Try AlgoBot

AlgoSec AlgoBot is your personal security policy management assistant. AlgoBot provides quick and easy access to core ASMS functionality from the comfort of your organization's existing chat platforms, including Desktop, Web, or Mobile options. AlgoBot is supported for Slack, Microsoft Teams, and both online and on-premises versions of Skype for Business.

To deploy AlgoBot, first install AlgoBot on your chat platform, and then on your ASMS server.

AlgoBot prerequisites and deployment configurations

As a Chat Bot, AlgoBot has to be notified of any new messages that the users may send over one of the supported chat platforms. To integrate AlgoBot with your organization's chat platforms, your system must meet the following prerequisites:

Internet access

The ASMS server must be able to access the internet and the chat platform servers. Unauthenticated proxies are supported if needed.

For details, see the diagrams below: AlgoBot with no proxy | AlgoBot with a proxy
Permissions You must have administrator privileges and access to authorize AlgoBot on your chat platform.
DNS The ASMS Central Manager must be configured with DNS.
Installation files To obtain AlgoBot installation files, contact AlgoSec support.

Back to top

Install AlgoBot on Slack

Install AlgoBot on your Slack workspace to chat with AlgoBot on Slack. You must be a Slack Administrator to perform this procedure.

Do the following:

  1. Click this link to Slack or navigate to https://lyfwzqae36.execute-api.us-west-1.amazonaws.com/production/slack/ to install AlgoBot on Slack.

  2. Click Add to Slack. You are prompted to authorize the AlgoSec Slack App.

  3. Click Allow.

    AlgoBot is authorized on Slack, and the following keys and values are displayed:

    • BOT_TOKEN
    • BOT_ID
  4. Click Export to CSV to download these values and save them for later use.

Continue with Install AlgoBot on the ASMS server.

Back to top

Install AlgoBot on Microsoft Teams

Use the Microsoft App Studio app to install AlgoBot on Teams.

Do the following:

  1. On Microsoft Teams, AlgoBot must use webhooks to be notified about new messages.

    Use one of the following options to configure AlgoBot to accept webhook tunnels from the internet:

    ngrok is a useful tool to create secure tunnels to locally hosted applications using a reverse proxy. Microsoft recommends ngrok in their documentation.

    ngrock Subscription Levels:

    • The Basic level provides a stable custom endpoint. For example, during ASMS upgrades and reboots, Teams will maintain endpoint settings. The Basic level is recommended for a production environment.

    • Using the Free level, the endpoint needs to be manually updated after ASMS upgrades and reboots. The Free level is more suitable for a demo/testing environment.

    Pricing: See ngrok pricing (for Basic level).

    Install and configure ngrok for use with AlgoBot

    1. Download ngrok for Linux from the ngrok download page to your ASMS machine.

    2. Extract ngrok-stable-linux-amd64.zip to the /home/afa folder.

    3. On the ngrok website ngrok.com, log in to your ngrok subscription.

    4. On the Authentication tab, select Your Authtoken sub-tab.

      Copy the Authtoken script from the Command Line section:

      ./ngrok authtoken <Your Authtoken>

      Paste to the command line on the ASMS machine, and run the command.

    5. For the Basic subscription, run the following command using a unique name for the subdomain:

      ./ngrok http -subdomain=<unique name> 5000

      For example, ngrok http -subdomain=algobot.companyName 5000

      For the Free subscription level, run the following command:

      ./ngrok http 5000

    6. Note the https endpoint provided by ngrok, and save it for later.

    TunnelRelay is a Microsoft OpenSource project to allow bots running from internal networks to respond to messages from Microsoft Teams.

    • Requirements: Admin access to a Microsoft Azure subscription.
    • Pricing: Volume-based pricing by Azure. For more details, see the TunnelRelay README .

    Note: TunnelRelay cannot currently run on ASMS machines directly. Instead perform this procedure on another Linux machine (version must be supported by TunnelRelay). The machine you use should have access to a web browser.

    Install and configure TunnelRelay for use with AlgoBot.

    1. In Azure, create a new relay and give it a logical name. Select any region available for your new relay.
    2. Download the latest TunnelRelay.Console v2 binary file for your operating system from GitHub .
    3. Open a command line, and navigate to the folder that holds the TunnelRelay.Console executable.

    4. Run the TunnelRelay.Console executable. Follow the on-screen instructions to enable TunnelRelay and connect it to your Azure subscription.

      Use your Microsoft Azure credentials to log TunnelRelay into your account. Select the relay you created in step a.

    5. Set TunnelRelay to forward webhook requests to your ASMS machine, running AlgoBot, with port 5000.
    6. Note the webhook endpoint provided by TunnelRelay, and save it for later.
  2. Install AppStudio to your Teams server from https://aka.ms/InstallTeamsAppStudio.

  3. Extract the algobot-<version #>.zip file you downloaded from the AlgoSec portal, and locate the microsoft-teams-manifest.zip file.

    Note: In this filename, the <version> value may change with each AlgoBot update.

  4. In Microsoft Teams, in the App Studio app, do the following:

    1. Click the Manifest Editor tab.
    2. Click Import an existing app, and select the microsoft-teams-manifest.zip file.
    3. Select the newly imported algobot app.

  5. Click Capabilities > Bots > Set up. On the New bot tab, do the following:

    1. In the Name field, enter AlgoBot.
    2. In the Scope area, select the Personal, Team, and Group Chat options.
    3. Click Create bot.

    A new bot ID value is displayed. Copy it and save it for later.

  6. In the App Passwords section on the Bots tab, click Generate New Password.

    Copy the generated password and save it for later.

    Note: This password is used by Microsoft to cryptographically sign incoming messages, and by AlgoBot to authenticate the source of incoming messages.

  7. In the Messaging Endpoint section on the Bots tab, update the URL used to access AlgoBot via webhooks.

    For example, if you created a ngrok tunnel using ngrok .com, the Messaging Endpoint will be similar to the following:

    https://0a065b29d1e6.ngrok.io

  8. Click Finish > Test and Distribute, and then click Install.
  9. By default, AlgoBot is installed only for you. Enable the Add to a team option, and select your team to make AlgoBot available for everyone.

Continue on this page with Install AlgoBot on the ASMS server.

Back to top

Install AlgoBot on Skype for Business

AlgoBot supports both the online and on-premises versions of Skype for Business.

Skype online

Navigate to Welcome to AlgoBot Installation Skype For Business version, and follow the instructions.

Note: After completing step 1, you will have a file named algobot-s4b-ucwa-credentials.json.

Save this file on the ASMS server, in the /home/afa/algobot/ directory before continuing.
Skype on-premises

Do the following:

  1. On your Skype for Business on-premises server, create a user for AlgoBot, with a username and password. An Admin user is required for this step.
  2. Disable external communication for the AlgoBot user, as AlgoBot will be available on Skype as all other users in the organizaiton.
  3. Log in to Skype for Business as AlgoBot.

Note the AlgoBot username and password for later use.

Once complete, continue with Install AlgoBot on the ASMS server.

Back to top

Install AlgoBot on the ASMS server

After installing AlgoBot on your chat platform, install AlgoBot on your ASMS server, and connect the two installations.

Do the following:

  1. Browse to the AlgoSec Portal and navigate to Downloads > Software > AlgoSec AlgoBot. Click .
  2. Use any standard SFTP tool to place the downloaded zip file on the ASMS Central Manager, in the /tmp directory.
  3. Log on to your Central Manager via SSH, as user root.

  4. To extract the installation files, run:

    unzip /tmp/algobot-<version #>.zip -d /home/afa

    where the <version> value differs with with each AlgoBot update.

    The following responses appear:

    Archive: /tmp/algobot-<version #>.zip creating: /home/afa/algobot/

    inflating: /home/afa/algobot/algobot-version.txt inflating: /home/afa/algobot/algobot

  5. Navigate into the AlgoBot directory, and start setting up AlgoBot by running:

    ./algobot <platform> --config

    where <platform> is one of the following, depending on your chat platform:

    • Slack: slack
    • Microsoft Teams: microsoft-teams
    • Skype for Business: s4b-online or s4b-onprem

  6. Follow the on-screen instructions and enter the details as needed.

    You saved some of these details when you performed the procedures above:

    Note: Some values have defaults already configured. To use the default value, press ENTER when relevant.

    Some steps will prompt you for optional configurations, as follows:

    The CLI will ask whether a proxy configuration is needed for your installation.

    The default value is no, or no proxy.

    To configure a proxy, enter yes instead, and then enter the proxy URL and port. The proxy URL must include the http:// or https:// prefix.

    The proxy will be used for both HTTPS and the HTTP proxy for AlgoBot to contact each of the chat platform's servers.

    AlgoBot can handle simultaneous commands from multiple users.

    The default number of concurrent command is 7.

    To modify this number, enter a different number of concurrent commands to support. To modify this value later on, re-run the configuration as needed.

    The CLI will prompt you to customize the set of commands exposed to end-users.

    Unless you have a specific need for your organization, we recommend entering no, and enabling AlgoBot to provide it's full set of features.

    Note: To support multiple AlgoBot instances running a the same time, supporting multiple chat platforms, run AlgoBot using a separate configuration file. For more details, see Run multiple AlgoBot instances on a single machine.

    AlgoBot is now installed on your ASMS server and connected to your chat platform.

    The following is a sample CLI output for installing AlgoBot on the Central Manager and connecting to Slack:

    ######################## ALGOBOT BACKEND SETUP ######################## [PRESS ENTER WHEN READY]

    AlgoSec server IP [127.0.0.1]: AlgoSec user: admin

    AlgoSec password:

    BOT_TOKEN: xoxb-162846395123-veXbEQ1Xk1g

    BOT_ID: U4SQWB

     

    Number of concurrent command handlers [7]:

    Would you like to configure custom proxy settings? [y/N]: y

    Proxy url: https://my.proxy.net

    Proxy port: 8080

    Would you like to customize the commands AlgoBot will show to users? [y/N]: ######## Config creation finished ########

    Thanks! config file created at /home/afa/algobot/algobot-slack.conf

    You can re-configure any of the options above by running the AlgoBot again with '--config' option

    Please re-run the script to use the new config

  7. Start AlgoBot as a background process by running:

    ./algobot <platform>&

AlgoBot is up and running, and ready for chatting! For details, see Chat with AlgoBot.

Back to top

Chat with AlgoBot

Chat with AlgoBot to run traffic simulations, submit change requests, analyze application impact, and more!

  • Enter @algobot help to view a full list of available commands and requests.
  • Send direct messages to AlgoBot from your chat platform. If there are more than the two of you in the chat, use the @algobot prefix so that AlgoBot knows you're talking to it.

  • Language support: If you’re typing in English, German, French, or Portuguese, AlgoBot will attempt to recognize the language and reply in kind. By default, AlgoBot replies in English.

  • Invite AlgoBot to any of your Slack channels. Once invited, AlgoBot listens to all commands you send to @algobot.

Note: Make sure that you have run an analysis in AFA before using AlgoBot. AlgoBot needs AFA data to be able to help you!

For example:

Back to top

AlgoBot maintenance and advanced configurations

The following sections describe how to maintain and troubleshoot your AlgoBot installation, as well as additional configurations.

Logs and configuration files

AlgoBot log files are created under ~/algobot, usually defined as /home/afa/algobot.

A set of log and configuration files are saved for each chat platform, with the platform name, such as slack, as part of the filename.

Each set includes the following files:

algobot-<platform>.conf The configuration data generated as part of the installation and configuration process.
algobot-<platform>.log

General logs, commands, and errors. If you need to contact AlgoSec support in reference to AlgoBot, support may request this file.
utilization-<platform>.log A synthesized, clear log of the commands used in AlgoBot for analytics purposes.

Upgrade AlgoBot

To update an existing AlgoBot installation, do the following:

  1. Replace the existing AlgoBot run file on the Central Manager with the new one provided by AlgoSec.
  2. Perform steps 1-3 in Install AlgoBot on the ASMS server.

No additional configuration is required.

Run multiple AlgoBot instances on a single machine

To support multiple AlgoBot instances running a the same time, supporting multiple chat platforms, run AlgoBot using the following syntax:

./algobot --config-path /some/path.conf

where /some/path.conf is the path and filename of a separate configuration file. When run using this syntax, the CLI prompts you to create the defined configuration instead of the default.

For example:

algobot slack --config-path /path/to/config1 algobot slack --config-path /path/to/config2

Alternately, use the linux alias command to match each AlgoBot instance with a name and easy-to-run command.

For example:

alias algobot-team1=”~/algobot/algobot slack --config-path /path/to/config1” alias algobot-team2=”~/algobot/algobot slack --config-path /path/to/config2”

Then, run algobot-team1 to launch this instance.

Back to top