EDR / MDRIdentify, contain, respond, and stop malicious activity on endpoints
SIEMCentralize threat visibility and analysis, backed by cutting-edge threat intelligence
Risk Assessment & Dark Web MonitoringIdentify and quantify unknown cyber risks and vulnerabilities
Cloud App SecurityMonitor and manage security risk for SaaS apps
SOC ServicesProvide 24/7 threat monitoring and response backed by ConnectWise SOC experts
Policy ManagementCreate, deploy, and manage client security policies and profiles
Incident Response ServiceOn-tap cyber experts to address critical security incidents
Cybersecurity GlossaryGuide to the most common, important terms in the industry
ConnectWise Strengthening its Security Posture
Emphasizes “Shift Left” in Software Development Cycle, Independent Third-Party Testing and Commitment to Transparency
ConnectWise, the leading provider of business automation software for technology solution providers (TSPs), today announced updates it is taking to strengthen its security posture.
The company is expanding its “Shift Left” strategy – the practice of implementing security testing and processes to the left, or earlier, in the software development lifecycle to find and prevent issues as early as possible.
“With the current cybersecurity threat landscape in our industry, everyone is a target. Hundreds of software providers, thousands of MSPs, and the millions of SMBs those MSPs support are all at risk,” said Jason Magee, CEO, ConnectWise. “That means that all of us have a part to play in combating those threats – and that includes ConnectWise. We take trust and transparency seriously, and it’s important that our partners understand the steps we are taking to push them and the entire industry as a whole to be more secure.”
The shift-left strategy includes enhancements to secure-by-design practices including threat modeling and abuse case development, increased automated testing coverage, and tighter integration between security and code delivery pipelines.
While the company does regularly engage third parties for security assessment and penetration tests, it is expanding its vulnerability management practices to include a formal Bug Bounty program. Bug Bounty adds value over traditional testing strategies through continuous testing by multitudes of individual testers with a wide range of specialized expertise.
ConnectWise is also committing to transparency with respect to information security for the benefit of its Partners and the MSP community. It has recently launched the first iteration of its Trust site as a primary source of information on a number of security, compliance and privacy topics.
Planned additions include a security bulletins section to communicate security alerts, product vulnerabilities, critical patches and updates with the ability to subscribe for proactive notifications. It will also support the company’s vulnerability disclosure efforts by providing a channel for responsible disclosure of vulnerabilities.
ConnectWise is the world's leading software company dedicated to the success of IT solution providers (TSPs) through unmatched software, services, community, and marketplace of integrations. ConnectWise offers an innovative, integrated, and security-centric platform—Asio™—which provides unmatched flexibility that fuels profitable, long-term growth for partners. ConnectWise enables TSPs to drive business efficiency with automation, IT documentation, and data management capabilities. And increase revenue using remote monitoring, cybersecurity, and backup and disaster recovery technologies. For more information, visit connectwise.com.