79 results found
-
Fully Deploy Coro Cybersecurity
It would be great to deploy Coro Protection with all necessary permissions to both Windows and Mac devices. Coro is an up-and-coming Cybersecurity Platform that may be a good partner fit for Atera since it is one of the most affordable but effective platforms on the market.
A distribution solution for Coro that includes the activation of necessary permisions, run at start, and removal of existing security app would be great.
1 vote -
Automatically enabe "restore points" and create a new restore point every month.
Automatically enabe "restore points" since they ae not enabled by default in Windows 11. Then, create a new restore point every month for all drives. Delete older restore points if drive capacity becomes an issue.
1 vote -
Enhanced Security: Require Password Confirmation for Critical Actions Per Client
To improve security and limit the impact of compromised accounts, it would be highly beneficial to implement a per-client password confirmation mechanism. Technicians could freely view and consult agent data across clients, but any critical action — such as remote console access, file transfers, script execution, or administrative changes — would trigger a password prompt specific to that client. This additional layer of protection would help prevent unauthorized actions in case a technician account is compromised, and ensure sensitive operations are intentionally validated.
1 vote -
enpass
Integration of the Enpass Manager on a user and MSP basis.
This makes it possible to retrieve personal passwords and centrally manage those provided by the company.1 vote -
EVO MFA
Integarte EVO Security as part of your available apps
1 vote -
Configure all SSL/TLS communications to include SNI
The strwinclt.exe process in Windows does not always includes SNI during SSL/TLS negotiation. This breaks SSL decryption exclusions that rely on SNI.
The fix is to set Windows registry key HKEYCURRENTUSER\Software\Splashtop Inc.\Splashtop Remote Client for RMM "EnableSSLSNI"=dword:00000001. This should be the default.
1 vote -
passkey support for bitwarden
Currently Atera does not allow registration of a passkey using the Bitwarden password manager browser extension. The passkey is saved to bitwarden, but immediately after Atea reports the device registration failed with "Device registration error | Atera". Could not attach a screenshot.
6 votes -
Disable the automatic reconnect
I would like to be able to disable the automatic reconnect if you close your browser without logging out first. With the recent discovery that hackers can steal session cookies to bypass credentiails and mfa this is a huge vulnerability. We just had a client have their session credentials stolen and the hacker was able to access sites which normally require mfa. If this had been a computer with Atera they would have had access to all our clients computers/servers/info
7 votes -
Possibility to restrict API Access from defined IP List
Possibility to restrict API Access from defined IP List in https://app.atera.com/new/admin/security
A simple checkbox can improve security to prevent access from not allowed IPs if api is used for internal purposes only.3 votes -
Patch Management and IT Automation
Add option to limit a Technician's access to see only specific IT Automation Profiles, depend on his access rights to customers.
2 votes -
yubi
integration with YUBI KEY for 2fa
5 votes -
Signed Powershell scripts
We were looking into deploying a group policy that restricts running any non signed Powershell scripts in our domain environment. However in our testing we saw that Atera fails to run some of it's built-in scripts for Windows updates and other maintenance tasks when this policy is active.
It would be very helpful if Atera can implement script signing to make the environment more secure.
3 votes -
Export Potential CVEs in XLS Format
Request to add a feature that allows exporting Potential CVEs in XLS file format within the Atera platform.
Benefits:
.Enhanced Analysis and Reporting: Easier sorting, filtering, and visualizing of CVE data in Excel.
.Improved Data Sharing: Streamlined sharing of vulnerability information with team members and stakeholders.
.Better Integration: Seamless integration with existing data processing tools and workflows.Impact:
. Efficiency: Saves time and enhances productivity.
. Accuracy: Reduces errors in manual data handling.
. Accessibility: Facilitates easier access and use of CVE data across departments.This feature will significantly improve the user experience and value of the Atera platform.
Thank…
4 votes -
Resolve CVEs detected
Expand what the CVE's risks are without having to open a new page and being able to fix these risks especially if they are software related that require an update or open ports that need to be closed not just report the issue.
9 votes -
IPv6 feature for the IP login list
We use the 2FA feature to secure oure logins, but would like to use the IP whitelist feature too. Except this is curently not able with the use of IPv6, we would like too use this feature.
3 votes -
blocking software from launching
It would be great to have to ability to block unauthorized inventoried software from launching. There are installers that does not require administrator rights to install and some of my users have learned that.
5 votes -
Edit and Export Passwords
The Ability to Edit Existing Stored Passwords is Paramount!
ALso the Ability to Export stored Passwords to .CSV file.These two features should be implemented as they are commonly needed.
1 vote -
Recent processes
We should be able to lock down recent processes by Tech. Our Techs should only be able to see the recent processes from Running Scripts, to those they have ran themselves. Alternately, Tech's should not be able to see when I have run a script against their computers.
1 vote -
Penetration Testing
I would like to have Atera perform Penetration Testing on my clients network. And make the reports/alerts available within the standard security testing.
64 votes -
Possibility to disable APIs.
The API allows, among other things, to retrieve information from conversations. If confidential data is stored in the conversations, it could be a serious cybersecurity issue (Password). API calls should be authenticated and, in my opinion, API calls should be restricted to only certain public IPs. As with the portal login, which has this option. We could even rely on the same IPs that are allowed to authenticate to the portal. Authentication + IPs = security
0 votes
- Don't see your idea?