Start WAF Trial

Do you need a WAF for ConnectWise PSA?

Tag: Reverse Proxy

Do you need a WAF for ConnectWise PSA?

Do you need a WAF for ConnectWise PSA, or other cybersecurity hardening? In short, yes! In this blog post, we’ll explore the attack surface and defense techniques for ConnectWise PSA (aka ConnectWise Manage, or just “ConnectWise,” depending on how long you’ve been in the industry). ConnectWise PSA: Not an RMM, but still an attack target […]

4 Reasons CloudFlare isn’t good for MSP tools

CloudFlare, the popular security services provider, probably isn’t a good choice for your MSP tools. Here at Automation Theory, we’ve seen the whole spectrum of security options for MSP tools. While their services are easy to use, several things lacking in the CloudFlare offering make it a poor fit for MSP tool security.  History CloudFlare […]

ConnectWise Automate Firewall ports: The complete guide

ConnectWise Automate firewall ports have changed over the years, and many partners still have ports open that aren’t required (or are dangerous to have open). Since the guidance has changed over the years, we wanted to create an updated guide that covers how the protocols work, along with what firewall ports are required (and what […]

5 Lessons from the CVSS 10 ScreenConnect Vulnerability

It’s been six months since the CVSS 10 ScreenConnect vulnerability (CVE-2024-1709), and now that the dust has settled, it’s a prime opportunity to glean go-forward security insights from lessons learned during the incident. Below, we’ll walk through five lessons each MSP should review and consider regarding their own security posture. Lesson 1: Enumeration is deadly […]

Protecting ScreenConnect with a WAF

In light of the critical vulnerabilities (CVE-2024-1709 and CVE-2024-1708) impacting ScreenConnect, we wanted to get information quickly posted about security options for ScreenConnect. In this post, we’ll review the benefits and common issues associated with using a WAF for ScreenConnect. Note: If your ScreenConnect isn’t patched to 23.9.8.x or above, stop everything and patch immediately. […]

Defending the MSP tool stack in a zero-day world

We had the pleasure of being a vendor and speaking at MSPGeekCon23 — and it was a fantastic conference! We presented our talk, “Defending the MSP tool stack in a zero-day world,” and converted it into a blog format below. Setting the stage: the zero-day world Zero-day attacks are increasing, and it’s all fun and […]

Connectwise Automate IP Restrictions: The good, bad, and ugly

IP restrictions for Connectwise Automate were released in patch 2022.11. This long-awaited feature has some nuances worth noting in the implementation, which we’ll discuss below. But first, let’s review the good parts of this feature. The good: IP restrictions are possible with Connectwise Automate Right off the bat, it’s worth noting that this much-requested feature […]