Trusted by Thousands of MSPs
The all-in-one platform for controlling risk and driving growth.
ConnectSecure is the MSP-centric platform that solves tool fatigue while helping you protect clients, meet compliance requirements, and grow your security practice—all with one affordable solution.
Must have for MSP!
“ConnectSecure has been our significant partner in assisting us to provide excellent service for our clients. Starting with the pricing to their support, ConnectSecure checks all the boxes. What impresses me the most is how they interact with their partners. If you want an all-in-one compliance/asset management/cybersecurity application, I highly recommend ConnectSecure!”
Robert Stufflebeem
14-Day Free Trial. No Credit Card Required.
Trusted by thousands of MSPs.
Build a complete security practice with ConnectSecure
Identify
Discover and assess your clients’ entire technology footprint:
Monitor
Continuously track security and compliance status:
Remediate
Address issues efficiently with guided workflows:
Report
Demonstrate your value with comprehensive reporting:
Sign up for a 14-day free trial
Real results straight from our MSP community
Mitchell Matter
Co-founder | LockIT Technologies
“Implementing ConnectSecure has significantly improved our approach to cybersecurity. The efficiency gained from agent-based scanning and the cost savings have allowed us to offer top-tier protection to our clients without breaking the bank.”
Trent Gasser
IT Consultant | Palitto Consulting Services
“The platform is intuitive and user-friendly, and our team readily adopted it. It’s become a talking point in most new client conversations and strategy meetings with existing customers.”
Luis Alvarez
CEO | Alvarez Technology Group
“ConnectSecure allows us to run regular, in-depth vulnerability scans, ensuring our patching strategies are effective and any new security weaknesses are quickly identified and addressed.”
Simon Hopkin
Head of Cyber Security | ITPS
“ConnectSecure has been an excellent
tool for us to drive engagement. It’s very quick and easy to deploy and you get almost immediate results.”
tool for us to drive engagement. It’s very quick and easy to deploy and you get almost immediate results.”
Christophe Gagnon
Director | CyberVision 24/7
“We use everything—external scanning, reports, PII detection, firewall integration… The value for the price is really good.”
Karl Bickmore
CEO | Tech IT
“We’re providing better reporting, better data, better planning, and it’s helping us win more deals—like significantly more deals—and our sophistication has gone way up.”
Dennis Houseknecht
CTO | WatSec Cyber Risk Management
“There’s no all-in-one tool on the market—and I follow the market pretty closely—that has the depth and breadth of ConnectSecure’s vulnerability scans, and that’s presented in such an actionable way.”
Tim Fournet
CISO | Rader
“The fact this platform is built with service providers in mind means we can use it across our client base hassle-free at a cost that makes it a no-brainer to bundle with our other services.
ConnectSecure is the only platform that includes these scans:
Internal Vulnerability Scans
Detect and identify system vulnerabilities across operating systems, applications, and networks to protect against potential exploits before they can be used by attackers.External Vulnerability Scans
Scan your client’s internet-facing assets including websites, APIs, networks, ports, and applications to identify vulnerabilities that may expose sensitive data to malicious actors.Application Baseline Scans
Create and monitor application configurations against secure baselines to quickly identify misconfigurations and deviations that could expose clients to risk.Attack Surface Scans
See your network through an attacker’s eyes to identify vulnerabilities across the entire IT ecosystem, providing 360-degree visibility of security gaps.Firewall Scans
Detect and analyze firewall configurations to identify misconfigured rules, weak access controls, and security gaps that could allow unauthorized network access.Active Directory Scans
Identify security gaps in Active Directory implementations including excessive permissions, weak password policies, and misconfigured security settings.Compliance Scans
Ensure clients meet essential cybersecurity benchmarks by aligning with frameworks like NIST, CIS, and PCI DSS, helping them maintain regulatory compliance.PII Scans
Safeguard personal information from cyber threats with comprehensive PII discovery that identifies sensitive data like names, credit card numbers, social security numbers, and addresses across all systems.M365 Scans
Identify security vulnerabilities in Microsoft 365 environments including excessive permissions, weak authentication settings, and configuration issues that put data at risk.Google Workspace Scans
Discover security misconfigurations in Google’s cloud productivity suite that could lead to data exposure, unauthorized access, and compliance violations.Web Application Scans
Identify security flaws in client-facing web applications without requiring direct control, focusing on misconfigurations and vulnerabilities attackers could exploit.
Complete vulnerability lifecycle management for MSPs
ConnectSecure delivers true end-to-end vulnerability management—including risk assessments and continuous scanning—through asset discovery, vulnerability detection, risk-based prioritization, and guided remediation workflows designed specifically for MSP and their clients.
14-Day Free Trial. No Credit Card Required.
What our Partners are saying
ConnectSecure
The right VA solution for MSP. A very simple cloud platform to monitor and have some suggestions to solve the vulnerabilities of my customers infrastructure.
Fabio Scalisi
Great Tool for a Great Price
Was with them when they were CyberCNS and rebranded to connect secure. First tier price is very reasonable and will cover most small/medium business. Tool is easy to deploy thru RMM.
Halion Abramovitch
ConnectSecure
We have been very happy with the cost and features of ConnectSecure. It is much easier to work with than our previous solution. They have been very good at communicating with partners as their new product rolls out.
Colin Barr
Essential Security Tool for SMB
A reliable cloud based platform that let's you discover, map, manage and protect your customers networks. It includes vulnerability assessment, patch management and certification compliance features.
Stefano Biolghini
Does What We Need
At first the product can seem too difficult to navigate around but once you have got used to it the product is great. It is easy to push out to devices and monitor.
Ryan Parsons
Right Choice for VA Management
Easy to use, great results, perfect fit to the MSSP's security stack. Quick onboarding and training for techs that are able to use it almost in no time.
Vera Tucci
Great Tool
It's a great tool to use especially with CPA firms to assist with monitoring and helping them get WISP compliant. This is also used at a company that does government contracts and is used to monitor change management to keep their business compliant. Two nice things about this product is the ability to keep everything on a workstation updated as well as a PII scanner.
Joshua Rhodes
Daily Vulnerability Scans
Ease of deployment speeds up our setup process. Extensive API support allows us to automate most of our processes with this tooling. Quick development cycles has seen a lot of features added very quickly.
Devon Chorney
Good Stuff
I have experienced exceptional results and peace of mind knowing that my digital assets are protected. Their advanced solutions encompass a wide range of cybersecurity areas, including network security, threat intelligence, endpoint protection, and data privacy.
Carl de Prado
Great Product for the Price
It does as much as most competitive products for a very reasonable price. With a little guidance, it's fairly easy to configure. Does scheduled scans and scheduled reports to fully automate the process. Support has been good to work with.
Brian Minker
Product Comparison
| ConnectSecure | RapidFire Tools | Qualys | Tenable | |
|---|---|---|---|---|
| Asset Discovery and Scanning | ||||
| Automated SSL Checks (Ciphers and Protocols) | ||||
| Azure Active Directory Users and Groups Compliance | X | X | ||
| External Scans | ||||
| Intune | X | X | X | |
| Local Active Directory Users and Groups Compliance | X | X | ||
| Office 365 Assets and Secure Score | X | X | ||
| Port Scans | ||||
| SMB/CIFS Shares | X | X | ||
| Software Inventory | X | |||
| Application Baseline Scan | ||||
| Web Vulnerability Scanner | X | |||
| PII Scan | ||||
| EPSS Scoring | X | |||
| Supported Operating Systems | ||||
| Linux (Ubuntu/Redhat/CentOS/AmazonLinux) | ||||
| Mac OS | ||||
| Windows Vulnerabilities | ||||
| Dashboards and Reporting | ||||
| Automated Monthly Review Presentation | X | X | X | |
| Build Your Own Report | X | |||
| Centralized Dashboard | ||||
| Predefined Reports | ||||
| Remediation | ||||
| Software Patches and Updates Check | ||||
| Architecture and Infrastructure | ||||
| Unified Agent | X | X | ||
| User and Role Based Access Control | X | X | X | |
| Flexibility | ||||
| Configurable Notifications | X | |||
| Configurable Schedulers | X | |||
| Single License covers all Assets | X | |||
| Subnet Scan | ||||
| Extensibility | ||||
| Lightweight agent to run with RMM tools | X | |||
| Rest API | X | |||
| Webhooks support | X | X | X | |
| Compliance | ||||
| Compliance Scans (NIST, CIS, GDPR, PCI DSS, HIPAA, Cyber Essentials, Essential Eight) | X | X | X | |
| Compliance Assessments | X | X | X | |
Available only as an additional module
No CVE
No CVE
Sign up for a 14-day free trial
Frequently Asked Questions about ConnectSecure
Positioning
+
Is ConnectSecure Vulnerability Management (CS-VM) an agent, a probe, or something else?
ConnectSecure Vulnerability Management is a Software as a Service (SaaS) offering that has a “cloud” side component and “customer” side component (the agent). The agent itself can be installed on any one machine on a customer’s network as a probe.
+
Can CS-VM scan nodes associated with employees that Work from Home?
ConnectSecure has a so-called “lightweight agent” that can be installed on end-user devices of remote users and work-from-home users to scan those local systems for vulnerabilities and compliance gaps.
+
What are the kinds of assets that CS-VM can scan? (routers, firewalls, PCs, etc.?)
The CS-VM can scan network gear such as routers; switches; access points; firewalls; end-user devices, such as laptops and desktops; printers; and servers and virtual machines.
+
I have an RMM and antivirus software, why do I need CS-VM?
Every day, more than 50 new vulnerabilities are discovered. These cannot be addressed by RMMs and AntiVirus software. A vulnerability assessment solution such as ConnectSecure is a must to stay protected.
+
CS-VM is promoted as being an all-in-one solution. What exactly is included that competitive products might distribute across multiple products?
ConnectSecure includes scanning for: 1) Network vulnerabilities, 2) End-user device vulnerabilities, 3) Compliance scans, 4) Application Baseline scans, 5) Active Directory scans, 6) Cloud asset scans.
Competitors typically have some of these features in different “modules” that have to be purchased at an additional cost.
Competitors typically have some of these features in different “modules” that have to be purchased at an additional cost.
+
Is there on-premises as well as SaaS?
Yes. The preferred model is SaaS, but ConnectSecure also has a fully on-premises version for MSPs working with defense or government contracts.
+
What industry frameworks does ConnectSecure support?
ConnectSecure meets all the requirements of NIST’s Cybersecurity Framework 1.1 for the Identify category.
+
What category of the NIST framework does CS-VM operate within?
ConnectSecure Vulnerability Management sits squarely in the Identify category of the NIST framework but, based on its ability to patch Windows applications, also performs functions associated with the Protect category.
Integrations
+
What third-party products does CS-VM integrate with, and where can I get more information?
ConnectSecure integrates with popular PSA and RMM systems. It also has integrations with several SMB Firewalls and communication tools like Slack and Microsoft Teams. The full list of integrations is here.
+
Does it integrate with SIEMs?
Integrations with SIEMs is work in progress and expected in the first quarter of next year.
+
Where do you get your vulnerability feeds from?
Several sources, including the NVD, Vulners, OEMs. These are curated to reduce false positives.
Infosec
+
How does ConnectSecure ensure the security of its own product(s)? How can I be sure I am minimizing the chance of a supply chain attack on my client?
ConnnectSecure has tightly defined and explicit Privacy and Data Breach policies as well as Terms of Use that are open and available on the website.
Principle of Least Privilege: Access to code and credentials is customized to meet and not exceed the needs of the employee.
Automated Tools to Monitor Internal Behaviors and Vulnerabilities: This was the Sprinto tool. We can examine how internal assets map to the standard for compliance of the asset, and we can also understand how our internal staff is behaving relative to their development privileges and assigned responsibilities.
Sophisticated Development Operations: Leveraging GitHub and Pipeline, the Dev/Staging/Master-Production environments feature limited access and clearly defined rules that enable code to move from one environment to the next. This protects the production code from projecting any code that hasn't been fully tested and examined for infosec best practices.
As a feature of the point above, non-authorized staff, like Support, have no access to any of the code and no privilege to move the code through its Dev-Staging-Production journey
All access credentials are encrypted during the development process. When code may be shared between developers, sensitive information is not exposed nor is it available outside of defined permissions.
The multi-tenant environment of the software has been designed to ensure that the data and credentials from one tenant (client of the MSP) is completely separated from the data and credentials of another.
Principle of Least Privilege: Access to code and credentials is customized to meet and not exceed the needs of the employee.
Automated Tools to Monitor Internal Behaviors and Vulnerabilities: This was the Sprinto tool. We can examine how internal assets map to the standard for compliance of the asset, and we can also understand how our internal staff is behaving relative to their development privileges and assigned responsibilities.
Sophisticated Development Operations: Leveraging GitHub and Pipeline, the Dev/Staging/Master-Production environments feature limited access and clearly defined rules that enable code to move from one environment to the next. This protects the production code from projecting any code that hasn't been fully tested and examined for infosec best practices.
As a feature of the point above, non-authorized staff, like Support, have no access to any of the code and no privilege to move the code through its Dev-Staging-Production journey
All access credentials are encrypted during the development process. When code may be shared between developers, sensitive information is not exposed nor is it available outside of defined permissions.
The multi-tenant environment of the software has been designed to ensure that the data and credentials from one tenant (client of the MSP) is completely separated from the data and credentials of another.
+
What type of internal security program does CS have and can you provide me with documentation?
ConnectSecure is SOC2 compliant.
Trial
+
How much time do I have to use the Free Trial?
Two weeks is the default period. It can be extended if required for valid business reasons.
+
Are there any features/functions of the production product that are missing in the Free Trial?
No. The trial is fully functional.
Capacity
+
How large an IT environment can CS-VM effectively support?
We have customers using the product for up to 40,000 assets. The architecture is scalable and, in theory, there is no limit. ConnectSecure can work with customers with very large deployments to suggest best practices to support that environment.
+
I understand that CS-VM is multi-tenant. Are there any practical limitations to how many clients I can host on one platform?
There’s no limit. We have MSPs using us to support several hundred customers today.
Buying
+
How is CS priced?
We charge customers based on the unique number of assets being scanned per month. We have three standard pricing tiers: 1) Up to 2,500 unique assets it is $299 per month, 2) Up to 5,000 unique assets it is $499 per month and 3) Up to 10,000 unique assets it is $999 per month.
+
How do I buy CS-VM?
Please contact us sales@connectsecure.
+
Is CS-VM available through distribution?
Yes. We have MSP Store and Pax8 as our main distributors in the US. In other markets, we have either local distributors.
Function
+
Does your external scan look at the OWASP Top 10 vulnerabilities?
Yes.
+
Does CS look at Configuration compliance?
We do this today for several popular SMB Firewalls.
+
What Active Directory hygiene does CS identify?
AD Users, Groups, OUs, and GPOs
+
What assets/systems can CS-VM patch?
Patching is, right now, limited to third-party applications on Microsoft Windows.
+
How do I prioritize remediation of vulnerabilities?
All vulnerabilities are prioritized as Critical, High, Medium and Low.
Other
+
What privileges do I need to give agents and probes?
Usually the local service account/AD account.
+
What if my EDR stops the CS process?
Whitelist the ConnectSecure agent.
Reduce risk across your client base
ConnectSecure’s MSP-tailored platform transforms your most common cybersecurity risk and compliance policy challenges into revenue opportunities. Charge up your security practice with:
- Automated vulnerability remediation: Go beyond just finding vulnerabilities — automatically patch third-party applications your RMM might miss
- Always-on attack surface monitoring: Continuously scan external, WAN, and LAN environments to protect clients from emerging threats
- Compliance and audit readiness: Provide detailed IT asset hygiene reports required by compliance frameworks and auditors
- Complete IT asset discovery: Know every device and application in your clients’ networks
- Risk-based prospecting tools: Prove your value and earn trust by showing prospects their actual security gaps
- Deep cloud visibility: Leverage Google Workspace and M365 assessments as well as Web Application Scanning to identify misconfigurations and more (all included in Premium)
Start Your Free 14-Day Trial of ConnectSecure Premium Edition. No credit card required.
Bonus: We favor pay-as-you-go over long-term contracts.