ConnectSecure enhances its cybersecurity platform with deep attack surface scanning and EPSS

ConnectSecure is adding deep attack surface scanning and the Exploit Prediction Scoring System (EPSS) to its cybersecurity platform for managed service providers (MSPs) that protect small and midsize businesses.

The new capabilities will be fully integrated into the ConnectSecure platform, giving MSPs complete visibility into network, device, and application weaknesses that can be exploited by bad actors.

While ConnectSecure regularly enhances its cybersecurity platform in response to its MSP partner community feedback, attack surface scanning is a significant advancement in shoring up network defenses at a time when threats are escalating dramatically.

According to IBM’s Data Breach Report, 83% of organizations experienced one or more data breaches in 2022 and a similar report from Verizon noted the number of ransomware attacks last year were equal to the last five years combined.

MSPs are under mounting pressure in this environment, and ConnectSecure’s new features will increase their capabilities and efficiencies. The addition of EPSS scoring helps MSPs prioritize by estimating the probability that a software vulnerability will be exploited in the wild, additionally, the new attack surface scan identifies exposed web interfaces, giving MSPs greater visibility into attack vectors.

According to ConnectSecure CEO Peter Bellini, the platform delivers everything an MSP needs to identify, report on, and remediate vulnerabilities. “With the addition of attack surface scanning, ConnectSecure gives MSPs a 360-degree view from the inside out and the outside in,” he says. “We’re identifying potential exploitable entry points and telling MSPs how to harden that attack surface to prevent a breach.”

Attack surface scanning will launch in June as part of the ConnectSecure platform with no pricing change.

Specifically, ConnectSecure’s attack surface scanner will scan and identify:

• Open ports
• Targeted IP addresses
• Compromised emails
• Weak or compromised usernames
• Suspicious subdomains

EPSS provides a dynamic, real-time score that rates software vulnerabilities based on real-world activity to determine the probability they will be exploited. ConnectSecure uses EPSS metrics to provide guidance on the urgency of the threat. The ConnectSecure platform also provides remediations, so a prioritized list can be given to the IT team with details on how to address the issues.

ConnectSecure also announced it earned SOC2 Type 2 and General Data Privacy Regulation (GDPR) certifications. The certification audits confirmed the firm’s rigorous data protection and privacy practices.