Automation Centre

Owned by Jonathan Bellard
Last updated: Feb 28, 2024
6 min read

The platform provides a powerful automation centre that allows users to automate their workflows with ease. It is comprised of several triggers and actions that are compiled to form a set of processes. These processes can be assigned to a project or used across the platform. This article provides an overview of the possible triggers and actions in the the platform’s Automation Centre, process limitations, and an example process library.

This feature is available to Enterprise Admin users within a paid for Enterprise license of the platform.

How to Set Up a New Automated Process in Platform

The Automation Centre is a feature accessible from the main sidebar menu that provides access to various tabs:

  • Active - displays the list of currently active processes.

  • Inactive - displays the list of currently inactive processes.

  • Library - contains example processes that you can use as a starting point.

  • Audit Log - contains a comprehensive log of all the processes that have run and any issues that have been affected by the platform.

To set up a new process, simply click on the "New Automated Process" button on the main Automation Centre screen. You will be prompted to provide a name for the new process and select its process type: Global or Project Based.

  • Global Process: This type of process will execute tenant-wide, regardless of the project or test/scan.

  • Project-Based: This type of process will only run within a selected project and supports custom and bespoke workflows.

Once you have completed the process setup, you will be taken to the Process Visualizer. This is the main area where you can design, test, and activate your automated workflow processes.

Process Visualiser

To get started with the Process Visualiser, you first need to select and define your trigger. This can be any of the triggers listed below. Once you have determined your trigger, you can enhance it with further conditions, such as Risk Rating, Asset Priority Rating, keyword (if using this trigger type) and Tags.

Next, you can add a series of actions that will be performed when the trigger event occurs. Process Visualiser offers a variety of actions to choose from, see the actions listed below. You can easily add actions to the visualiser by using the left pane or by using the numerous + icons within the grid.

Once you are happy with your process, you can save it by clicking "Save Automated Process". You can then preview the process by clicking the "Preview Process" button or activate it within the platform using the "Active Process" toggle.

Available Triggers

The Platform Automation Centre supports several triggers that can be used to initiate an automated process. These triggers are as follows:

  • Active Exploit: This trigger is activated when a new active exploit is detected from the daily exploit service.

  • Exploit: This trigger is activated when a new exploitable issue is detected from the daily exploit service or within a closed project.

  • Priority Rating: This trigger is activated when an issue with the selected priority rating is detected.

  • Keyword: This trigger is activated when an issue name has been detected that matches the keyword the user has specified (partial string match).

  • Severity Rating: This trigger is activated when an issue has been detected that matches an issue severity.

  • Tag: This trigger is activated when an issue has been detected that has the matching tag.

Each trigger can be enhanced with search filters such as risk rating, asset priority rating, and tags. With these enhancements, there are 36 possible combinations for triggers alone.

Available Actions

Once a trigger query has been met, there are several actions that can be taken. These actions include:

  • Assign to User: This action assigns the matching criterion to a selected user(s).

  • Assign to Team: This action assigns the matching criterion to a team(s).

  • Recast: This action recasts the matching criterion to a new severity rating (uplift or downgrade).

  • Assign Tag: This action assigns the matching criterion to an existing or new tag(s).

  • Assign Status: This action assigns the matching criterion to a given issue status (published, false positive, accept risk, suppressed, etc.).

  • Assign Priority Rating: This action assigns the matching criterion to an asset priority rating.

  • Assign to Jira: This action assigns the matching criterion to a Jira ticket.

  • Assign to ServiceNow: This action assigns the matching criterion to a ServiceNow ticket.

Process Limitations

The Platform Automation Centre has several process limitations that have been put in place. These limitations are as follows:

  • Process Trigger Limit: Users are limited to 4 action chains within a process. This limit may be increased in the future after further testing in live and client feedback.

  • Action Chain Limit: Users are limited to 4 child actions within an action chain. This limit may be increased in the future after further testing in live and client feedback.

  • Severity Rating Trigger: The severity rating trigger (unless being used as refinement tool along with another trigger) requires the automation process to be assigned to a project. This is due to potential conflicts arising as the global processes execute first, followed by the project specific process.

  • Action Duplication: Actions cannot be duplicated within a single chain. This is to guide people to assign all requirements from an action within one go to keep structure to their chains.

  • Rule Deletion: Users cannot delete an action that has children, you are required to delete each child up to the action you want to delete. This is to avoid losing action data if an action is deleted accidentally, and it also forces the user to make less reckless decisions when it comes to deleting elements of a chain.

  • Trigger Selection Required: A trigger must be selected prior to adding any actions within the chain. This ensures the user has a specific starting point for their chain and forces them to think about their expected intentions for the process.

  • Action Data: Actions need to be supplied with the relevant data in order to save an automation process.

Example Process Library

To help users get started with the the platform Automation Centre, the platform provides a selection of pre-compiled processes. These example processes can be used as templates to build custom processes. The available processes are:

  • Basic Exploit Assignment: If a new exploit is detected within the platform, assign the issue to a user.

  • P1 Critical Issue Assignment: If a P1 Asset has a Critical issue detected, then assign it to a user.

Reverting a Process

In the Automation Centre, users now have the capability to revert single-line processes or bulk action processes. This new feature provides users with the ability to easily undo any unintended changes made to their data, ensuring a clean and accurate dataset.

Benefits of Reverting Processes

  1. Data Clean-up: The revert process functionality enables users to address any unexpected changes that may have occurred during automated processes. This ensures data integrity and helps maintain a reliable and accurate dataset.

  2. Flexibility and Control: Users have the flexibility to selectively revert single-line processes or perform bulk action processes. This level of control allows for efficient data restoration based on specific requirements.

Reverting a Single-Line Process

To revert a single-line process, follow these steps:

  1. Access the Automation Centre within the platform.

  2. Locate the specific process that needs to be reverted from the Audit Log.

  3. Select the process and look for the revert option from the … menu.

  4. Click on the revert option, and the process will be reversed, restoring the data to its previous state.

Reverting a Bulk Action Process

To revert a bulk action process, follow these steps:

  1. Navigate to the Automation Centre in the platform.

  2. Identify the bulk action process that requires reversal from the Audit Log.

  3. Select the bulk action process and find the revert option from the … menu.

  4. Click on the revert option, and the bulk action process will be reversed, reverting all affected data points to their original values.

By utilizing the revert process functionality in the Automation Centre, users can easily undo changes and maintain data accuracy. This feature offers the flexibility to address unexpected alterations in a targeted manner, ensuring a clean dataset.

It is important to exercise caution when reverting processes, as the action cannot be undone. Make sure to review the changes and confirm the need for reversion before proceeding.

Conclusion

In conclusion, the platform Automation Centre is a powerful feature that allows users to create automated processes using triggers and actions. Triggers can be enhanced with search filters and once a trigger query is met, a range of actions can be executed. However, there are certain limitations to the process, such as the number of action chains and child actions, and the requirement for a trigger to be selected prior to adding any actions. Additionally, the platform provides pre-compiled processes to help users get started. Overall, the platform Automation Centre provides a flexible and customizable solution to automate tasks and streamline workflows for improved productivity.