Do you need a WAF for ConnectWise PSA?
Do you need a WAF for ConnectWise PSA, or other cybersecurity hardening? In short, yes! In this blog post, we’ll explore the attack surface and defense techniques for ConnectWise PSA (aka ConnectWise Manage, or just “ConnectWise,” depending on how long you’ve been in the industry). ConnectWise PSA: Not an RMM, but still an attack target […]
4 Reasons CloudFlare isn’t good for MSP tools
CloudFlare, the popular security services provider, probably isn’t a good choice for your MSP tools. Here at Automation Theory, we’ve seen the whole spectrum of security options for MSP tools. While their services are easy to use, several things lacking in the CloudFlare offering make it a poor fit for MSP tool security. History CloudFlare […]
ConnectWise Automate Firewall ports: The complete guide
ConnectWise Automate firewall ports have changed over the years, and many partners still have ports open that aren’t required (or are dangerous to have open). Since the guidance has changed over the years, we wanted to create an updated guide that covers how the protocols work, along with what firewall ports are required (and what […]
5 Lessons from the CVSS 10 ScreenConnect Vulnerability
It’s been six months since the CVSS 10 ScreenConnect vulnerability (CVE-2024-1709), and now that the dust has settled, it’s a prime opportunity to glean go-forward security insights from lessons learned during the incident. Below, we’ll walk through five lessons each MSP should review and consider regarding their own security posture. Lesson 1: Enumeration is deadly […]
Cloud Automate security isn’t necessarily better
Is Cloud Automate (aka Hosted RMM) more secure? In light of the recent ScreenConnect vulnerability, ConnectWise has touted the security benefits of using their cloud-based products. The software and features are approximately the same no matter the hosting configuration (some space restrictions notwithstanding), so ultimately, the hosting decision is a business decision. However, when it […]
Protecting ScreenConnect with a WAF
In light of the critical vulnerabilities (CVE-2024-1709 and CVE-2024-1708) impacting ScreenConnect, we wanted to get information quickly posted about security options for ScreenConnect. In this post, we’ll review the benefits and common issues associated with using a WAF for ScreenConnect. Note: If your ScreenConnect isn’t patched to 23.9.8.x or above, stop everything and patch immediately. […]
Scaling ConnectWise Automate with a 3-way split
RMM scaling is an increasingly common conversation as M&A transactions abound in the MSP space. As companies merge (or experience rapid organic growth), questions arise regarding how scalable Connectwise Automate is. The initial answers might seem discouraging, but we’d like to set the record straight: it’s possible to scale Automate much larger than you’d initially […]
EoL software and MSP insurance requirements
Here at Automation Theory, we advocate for keeping Automate’s MySQL database patched for typical security/performance/stability reasons. However, we’ve recently seen clients purchase our MySQL maintenance packages for cyber insurance reasons — a trend we hadn’t seen before. One client explained that his insurance carrier added a clause that claims wouldn’t be covered if the software […]
MySQL 5.7 End of Life: What Connectwise Automate admins need to know
The MySQL 5.7 end-of-life date is October 21, 2023. Many Connectwise Automate partners are on MySQL 5.7, so here at Automation Theory, we wanted to clarify what that means for the day-to-day operations of Automate and how to take action. End of Life: Just like Windows Software end-of-life with Oracle is the same as with […]
Defending the MSP tool stack in a zero-day world
We had the pleasure of being a vendor and speaking at MSPGeekCon23 — and it was a fantastic conference! We presented our talk, “Defending the MSP tool stack in a zero-day world,” and converted it into a blog format below. Setting the stage: the zero-day world Zero-day attacks are increasing, and it’s all fun and […]