Gynoid that audits Slack messages and executes actions in response
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Webtask
images
lib
.gitignore
README.md
droid.json
index.js
package.json

README.md

Audit-Droid

Overview

Audit-droid is part of Auth0's bot army. We use it to get our users to acknowledgement a particular security event. There are more details on how to use it in this blog post.

The bot is constructed from existing Auth0 components:

  • Audit-droid extends Gynoid.
  • Auth0's Slask is used to simplify Slack button workflows. You will need a Slask account, key and callback ID to use this code.
  • We use a Webtask for the Slask webhook (example code is included).

Flow Diagram:

  1. When Audit-Droid matches an event (defined in droid.json) it constructs a Slack message which can be 'approved' or 'rejected'. When an action is selected the result is sent to Slask.
  2. Slask then updates the message in the channel with the outcome of the action.
  3. Slask fires the assigned webhook - we use a webtask.
  4. The Webtask takes an action according to which button was pushed. If 'reject' was selected then a new Slack message is sent to our #security-alerts channel.

Installation

Follow the instructions to install Gynoid and its dependencies.

The Audit-Droid extension requires some extra configuration keys in the gynoid.config.json. Here is an example:

{
  "keys": {
    "gynoid": {
      "SLASK_TOKEN": "<SLASK_TOKEN>",
      "SLASK_CB": "<SLASK_CALL_BACK_ID>"
    },
    "GITHUB_TOKEN": "<GITHUB_TOKEN>",
    "GYNOID_TOKEN": "<SLACK_TOKEN>"
  },
  "droids": {
    "gynoid": {
      "token": "<SLACK_TOKEN>",
      "extensions": [
        "gynoid-droid",
        "audit-droid"
      ]
    }
  }
}

After you have Gynoid up and running then extend its functionality from this repository:

@$botname extend gynoid from auth0/audit-droid

Notes

  • You can lock Gynoid down to specific channels by setting a channel acl:
@$botname secure $your_channel_name
  • Review the droid.json file and change the acl for the channel you want to monitor.
  • Github docs for their webhooks can be found here

Issue Reporting

If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.

For Auth0 related questions or support please use the Support Center.

Author

Auth0

License

This project is licensed under the MIT license.