© "Security is key and Devops is life" ~ Antonio Cheltenham

#ChatOPs and Security, Adding Hubot to your team

April 13, 2017

Picture by VictorOps 

 

So today is a good day .. played around with some familiar technology and some new ones, but at the end of the day a SecBot was born. A combination of Slack, Hubot and Powershell,  customized with security in mind, made me the happiest person in the world and here is how.

 

There are times you may be working on a project and you are bombarded with questions or requests from various sources, alternately you may just  want to empower users to query updated security information data such as Policies , Guidelines , Knowledge Base content etc. or even the ability to see what they have access to in a given environment dynamically. This was my plight, so I decided to add another member to our team without having to engage HR, heck we don't even have to pay the dude or dudette.

 

The plans for my little friend ( our new team member) makes me super excited... I created custom powershell cmdlets which I will leverage to gain some useful security insight for the engineering team. Yes! I am leveraging powershell from my bot in Slack. I got a great start from Matthew Hodgkins, here you can find the DSC resource  and documentation I used to get my hubot up and running. It is a  great walk through and allowed me to concentrate on gelling my cmdlets with CoffeeScript to obtain the desired output in Slack.

 

Here are some of the ideas where I found it would be useful to use secbot and the work load I am making for myself :)

  • Provide engineers with a links to key Security guidelines when deploying servers

  • Allow engineers to query what permissions or roles they have in a given environment

  • Provide server / security groups relationships dynamically

  • Allow specific users to kick off automated task like Windows Updates

  • Receive Security Alerts from various Security Solutions via APIs or Scripts. 

Now the question you might ask yourself :

 

"Am I disclosing too much in the slack channel?"

 

This will vary from company to company and a skim over your Security Polices might be on the horizon. Also if you are using the Slack Platform, make sure you have the correct subscription plan  to ensure your company remains compliant to any regulatory obligations, regardless of if you are using bots or not. 

One of the things I will strive to achieve is a Bot in a private channel for my team so we have access to more elevated information or task. This is great for new actual getting paid to come in the office team members who needs to quickly "get the lay of the land", also allows our informative and really cool SecBot to serve as that really efficient KB agent on behalf of the security team. 

 

"Long live the hubot and long live automation." 

 

 

 

Share on Facebook
Share on Twitter
Please reload

Featured Posts

Okta -> Kafka -> Splunk... Options Galore!

September 4, 2017

1/10
Please reload

Recent Posts

August 14, 2017

Please reload

Search By Tags
Please reload

Follow Us
  • Google+ Social Icon
  • LinkedIn Social Icon
  • Twitter Long Shadow