Get Support

Request a Quote

Platform
PSA and RMM

PSA

RMM

CPQ

Remote Access

Reporting

Documentation

Payments

Customer Feedback

Solve any challenge with one platform

Operate more efficiently, reduce complexity, improve EBITDA, and much more with the purpose-built platform for MSPs.

Explore the Platform

Cloud Services Hub and Portal Log-in

Explore ConnectWise Cloud Backup, SaaS Security, and more in our Cloud Services hub!
Cybersecurity and Data Protection

MDR

SIEM

Cloud Backup

BCDR

Email Security

x360Recover

SaaS Security

Vulnerability Management

Ensure security and business continuity, 24/7

Protect and defend what matters most to your clients and stakeholders with ConnectWise's best-in-class cybersecurity and BCDR solutions.

Explore Cyber and BCDR

Cloud Services Hub and Portal Log-in

Explore ConnectWise Cloud Backup, SaaS Security, and more in our Cloud Services hub!
Automation and Integrations

RPA

Sidekick

Integrations

Integrate and automate to unlock cost savings

Leverage generative AI and RPA workflows to simplify and streamline the most time-consuming parts of IT.

Explore Our Marketplace

Cloud Services Hub and Portal Log-in

Explore ConnectWise Cloud Backup, SaaS Security, and more in our Cloud Services hub!
Solutions
By Use Case

Client Onboarding

Increase agility and reduce complexity

Service Desk Ticketing

Deliver fast and efficient service

Cyber Remediation

Deliver holistic cybersecurity and data protection

Billing Reconciliation

Error-free invoicing and revenue protection

Patch Management

Automate patching across all your endpoints

Endpoint Management

Get complete clarity and command over every device

The first and only true MSP platform
By Market

MSPs

Purpose-built MSP solutions to accelerate profitability and growth

IT Departments

IT service management (ITSM) software and cybersecurity for IT teams

Managed Print

Print security, event management, and monitoring

VAR

Proven as-a-service offerings and integrations

The first and only true MSP platform
By Category

Business Management

Streamline end-to-end business management with robust professional services automation

Unified Monitoring & Management

Unlock workflows, automation, and insights you can’t get anywhere else with one suite of solutions

Cybersecurity & Data Protection

Get the software, services, and support you need to sell and secure your clients 24/7

Expert Services

Expert MSP Support and Help Desk Services

The first and only true MSP platform
Community
IT Nation

IT Nation Evolve™

Accelerate your MSP business growth with the premier annual membership program and peer experience focused on planning, accountability, and success

IT Nation Connect™ Global 

Join the groundbreaking MSP community at the can't-miss industry conference for education, inspiration, and networking. Attendees return year after year to be part of a collaborative community focused on helping individuals solve business challenges and grow. 

Service Leadership, Inc.®

Drive financial performance and Operational Maturity Level™ through benchmarking, advanced peer groups, industry best practices, education, and speaking.

Let’s meet up at the industry’s largest MSP event! 
Events

IT Nation Connect Global

November 4-6, 2026 | Orlando

IT Nation Connect Europe

March 9-11, 2026 | London

IT Nation Connect ANZ

August 26-28, 2026 | Sydney

IT Nation Grow

December 10-11, 2025 | Tampa

PitchIT

Apply Today for your chance at $100K in prize money!

Explore all ConnectWise Events

Join fellow IT pros at ConnectWise industry & customer events!

Explore Today

Let’s meet up at the industry’s largest MSP event! 
University

Product Training

Calendar

What's New

University Log-In

Check out our online learning platform, designed to help IT service providers get the most out of ConnectWise products and services.

ConnectWise University

Explore our product training course catalog.
Resources

Webinars

Blog

eBooks

Case Studies

Resources

Feature Sheets

On-demand Demos

Live Demos

Cybersecurity Glossary

Product Roadmap

Explore the ConnectWise Resource Center

Search our resource center for the latest MSP ebooks, white papers, infographics, webinars and more!

Explore Today

Explore the latest product innovations designed to enhance your ConnectWise experience.
About Us
About Us

Mission & Values

Careers

Leadership

Board of Directors

Philanthropy

Experience the ConnectWise Way

Join hundreds of thousands of IT professionals benefiting from and contributing to a legacy of industry leadership when you become a part of the ConnectWise community.

Learn More

Transform your business with the ConnectWise community
News and Press

Press Room

Awards

Case Studies

Experience the ConnectWise Way

Join hundreds of thousands of IT professionals benefiting from and contributing to a legacy of industry leadership when you become a part of the ConnectWise community.

Learn More

ConnectWise Partner Success Stories
ConnectWise

Expanded Definition: Penetration Testing

What is penetration testing?

To fully understand (and patch) the holes in their cybersecurity defenses, organizations will conduct what are essentially corporate-approved hacking attempts.

Called penetration testing, these attempts are carried out by a team of white hat hackers who try to break into an organization. They may combine a number of different attack methods, including:

  • Social engineering, such as phishing emails
  • Leaked or stolen credentials (often discovered via a dark web scan)
  • Software vulnerabilities, such as outdated operating systems or unpatched software
  • And more

The goal of these operations is to understand an organization’s vulnerabilities before a real threat actor can exploit them. With the rise of data breaches, many organizations request or even require routine penetration testing from partners, vendors, and other business players. Many leading cybersecurity frameworks and regulations may require penetration testing, too.

It’s important to note that penetration testing is not synonymous with the term vulnerability assessment, which may encompass penetration testing but is a separate term and set of processes.

The MSP role in penetration testing

Penetration testing is typically carried out by a specialty organization, so this is not something your managed service provider (MSP) business is likely to offer clients. However, MSPs can play an important role after a penetration test uncovers potential issues.

Once organizations understand the ways in which a hacker could break into their systems, they can take steps to address the issue. Remediating issues uncovered via penetration testing can include:

  • Upgrading IT systems and endpoints
  • Implementing better software patch management
  • Disabling unused or unnecessary ports, protocols, and services
  • Implementing new controls, such as multi-factor authentication (MFA) or two-factor authentication (2FA)

Many of these activities are the bread and butter of MSPs.

Timely patching

Hackers often exploit vulnerabilities in widely-used software to perpetrate attacks. This is why good patch management — a core service for MSPs — is so important.

By patching both operating systems and software (including third-party software) MSPs can support their clients’ cybersecurity programs. Ensuring that all devices are running updated, patched software, reduces the risk of this vector. With a good remote monitoring and management (RMM) tool, MSPs can put this task on autopilot with automation, too, saving on technician time and ensuring that patches are deployed immediately.

IT asset monitoring and management

Assets leave and join corporate networks constantly, especially in a remote work environment where workers may be using personal devices (such as mobile phones) to conduct work activities. MSPs can support cybersecurity with great IT discovery and asset management.

This can include:

Ports, protocols, and services

Vulnerable ports, protocols, and services are some of the most exploited items hackers use to gain access to corporate networks and systems. That’s why the penetration test report generated by the third-party organization will contain a list of open ports, protocols and services running within your clients’ networks.

MSPs must evaluate this list to determine whether these items should remain enabled. For those not needed, MSPs should take immediate action to disable the port, protocol, or service and set up proper logging and alerting if they are re-enabled within the environment.

It’s also important to note that obfuscating ports or protocols simply by changing their port numbers is not a security best practice. That’s because a free tool like Network Mapper can identify Remote Desktop Protocol running on a different port other than default port 3389. Instead, organizations should keep the default ports in place and set up monitoring and alerting to detect if they are exploited.

Password control

As any MSP knows, password issues are one of the most common causes of tickets. They’re also a big vulnerability.

According to the 2020 Verizon Data Breach Investigations report, if a data breach involved hacking tactics, stolen credentials or brute force measures were used 80% of the time. This just goes to prove that passwords don’t get a pass when it comes to cybersecurity.

Improving and managing passwords is important. Many people reuse passwords across personal and work accounts, which means they’re a vulnerability when passwords are compromised during data breaches (even at non-work companies or apps).

MSPs can help organizations with better password controls by:

Additional resources

The Top 6 Vulnerability Management Best Practices to Know

Managing vulnerabilities is an ongoing and crucial part of any organization’s cybersecurity defenses. Learn about a few of the best practices that MSPs can use to manage their own vulnerabilities and to help clients, too.

ConnectWise Cybersecurity Starter Kit

Want to get started selling cybersecurity? We’ve put together a kit to help. Download the kit today for helpful resources that will transform your business from an MSP to an MSP+ model, including educational information for your SMB customers, templates, and more.

The SMB Cybersecurity Checklist

How secure are your SMB clients? Chances are, they may not fully understand their risks and exposures. Use this 30-item checklist to start the conversation around cybersecurity, help them understand the cybersecurity landscape, and assess their security postures.

Creating Opportunity from Adversity: The State of SMB Cybersecurity in 2020

SMBs are not immune from cybersecurity risks—quite the contrary. Our 2020 survey of 700 SMB decision makers uncovered interesting findings about how these businesses are thinking about cybersecurity, their spending plans, and what motivates them when it comes to security.

The Security Journey Self Assessment

Wondering where you stand in your cybersecurity journey? Take this assessment to understand how advanced your cybersecurity knowledge is and to identify areas where you can expand upon your understanding of key cybersecurity concepts and precautions.

How to Train MSP Employees on Cybersecurity

Cybersecurity is a key area of expansion and demand for MSPs, but it is a specialty. Technicians and other employees may not have the skills or knowledge about cybersecurity yet. This blog post walks through some of the key ways you can bring your MSP employees up to speed on cybersecurity.