Automatic Remediation with CloudBots

CloudBots automatically correct compliance issues discovered in your cloud environments by CloudGuard compliance checks. You can configure your CloudGuard account to use CloudGuard CloudBots.

On the Posture Management > Policy > Remediation page, you can configure remediation steps for specific rules in your rulesets.

You must deploy CloudGuard CloudBots in the cloud environments to apply remediation steps. See https://cloudbots.dome9.com/ for details.

CloudBots

CloudGuard CloudBots are small programs or scripts in Python that operate on the account or cloud asset to correct missing or misconfigured settings. For example, they can close Security Groups that are widely open. CloudGuard invokes CloudBots when compliance rules fail.

CloudBots work only with rules invoked from Continuous Posture policies and not from manually-invoked Posture Management policies.

For some rules, CloudGuard recommends you use one of the preconfigured CloudBots or create your CloudBot if there is a rule violation. For other rules, you can use only your custom CloudBots.

CloudBots provide:

  • Protection of your cloud environment.

  • Reduction in the workload on the enterprise cloud IT team, by performing remedial actions on misconfigured cloud assets and environments automatically.

  • Reduced response time to remedy a problem, to decrease the window of exposure to risk as a result of the misconfiguration.

  • As CloudBots work with continuous posture assessments, your cloud environments are assessed again and again, so any changes (as a result of accidental or not approved access to the cloud assets) are detected and corrected almost immediately.

  • Reliable application of the same correction to misconfigurations of the same type. That is, correcting an environment policy misconfiguration is the same for all environments. In addition, a full audit trace can be kept of all actions, so you know about the applied changes.