Deliver Secure Intelligent Automation in Python

BotCity Platform and BotCity Security Guidelines provides the framework for a secure intelligent automation initiative.

Cloud Trusted By

Secure Intelligent Automation in Python

BotCity Security Guidelines

Security best practices and procedures to adopt in your Intelligent Automation initiative

Secure Cloud by AWS

Intelligent threat detection, real-time monitoring provided by AWS.

Applying the Best Standards

BotCity security practices are aligned with SOC 2, ISO 27001 and other standards.

Continuous Compliance by Vanta

Vanta guarantees our infrastructure and security practices meets high standards.

Guides, Whitepapers and Projects

Python Development Guide

Security best practices and procedures to adopt in your Intelligent Automation initiative

Read Page

Memory Safe Languages

Recommended programming languages by US Department of Defense

Read Whitepaper

Python Projects at NASA

Python drives innovation at the biggest space agency

Check Projects

Python Success Stories

"Python is part of the winning formula for productivity" - Python Foundation

Success Stories

Cloud Platform Security Checklist

Infrastructure security

Checked icon

Load balancers in use

Checked icon

Autoscaling of infrastructure

Checked icon

Redundant backup and locations in use

Checked icon

Firewall disallow traffic

Checked icon

Intelligent thread detection

Checked icon

Server logs retained for 365 days

Data security

Checked icon

Database Cluster Tier Autoscaling

Checked icon

Database Cluster Storage Autoscaling

Checked icon

Database Cluster Backed up

Checked icon

Database Cluster Encrypted

Checked icon

Database Cluster Replicated

Checked icon

Data in AWS S3 is encrypted at rest

Product security

Checked icon

Vulnerability scanning enabled

Checked icon

Vulnerabilities identified are addressed

Checked icon

SSL/TLS enforced

Checked icon

Strong SSL/TLS cyphers used

Checked icon

Security concerns channel established

Checked icon

OAuth 2.0

Organizational security

Checked icon

Password policy enforced

Checked icon

Confidentiality Agreement acknowledged by employees and contractors

Checked icon

Multi-factor authentication enforced

Python with Security

Official SDKs from third-party provides

Don't wait for a low-code connector or updates. Unlock seamless integration and enhanced security by leveraging official SDKs in Python.

Trusted Frameworks

List of frameworks that are market standard and trusted by the best companies.

Eliminate Shadow IT

Python is already being used in your company. Ensure compliance and streamline your IT operations with orchestration and governance.

Secure Cloud Platform

Your Automation On-Premises

Orchestrate with our cloud-based platform while running your automations 100% on-premises.

You have full control over the data that is transmitted to the cloud.

SSO and User Federation

BotCity integrates with your Identity Provider (IdP) to simplify access and manage access efficiently across your systems.

Intelligent Threat Detection

Amazon GuardDuty continuously monitors our infrastructure and workloads for malicious activity and delivers detailed security findings for visibility and remediation.

Continuous Compliance by Vanta

Security is our top priority. With Vanta we have continuously monitoring of all aspects related to security compliance.

Access Controls and Permissions

Set up groups and repositories to allocate resources and control access across specific departments and users. Assign specific roles for developers, operators or administrator.

Boost observability with centralized audits

Explore comprehensive audit logs with events filtered by users, origin and date. Expand your BI platforms with data integration through BotCity Insights.

Frequent Questions about Security

Where can I find information about BotCity's service status?

You can find information on our services status page.

Does BotCity encrypt data at rest?

All databases with customer data, in addition to S3 buckets, are encrypted at rest.

This means the data is encrypted even before it hits the database so that neither physical access, nor logical access to the database, is enough to read the most sensitive information.

How does BotCity encrypt data in-transit?

BotCity uses TLS 1.2 or higher everywhere data is transmitted over potentially insecure networks. Server TLS keys and certificates are managed by AWS and deployed via Application Load Balancers.

Where are your servers located?

BotCity's servers are located in AWS, with options for data residency in the South America, US and EU regions for non-free plans.

Does BotCity support integration with identity providers such as Azure Active Directory (EntraID), Google Workspaces and others?

BotCity uses Keycloak for identity and access management. Keycloak can be connected to many providers such as Azure Active Directory (EntraID), Google Workspaces, Microsoft LDAP and other providers via OpenID and SAML 2.0.

Where are my automations executed and which data is collected?

BotCity Orchestrator is a cloud-based application but agents and consequently all automations are executed in your infrastructure, behind its firewall and security layers accessing local resources and systems, as illustrated in the diagram below.

BotCity Orchestrator requires only the task finish status to keep track of your automation success rate. All other information, such as logs, alerts, errors and additional integration are completely optional and must be explicitly added into the automation code by developers.

BotCity Orchestrator is a cloud-based application but agents and consequently all automations are executed in your infrastructure, behind its firewall and security layers accessing local resources and systems, as illustrated in the diagram below.

BotCity Orchestrator is a cloud-based application but agents and consequently all automations are executed in your infrastructure, behind its firewall and security layers accessing local resources and systems, as illustrated in the diagram below.

How does BotCity handle credentials and secrets for my automation?

BotCity Orchestrator offers a credentials/secrets storage which can be used. All credentials are encrypted in our database and can be fetched via authenticated API calls and/or our official SDK.

You can also integrate your automation with your favorite credentials/secrets manager such as Azure, AWS, Google, HashiCorp, BitWarden and others by using their official SDKs and APIs.

I found a vulnerability, how do I report it?

Please let us know immediately by reach out to us at security@botcity.dev.

What is BotCity's privacy policy?

Please refer to the latest BotCity Privacy Policy.

Get started with BotCity for free

Unlock the full potential of intelligent automation

Boost tech team productivity with BotCity's Python RPA and Intelligent Automation software. Drive ROI, orchestrate and enhance performance.