Secure Your MSP Tools – Scan Security Posture in Under 5 Minutes
Thousands of MSPs are exposed on the Internet and don’t know it.
Because of their visible nature, MSP tools are often easy targets for attackers. By searching for a single popular RMM tool in Shodan, you can find 7,000+ MSPs. The risk of a zero-day attack increases significantly with this level of surface exposure.
To help MSPs combat this and protect themselves, we’ve created our MSP Tool Security Scanner. Trusted by 106+ MSPs, our scanner provides actionable results regarding security misconfigurations and missing best practices in minutes.
Getting Started
To get started, fill out the form below. After clicking scan, the scanner will redirect to the results page. Server scans are performed in real time; it may take several minutes for the results to be displayed.
As an additional value, anyone who uses our security scanner will also get an e-mail course on protecting MSP tools.
FAQs
How does the scanner work?
The scanner receives the FQDN of an MSP tool and performs the following checks:
- Port checks for services that should be open (like HTTPS) and services that should be closed (like database and remote access services)
- TLS version checks to determine any cryptography issues
- HTTP header checks to examine potential enumerability and client-side attacks
- Enumeration checks — the scanner queries Shodan and Google to see if the server is listed, and it also checks to see if the server accepts connections from India to validate GeoIP rules
Is the MSP Tool Security Scanner secure?
Yes. All the background data transmission between the scanner components uses TLS encryption. Additionally, the scanner retains no record of the scan results (see “What happens to my data?” below).
What happens to my data?
Results are only shown on the results page — the scan results are not stored. The only data retained is what you enter into the form (to prevent abuse/spam, etc.).
What do the results look like?
Below is a sample output from a ConnectWise Automate server.
Security Scan Results
Summary
Overall Rating: F
|
Your server scored 36/100 |
Host Details
FQDN: automate.REDACTED.com |
IP Address: 52.X.X.X |
Status: up |
Server Port Details
Port 80 is closed.
|
Port 443 is open; secure communication supported!
|
Port 3306 (MySQL) appears closed.
|
… |
Server TLS Details
SSL 3.0 is disabled.
|
TLS 1.0 is enabled – DANGER! TLS 1.0 contains major vulnerabilities dating back to 2011!
|
TLS 1.2 is enabled.
|
… |
Server HTTP Header Details
X-Powered-By HTTP header is present – this can be used to fingerprint the server!
|
X-AspNetMvc-Version HTTP header is absent.
|
X-Robots-Tag HTTP header is absent or set incorrectly – this server could be enumerated by search engines!
|
… |
Server Enumeration Details
GeoIP restrictions do not appear present; server is reachable from India!
|
This server is visible in Google and has 19 hits!
|
This server is visible in Shondan! This makes it an easy target for large-scale attacks!
|