ConnectWise Automate Firewall ports: The complete guide

ConnectWise Automate firewall ports have changed over the years, and many partners still have ports open that aren’t required (or are dangerous to have open). Since the guidance has changed over the years, we wanted to create an updated guide that covers how the protocols work, along with what firewall ports are required (and what […]

5 Lessons from the CVSS 10 ScreenConnect Vulnerability

It’s been six months since the CVSS 10 ScreenConnect vulnerability (CVE-2024-1709), and now that the dust has settled, it’s a prime opportunity to glean go-forward security insights from lessons learned during the incident. Below, we’ll walk through five lessons each MSP should review and consider regarding their own security posture. Lesson 1: Enumeration is deadly […]

Cloud Automate security isn’t necessarily better

Is Cloud Automate (aka Hosted RMM) more secure? In light of the recent ScreenConnect vulnerability, ConnectWise has touted the security benefits of using their cloud-based products. The software and features are approximately the same no matter the hosting configuration (some space restrictions notwithstanding), so ultimately, the hosting decision is a business decision.  However, when it […]

Protecting ScreenConnect with a WAF

In light of the critical vulnerabilities (CVE-2024-1709 and CVE-2024-1708) impacting ScreenConnect, we wanted to get information quickly posted about security options for ScreenConnect. In this post, we’ll review the benefits and common issues associated with using a WAF for ScreenConnect. Note: If your ScreenConnect isn’t patched to 23.9.8.x or above, stop everything and patch immediately. […]