Jump to content

Search the Community

Showing results for tags 'security'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • MSPGeek
    • The Geek Cast
    • Code of Conduct
  • ConnectWise Automate / Labtech
    • ConnectWise Automate / LabTech
    • ConnectWise Automate / LabTech - Development


  • ConnectWise Automate
    • Scripts
    • Plugins
    • SQL Snippets
    • Role Definitions
    • Automate PowerShell Code
    • Reports
    • Internal Monitors
    • Remote Monitors
  • ConnectWise Manage
    • API Interacting Code


There are no results to display.

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start



About Me


Agent Count













Found 7 results

  1. We are reviewing our security procedures and it occurred to me that there may be the need to forcibly log a user out of Control Center/Web Control. I was able to find documentation for revoking user access for Control but I am unable to find anything that pertains to Control Center/Web Control. The thought is, if I were to experience a security incident I may need to kill some or all Control Center/Web Control sessions and prevent them from logging in until the issue is contained. I believe the best approach for this is with an SQL statement to set LockOutExpirationDate to a date in the
  2. I'm trying to get some clarity on where we stand on deploying the Windows Updates that address CVE-2020-1472. And in the case of Windows 10/Server 2016/Server 2019, we need to be able to account for when/if the appropriate August 2020 Updates were installed and not just the most recent ones. I'm probably missing something in Automate that could readily help me account for -or demonstrate- this information. (It looks to me like the Patch Manager is making an effort to deal with "supersedence", but that's for a separate thread.) Currently, I'm in the middle of creating a simple t
  3. ConnectWise Control Used As Entry Point In Texas Ransomware Attack I would image that many, if not most, of the users of this site have heard of the increasing trend of MSPs being targeted by threat actors to distribute malware (sp. ransomware). That article (posted: September 17, 2019, 01:25 PM EDT) is of special note because of this statement: [Emphasis added] It also includes, and references, quotes by John Ford, CISO of ConnectWise, which seems to confirm that action by ConnectWise: The article does not state when that decision was made/announced or link
  4. I just joined an MSP as the Automate administrator and they want a monitor that will open a ticket and close it when someone logs onto a specific server as an administrator. I know that Automate detects the last user ID to log on. Any ideas?
  5. Investigating an issue that we are seeing on a number of workstations at two clients. After scanning and cleaning with MBAM 1.80, Malwarebytes is re-flagging the registry string where REG_DWORD is UpdatesDisableNotify and value flips back from 0 to 1 after the full scan and clean. I ran REVO uninstaller and did not find remnants of old AV programs. It's difficult to believe that multiple machines at two clients have rootkits or other stealthy infections. What could be flipping the value back to 1?
  6. Hi All, Spent a lot of time working this one out but believe I have it, in case anyone else wants it. The below Internal Monitor has to be RAWSQL and it will return a list of all computers that have had over 500 'Failed Logins' (defined by the event ID's of the pre-built Internal Monitor) in a 1 day period Create Temporary Table IF NOT EXISTS Tcomp (INDEX (Computerid)) SELECT computerid FROM computers WHERE ComputerID NOT IN (Select ComputerID from AgentIgnore Where AgentID=4114); Select DISTINCT computers.computerid as TestValue,eventlogs.Message as IdentityField,computers.com
  7. We're pleased to release Third Wall v2.2.0.1, improvements we know you'll appreciate! So what did we do? • In USB blocking (including USB Wall), we now block smart phones - so that nobody can download confidential files to their phone. • In USB Wall, we've added the ability to use Kingston encrypted USB sticks. Other brands may (or may not) work, but you've now got an option to register encrypted USB sticks. • We added a full Secure Free Space Delete to the tail end of Encrypted Annihilate, so that there aren't any "ghost" files sitting out there. • On the
  • Create New...