When was the last time you reviewed your firewall rules? Our latest blog post covers firewall rules for #ConnectWise Automate. If you're an #MSP hosting it on-prem, it's worth a read -- especially if you haven't reviewed your firewall config in a while:
Automation Theory
IT Services and IT Consulting
Jefferson, WI 92 followers
Maintenance and security for MSP tools
About us
Automation Theory is an integration and consulting firm for MSP tools, specializing in on-prem infrastructure. We focus exclusively on maintenance and security, ensuring fast, stable, and secure MSP tool stacks.
- Website
-
https://automationtheory.com
External link for Automation Theory
- Industry
- IT Services and IT Consulting
- Company size
- 2-10 employees
- Headquarters
- Jefferson, WI
- Type
- Privately Held
- Founded
- 2020
- Specialties
- Connectwise Automate, MySQL, WAF, Reverse Proxy, Connectwise ScreenConnect, Hudu, Connectwise Manage, and Connectwise PSA
Locations
-
Primary
Jefferson, WI 53549, US
Employees at Automation Theory
-
Jeremy Oaks
Protector of MSPs | Passionate Technologist | MySQL DBA | Founder of Automation Theory
-
Nathan Van Meter
Championing MSP Security | Defender of Digital Frontiers | Account Manager for Automation Theory
-
Amy Roell
DevOps Technician
-
Keaunna Hammer
Business Manager for Automation Theory
Updates
-
Today marks 6 months since the #ScreenConnect vulnerability CVE-2024-1709 was announced. Back-to-school season is upon us, so below is the latest from our blog. These lessons cover everything from enumeration to insurance -- we hope every #MSP has the chance to study before the next zero-day test! https://lnkd.in/dr5Nbetf
5 Lessons from the CVSS 10 ScreenConnect Vulnerability
https://automationtheory.com
-
You've probably heard the chatter about CVE-2024-38063 -- the wormable RCE in the Microsoft IPv6 implementation. Obviously, the first thing to do is #patch! After that, it would be worth reviewing how you protect your #MSP tools that you run on-prem. A reverse proxy running an OS different is very useful in protecting against protocol attacks. If you're interested in a security layer like this, we're happy to assist!
-
Remember the #ScreenConnect vulnerability? It almost seems like a distant memory, and you'd be forgiven if you forgot about it. Do you know who hasn't forgotten about it? Bad actors. Today our WAF blocked malicious requests of a fairly complex bot impersonating macOS trying to find vulnerable ScreenConnect servers. We're going to publish a blog soon about the things each MSP should take away from the ScreenConnect Incident -- make sure to follow us to make sure you don't miss it!
-
Did you know that we maintain the #ConnectWiseAutomate patching thread in the #MSPGeek forums? There have been a number of bugs and changes in Automate that impact any #MSP using the software. The community patch thread is a great reference for anyone running Automate on-prem. You can discover if anyone else has found bugs and potential workarounds for them. This is an invaluable resource for the community, and given the issues with the last few patches, we wanted to remind everyone of it. Thanks to MSPGeek, Inc. for making things like this possible! See the comments for the thread link!
-
Are your MSP tools naked on the Internet? We've updated our #MSP Tool #Security Scanner to scan a variety of common MSP tools (formerly, it was ConnectWise Automate specific). It's designed to check the security posture of MSP tools -- and it can tell you if there's exposed surface area that might be a security issue. We've also added a letter-grade component to the scanner. This is designed to give a quick reference point without diving into the technical weeds. So, if you use #ConnectWiseAutomate, #ScreenConnect, #ConnectWisePSA / #ConnectWiseManage, #Hudu, or #BitWarden (along with any other self-hosted MSP tool with a web UI) you can get a security report for it here: https://lnkd.in/gZwZFQkj
MSP Tool Security Scanner
https://automationtheory.com
-
If you're an #MSP using #ConnectWiseAutomate, it's that time of the quarter again... Oracle is releasing their quarterly security bulletin, and it includes a CVSS 9.8 vulnerability patch for #MySQL. Below is a screenshot of the preview. Here at Automation Theory we offer MySQL patching services for #ConnectWise MSPs. It is important to patch for both #cybersecurity and #cyberinsurance reasons. We have a limited number of new client slots available, use the link in the comments to talk with us today about services!
-
#Cybersecurity for the #MSP industry is an ongoing conversation. Sometimes, vendors speak in general terms, and partners might miss certain nuances. In this blog post, we explain the mechanics of securing the cloud version of #ConnectWiseAutomate. A growing cohort in our industry blindly believes that "cloud is more secure"—and it's not that simple when it comes to Automate. Enjoy the read, and talk with us if you'd like to add security to your #hostedrmm instance! https://lnkd.in/gbTQddVN
Cloud Automate security isn't necessarily better
https://automationtheory.com
-
We've had so many questions, it's #webinar time! If you're an #MSP wanting to protect your #ScreenConnect, this is for you! https://lnkd.in/gbide-FB
Many MSPs had a close call with the ScreenConnect CVSS 10 vulnerability. Our webinar: Securing ScreenConnect with Reverse Proxy and WAF will cover creating robust security controls with a Reverse Proxy and WAF for ScreenConnect.
us06web.zoom.us
-
This probably won't be the last #RMM #vulnerability that #MSPs will face. Hopefully you've patched -- and now we can move on to getting robust defenses in place: #ScreenConnect #connectwise #MSP https://lnkd.in/gJx99Pib
Protecting ScreenConnect with a WAF
https://automationtheory.com