Bots

Secure recording mode ensures that sensitive data is not stored in the bots. When secure recording mode is enabled, the bots do not capture values of certain properties or store application images. You can enable this setting for some or all users of the Control Room.
Note: Secure recording mode only applies to bots that are created or edited after the mode is enabled.

Click Edit in the Bots tab to enable or disable secure recording mode. See Secure recording.
Bot validation performs an additional compile time validation on migrated bots at the preprocessing stage to save your time and effort. By default, the Bot validation feature is set to Off.
Note: You must be a Control Room administrator to view and edit the validation option.

Navigate to Administration > Settings > Bots and set the bot validation option to On to detect compilation errors with bots.

Validation happens at the time of running the bot, for new bots. For migrated bots, this check is performed immediately after bot migration, per configuration.

For example, if a parent bot calls a child bot and the child bot has compilation errors, these errors are displayed when you try to run the parent bot. This ensures that an error does not occur in the middle of an automation or make it an incomplete automation.

In the Bot migration results page, select a bot that needs review. Click the three dots under Reason tab to see the details. With the Bot validation feature set to On, the bots that have compile time errors are displayed as a separate line entry in the migration report.

Migrated bots with compilation errors are shown in Successful with Review section of the migration report and ensures that you can get a list of bots that require your attention.

Policies

Code Analysis: Enable the code analysis feature to run code analysis on your automations. This feature analyzes the code and displays a list of violations based on a set rules. You can review and fix any coding or stylistic errors for your automation.

Code analysis| Code analysis policy management

Devices

When there is a new version of the Bot Agent, it is automatically updated.

IQ Bot

View the website address where IQ Bot is currently installed, if applicable. Click Edit to update the IQ Bot URL.

Email

All users have to confirm email accounts by clicking the confirmation link that they receive, set the password, and security questions before user can log in to the Automation Anywhere Control Room. By default, email notifications are disabled. Mouse over the Edit icon to make changes.

Edit email notifications

Git integration

Remote Git repository must support Git LFS (Large File Support). Bots are synced using standard Git push over HTTPS.

CoE Manager

Enable access to CoE Manager from the Control Room so that you can access CoE Manager from the quick links section on the Control Room home page.

Enable CoE Manager

Login settings

For security, privacy, or any other pertinent announcement, you can provide an additional statement, such as consent text, in the Login settings section. The statement is visible to users every time they log in to the Control Room.

This statement on the login page is disabled by default. If you enable it, you can also provide an option (using a check box) for users to read and accept the statement before logging in to the Control Room.

Security settings

Password Configuration

Administrators can configure password requirements for users to log in to the Control Room. This configuration prevents users from setting weak or most commonly used passwords that might prevent unauthorized access to the Control Room.

Password length (characters): Password length determines the strength of a password.

Minimum: Set the minimum number of characters allowed for the password. By default, the minimum number of characters is set to eight and the number cannot be reduced further.
Maximum: Set the maximum number of characters allowed for the password. By default, the maximum number of characters is set to 50 and cannot be set to more than 64 characters.

You can also enforce the users to include one of the following characters in the password:

A number
An alphanumeric letter
A symbol
A capital letter

Note:

On-Premises users: The check-boxes are enabled, and the user can select or deselect the options.
Cloud users: The check-boxes are disabled, and the user cannot select or deselect the options.

Repetitive Characters: Repetitive characters such as aaaa, bbbb, cccc, and so on in passwords make it easier for attackers to guess the password and are considered to be weak passwords.

Allow unlimited repetitive characters: This option is set as default and allows users to use unlimited repetitive characters in their passwords. Selecting this option might allow users to set weak passwords and vulnerable to attacks.
Limit repetitive characters: Select this option to restrict the users from using repetitive characters in their passwords. Set the repetitive characters limit in the Maximum characters can be repeated option. If you set this limit as one, then no characters in the password can be repeated. If you set this limit as two, users can use two repetitive characters in their passwords. For example, users can use aa, bb, and so on in their passwords.

Sequence Characters: Sequential characters such as qwerty, 123456, abc123, and so on in passwords make it easier for attackers to guess the password and are considered to be weak passwords.

Allow unlimited sequence characters: This option is set as default and allows users to use unlimited sequential characters in their passwords. Selecting this option might allow users to set weak passwords and vulnerable to attacks.
Limit sequence characters: Select this option to restrict the users from using sequential characters in their passwords. Set the sequential characters limit in the Maximum characters can be used in sequence option. If you set this limit as one, then no characters in the password can be used in a sequence. If you set this limit as two, users can use two sequential characters in their passwords. For example, users can use 12, ab, and so on in their passwords.

Restrict common passwords from the system: Allowing users to use common passwords such as 123456, qwerty123, 1q2w3e, and so on makes it easier for attackers to guess the passwords and are considered to be weak passwords.

Do not restrict common passwords: This option is set as default and allows users to use commonly used passwords. Selecting this option might allow users to set weak passwords and vulnerable to attacks.
Restrict common passwords: Select this option to restrict the commonly used passwords. Add the commonly used passwords on separate lines in the text box to avoid users using such passwords.

Set minimum number of days before a user can change their password: If you allow users to change their passwords anytime, they can continue to use the same password even if there is a restriction about not using the last few instances of their passwords. Fox example, if a user is prompted to change their password and restricted to not use any of their last three passwords, the user can change the password three time continuously and set their existing password the fourth time. Setting a minimum number of days before a user can change their password restricts the user from using the same password when they are prompted to change their password.

Disabled: This option is set as default and allows users to change their passwords anytime. Selecting this option might allow users to use the same password and vulnerable to attacks.
Enabled: Select this option to set the number of days users are restricted from changing their passwords. The maximum number of days that you can set is 10. For example, if you set the days to five, a user can change their password again only after five days of changing their password.

Captcha and user lockout: This option prevents attackers from using scripts or bots to guess user credentials and locks the user account after certain unsuccessful login attempts.

Captcha on: This option is set as default and prompts users to solve a captcha before logging into their account. Set the Lock the user out after unsuccessful login attempts option to lock the user after the set number of unsuccessful login attempts.
Lockout on: Set the Lock the user out after unsuccessful login attempts option to lock the user after the set number of unsuccessful login attempts.

API-Key duration

The generated API-Key is used to authenticate users. You can customize how long the generated API-Key is valid to authenticate users until either:

A selected duration is reached (in minutes or days), or
A new API-Key is generated

Note: You determine the validity duration based on your organization's requirements. Maximum supported API-Key duration is 1 to 14,398,560 minutes, or 1 to 9,999 days.

Time-out session settings

You can enable settings to automatically time out users from the Control Room browser session after the specified minutes of inactivity. You can configure the inactivity time in the range of 10-60 minutes in the Time-out session setting field. You can configure the session using increments of 10 minutes. The default value is 20 minutes, which means you will be logged out of the session after 20 minutes of inactivity.

File upload settings

As an Administrator, you can restrict the upload of executable files (dll files, media type application/x-msdownload) to prevent a security breach. To use this feature, enable the File upload settings in Administration > Settings > Security settings.

Notification settings

Manage the notification settings for notification categories and channels. The notification settings defined by the Control Room administrator are applicable for all the Control Room users. Based on these defined settings, Control Room users will be notified about the events.

Administer notifications for Control Room.

User authentication

Configure the to authenticate users through the database option or switch to a SAML Identity Provider (IdP).

Set up SAML authentication

External key vault

External key vaults provide a way to securely store and retrieve credentials using a third-party key manager such as CyberArk, Azure, and AWS Secrets Manager.

Automation 360