State of Connectwise Automate Security 2022

We’re approaching the one-year anniversary of the Kaseya VSA attacks, and here at Automation Theory, we were curious about the state of security for Connectwise Automate. Many MSPs we work with are concerned about similar threats and attacks against the Automate platform. To this end, we wanted to track and provide meaningful reporting about the […]

How to defend ConnectWise Automate in a Cyberwar

Recent world events lead many to conclude that cyber-attacks may be imminent for many countries, and protecting Connectwise Automate from such attacks is on the mind of many MSPs. Below we discuss some background on the threat, and what MSPs can do to defend ConnectWise Automate in a cyberwar. Cyberwar: Are MSPs a target? As […]

How to pwn an Automate server: Connectwise Automate LAN Security

ConnectWise Automate security is something at the forefront of discussion for every MSP. Previously we’ve discussed security from the WAN angle, and how reverse proxy technology can be implemented to reduce the attack surface. However, internal LAN communications can also be an attack vector, and here at Automation Theory, we wanted to give proper attention […]

Is your Automate server open to the world?

Restricting access to parties that need it is a core tenant of IT security. As IT professionals, if a client wanted to leave well-known management ports (like 22 for SSH, or 3389 for RDP) accessible from anywhere, even with proper lockout measures, we’d likely explain that it’s unwise to do. Our preference would likely be […]

Automate Security: Prevent unauthorized users from being created

In light of the recent security vulnerabilities, many Connectwise partners are starting to monitor Automate for the creation of user accounts in Automate (among other security layers). Like all parts of IT security, more is generally better, and prevention is better than cure. With regards to SQL injection of privileged accounts, we can handle this […]