Secure Your MSP Tools – Scan Security Posture in Under 5 Minutes

Thousands of MSPs are exposed on the Internet and don’t know it.

Because of their visible nature, MSP tools are often easy targets for attackers. By searching for a single popular RMM tool in Shodan, you can find 7,000+ MSPs. The risk of a zero-day attack increases significantly with this level of surface exposure.

To help MSPs combat this and protect themselves, we’ve created our MSP Tool Security Scanner. Trusted by 106+ MSPs, our scanner provides actionable results regarding security misconfigurations and missing best practices in minutes.

Getting Started

To get started, fill out the form below. After clicking scan, the scanner will redirect to the results page. Server scans are performed in real time; it may take several minutes for the results to be displayed.

    As an additional value, anyone who uses our security scanner will also get an e-mail course on protecting MSP tools.

    FAQs

    How does the scanner work?

    The scanner receives the FQDN of an MSP tool and performs the following checks:

    • Port checks for services that should be open (like HTTPS) and services that should be closed (like database and remote access services)
    • TLS version checks to determine any cryptography issues
    • HTTP header checks to examine potential enumerability and client-side attacks
    • Enumeration checks — the scanner queries Shodan and Google to see if the server is listed, and it also checks to see if the server accepts connections from India to validate GeoIP rules

    Is the MSP Tool Security Scanner secure?

    Yes. All the background data transmission between the scanner components uses TLS encryption. Additionally, the scanner retains no record of the scan results (see “What happens to my data?” below).

    What happens to my data?

    Results are only shown on the results page — the scan results are not stored. The only data retained is what you enter into the form (to prevent abuse/spam, etc.).

    What do the results look like?

    Below is a sample output from a ConnectWise Automate server.

    Security Scan Results

    Summary

    Overall Rating: F
    Your server scored 36/100

    Host Details

    FQDN: automate.REDACTED.com
    IP Address: 52.X.X.X
    Status: up

    Server Port Details

    Port 80 is closed.
    Port 443 is open; secure communication supported!
    Port 3306 (MySQL) appears closed.

    Server TLS Details

    SSL 3.0 is disabled.
    TLS 1.0 is enabled – DANGER! TLS 1.0 contains major vulnerabilities dating back to 2011!
    TLS 1.2 is enabled.

    Server HTTP Header Details

    X-Powered-By HTTP header is present – this can be used to fingerprint the server!
    X-AspNetMvc-Version HTTP header is absent.
    X-Robots-Tag HTTP header is absent or set incorrectly – this server could be enumerated by search engines!

    Server Enumeration Details

    GeoIP restrictions do not appear present; server is reachable from India!
    This server is visible in Google and has 19 hits!
    This server is visible in Shondan! This makes it an easy target for large-scale attacks!