UiPath partners with CrowdStrike to protect SaaS workflow automation

UiPath is expanding its Robotic Process Automation (RPA) platform with new features, hoping to place it in the CIO’s focus, including better security, cloud-native delivery models, and the ability to automate through APIs and UIs.

The security component comes from a collaboration with CrowdStrike, and API automation is the result of UiPath’s acquisition of Cloud Elements in March 2021.

A recent IDG Research survey found that despite the growing demand for business process management and workflow automation, many IT organizations have no interest in RPA. UiPath’s move to more complex API automation capabilities—and the collaboration between the workflow automation platform ServiceNow and process mining expert Celonis—shows that automation vendors are looking to solve a wider range of CIO problems.

UiPath’s RPA platform, released in the fall of 2021, will enable users not only to drive applications through the user interface, but also to drive applications through APIs, and combine these two methods in the same automation. There will be 70 prefabricated connectors by the end of the year, and there will be more in the future.

“We are making all these APIs, our connectors, and all authentication protocols that support these connectors and cloud connections locally available in the UiPath design environment,” said Param Kahlon, UiPath Chief Product Officer. “You can now build a business process or workflow that uses a combination of API, UI automation, and machine learning prediction in one go.”

In the past, the UiPath agent had to run on a Windows machine, but now, Kahlon says, “all of these executions can actually be performed in a Linux-based container, so it can scale over time as you use it.”

Cloud automation

Kahlon said that UiPath has adjusted its entire platform to a cloud-native delivery model, delivering it to more than 2,500 customers in a SaaS model. To this end, UiPath has developed specialized management tools and deployment tools. The company packages them for Kubernetes deployment, and customers can run them in their private cloud or locally.

“This reduces the cost of running the platform, but it also provides the same consistent and unified experience for customers who choose a cloud version of our product or choose to deploy it internally,” he said.

Since UiPath’s agents can now run anywhere, and data can be accessed almost anywhere through these cloud connectors, users may worry about security: how can they ensure that the data access permissions they grant to the agent will not be abused?

“You want to make sure that the robot follows the same policy, or possibly a stricter policy,” Kahlon said. “For example, you may want to allow employees to access their own confidential information stored in SharePoint, but you may not want bots to access that information, or if a bot accesses it, you want to know when it accessed it and what it did .”

UiPath’s answer to this is an engineering partnership with CrowdStrike, which enables CrowdStrike’s Falcon endpoint security tool to more easily monitor and limit the data that UiPath’s agents can access when necessary, and to allow UiPath users to obtain more detailed reports. What happened. When the latest version is released-October 25, 2021, UiPath and CrowdStrike in early November-the joint customers of the two companies only need to link their two products to enable the new features.

“As your policy manager, you decide what threatening activity is. With this combined solution, customers can monitor robot activity and receive alerts when robots do behaviors that are not in compliance with the policy or appear to be inconsistent with expectations,” Kahlon said.

One possible application is on a machine running Microsoft PowerShell. “This is a very powerful tool that can provide admin rights to the machine. You might want to say that PowerShell permissions are not available to bots, so if someone builds a script for the bot to call something in PowerShell, you want to stop the bot Execute it,” he said.

Kahlon said that although UiPath and CrowdStrike collaborate on security, it is trying to build its own platform for other functions.

“Our focus is to take advantage of what we have done well in RPA and extend it to create an end-to-end platform that customers can use to discover processes, run automation via API or UI or machine learning-based predictions, and then Able to create an engaging experience around this end-to-end product.”

He said that competitors such as Celonis or ServiceNow only do part of these things and are collaborating to build more complete products. “From our perspective, this proves that what customers are looking for is an end-to-end platform, not a part of it.”

At the Forward IV User Conference in Las Vegas this week, UiPath revealed some other features it is adding to its platform, including automated robot repair, which uses its platform’s IT automation capabilities to detect and repair the runtime environment Issues in, new solution templates, and a new framework for custom process mining.