
-> Vulnerable DLL could make bots and data Vulnerable to exploitation.
-> Malware containing bots could be used to exploit bot user systems.
-> Include only dependencies that are:
$ Necessary
$ Reputable
$ Have been thoroughly vetted for security
$ Don't contain any known vulnerabilities
Threat : References to external or local system DLLS
-> DLLS referenced by bots must be packaged within the bot package.
-> Not doing so results in DLL Injection.
Threat : Plain Text Communication
-> Plain text transmission of data results in data leakage and information disclosure.
-> Credential, Session information, Bot data, and other information is commonly transmitted insecurely.
-> Connections to external resources must use TLS1.2 OR Greater, SSH, SFTP.
-> Secure transmission protocols should use a secure cryptographic protocols.
Threat: Insecure Credential Management.
-> Bot should protect:
* Bot user credentials.
* Session tokens.
* API Keys.
* Credentials for external resources.
-> The Credential Vault should always be used to protect sensitive data.
Threat: Use of Insecure Dependencies
-> A Patch or Update may or may not be issued.
-> Packages or Bots that rely on insecure dependencies can be exploited by attackers.
-> Ensure that all bot dependencies are from reputed sources that are actively maintained.
-> Always use the latest secure version of a dependency.
-> Perform security checks and static analysis on all dependencies.
Note:- I will be updating this blog frequently.✍
Thank you for visiting this blog☕️
To Learn Mainframe Modules (Cobol, Jcl, VSAM, DB2, CICS): Click here
For Latest Job Updates: Click here
For Online Shopping: Click here