Automation is on the rise, with more organizations using digital workers — or software “robots” — to take on mundane repetitive tasks, to automate business processes and to streamline operations. As a result, as with human workers, autonomous digital workers have now become a more lucrative target for sophisticated cybercriminals. Consider a case in which a robot is programmed to visit a specific URL and download a log file at the same time every day. Now imagine the consequences if the URL has been compromised and the automation downloads a malicious file instead of the usual log file. In this scenario, the robot presents a similar threat as an unintentionally compromised employee or an insider threat. To help protect against these types of situations, industry leaders CrowdStrike and UiPath are joining together to extend endpoint security to robotic process automation (RPA), enabling comprehensive visibility and accelerated response to threats. 

UiPath is an enterprise automation software company offering an end-to-end platform for automation with the leading Robotic Process Automation (RPA) solution. UiPath helps customers automate their business processes, helps employees by automating routine and repetitive work they do on a day-to-day basis, and even implement brand new applications and business processes from the ground up. They help streamline business processes, uncover efficiencies and provide insights, making the path to digital transformation fast and cost-effective.

What Is Robotic Process Automation (RPA)? 

RPA is a software technology that makes it easy to build, deploy and manage software “robots” that emulate human interactions with digital systems and software to bring scale, speed and consistency to business productivity and accelerate digital transformation. This automation needs access to systems and the right privileges to be able to execute and perform tasks with speed and consistency, without the need for manual intervention or risk of human error. Using RPA tools, a company can configure software, or a “robot,” to capture and interpret applications for processing a transaction, manipulating data, triggering responses and communicating with other digital systems.

Viewing RPA Through a Threat-centric Lens

As robot workers take on more tasks from human workers, RPA  becomes an increasingly attractive target for cyberthreats. Robots require access to systems, including sensitive and critical data, to perform their jobs as humans do and that same access can similarly be misused or compromised. While the UiPath platform has been architected with security at the center and its security attested to via multiple recognized standards, automations could, in theory, be built to perform unauthorized tasks surreptitiously, and authorized tasks that involve processing information could be compromised without the robot “knowing.” For example, if anything malicious were embedded in a document the robot opened, or if a website was able to compromise the machine a robot is running on using a browser exploit, then a robot could be as unaware as a human user might be in the same situation. 

Current endpoint security solutions, including next-generation products, might not be able to track specific processes triggered by robots and may lack the visibility to correlate events to originating RPA processes to enable and speed threat hunting, investigation and remediation. If attackers are able to bypass an organization’s defenses and compromise the robots, they could go unnoticed for days or even months. This period of “silent failure” spells success for the attacker and potential disaster for the organization. 

UiPath and CrowdStrike are the first to deliver endpoint detection and response (EDR) for a world where humans and robots work side by side. Because robots are taking similar actions to humans, the threat environments are similar and should be addressed as similarly as possible.

Industry-first Robot Endpoint Protection With UiPath and CrowdStrike

This new integration with CrowdStrike Falcon® Insight™ detects attacker activity, whether initiated by humans or robots, and gives the security team real-time visibility across the environment for proactive threat hunting, incident investigation and remediation. This solution adds an additional layer of organizational protection by broadly treating robots and RPA-initiated processes similarly to any other software processes running on the endpoints, in terms of what behaviors they exhibit within the organization’s environment and how they are monitored and investigated.  

Security teams can then accurately identify and track the source of malicious activity to robots and specific RPA-driven processes, in addition to human-initiated activity, enabling teams to quickly respond and remediate. By quarantining compromised hosts without impacting broader RPAs or hosts, business continuity is ensured in the event of an incident. 

The Journey Forward 

RPA is continuing to extend across the enterprise to automate more processes, making it a fundamental operational asset that companies must protect. The challenge of keeping companies, customers and employees safe increases every day. By partnering UiPath, a leader in RPA, with CrowdStrike’s leading cloud-based security technology, joint customers gain the unique advantages of an extended security posture for their organizations, business continuity for their robot workforce, and improved visibility and analysis capability for their security team — all with seamless technical integration and no additional licensing costs. 

This is the beginning of a very strategic partnership, and we are incredibly excited to deliver this new level of security protection and visibility to our customers through the UiPath automation platform and the CrowdStrike Falcon®® platform. Don’t miss the Fal.Con 2021 learning session, Protect Your Robot Workforce: Extending EDR Into Robotic Process Automation With CrowdStrike and UiPath  — register for Fal.Con 2021 now for free if you haven’t already. 

Additional Resources 

• Read the UiPath and CrowdStrike joint press release.
• Learn more about CrowdStrike Falcon® Insight™ endpoint detection and response (EDR) by visiting this product webpage, reading this data sheet and watching this video demo. 
• Learn how the powerful CrowdStrike Falcon® platform provides comprehensive protection across your organization, workers and data — wherever they are located.
• Get a full-featured free trial of CrowdStrike Falcon® Prevent™ and learn how true next-gen AV performs against today’s most sophisticated threats.