Jump the section of interest:
What is CloudBot?
In short, Cloudbot, allows you to customise the management and scanning of your cloud assets, with varying degrees of automation.
For a detailed overview of how to enable CloudBot and all the various features, head to this article.
When will a cloud target consume a license?
If any of the following scans are run and the target is found to be active, a license will be consumed for 30 days:
If the target is found to be unresponsive, it won't consume (as with all other external targets).
How does licensing work for ephemeral targets?
If they're imported, scanned and active – they will consume a license and it will be locked for 30 days.
Can I prevent imported targets from consuming licenses?
Yes, if they haven't been scanned yet – just exclude them.
If it's a few ad-hoc targets, select the checkbox and hit the
If you a specific subset in mind, you can utilise the filter feature, select all and hit the
What if I exceed the licenses in my account?
CloudBot will automatically add any new targets it finds, but you'll only be able to scan as many targets as you have licenses available. If you kick off a scan and you're short on license we'll drop you an email to let you know:
You can also find this information in the portal Targets > Licenses:
What type of targets does CloudBot support?
Our cloud integrations (and therefore Cloudbot) only support the types of targets listed below (though you may be able to add them manually):
External facing IPs
Internal only VM
Azure app service endpoints
How often are targets added?
CloudBot checks your connected cloud account every two hrs for new targets and adds them accordingly.
What happens if I remove a target in my cloud account?
As soon as CloudBot detects it's no longer present in your cloud account, it removes it from the Intruder portal.
Can I choose what cloud targets are added?
Absolutely! For reference,
Auto-add targets, will include all supported assets for that cloud platform.
But if you toggle
Auto-add targets to on and create a rule, you can choose what gets pulled through. (For example, below you'll see we've only pulled in targets with specific tags).
Can I turn CloudBot on for some cloud accounts and not others?
Absolutely! CloudBot is activated per cloud account – enabling/disabling it for one, will not enable/disable for another.
Do I need to add cloud targets to existing schedules every time one is imported?
Not at all. Any assets imported via Cloudbot will be automatically enrolled in scans set to run on
All targets (be it ad-hoc or scheduled).
Can I scan on import?
Yes! You can also opt for them to be scanned as soon as Cloudbot detects them, which is especially helpful if you're not logged into the tool and/or your next scheduled scan isn't for a little while.
To enable this, just head to Targets > Cloud accounts > click the account > Settings:
Note: CloudBot is only available for customers on our Pro, Premium and Vanguard plans.