With the release of SimpleHelp v6.0 on the horizon, we commissioned an independent code review from Pwn2Own prize-winning cybersecurity firm Agile Information Security. Their team found no major issues and provided recommendations that have all been implemented. Here's what that means for our customers, plus a first look at some of the new features heading your way.
After nearly two decades building remote support tools used by organisations around the world, we’re starting this blog to share what we’re working on, what we’re learning, and where things are heading.
It felt right to begin with SimpleHelp 6.0, our biggest update in years.
Version 6.0 includes a wide range of new features, security improvements, and general refinements. We’ll go into detail over the coming weeks, but for now we want to focus on what matters most: security.
Ahead of the version 6.0 release, we engaged Agile Information Security, an independent cybersecurity firm, to conduct a thorough third-party review of our codebase. Their team examined critical areas of the product, and no major security issues were found. The review produced a set of recommendations for further hardening, each of which has been implemented in SimpleHelp 6.0.
Remote access tools operate in positions of deep trust within your environment. We know that, and so do the threat actors who target our industry. We commissioned this review in order to give us, and you, peace of mind knowing that your deployment is secure.
Agile Information Security is a cybersecurity firm founded in 2013 and headquartered in London, with offices in Portugal and Thailand. They specialise in offensive security including penetration testing, security code review, vulnerability research, reverse engineering, and product security assessments. Their consultants hold globally recognised certifications including CISSP and OSCP, and are qualified to perform ISO 27001 audits. They serve clients across three continents, from startups to international banks and large multinationals.
Their track record speaks for itself. Since founding, their consultants have publicly disclosed over 200 vulnerabilities in widely used products from companies likeCisco, Netgear, D-Link, and ASUS, as well as SCADA systems and the ICU library used in Android and Google Chrome. They've also competed in and won prizes at Pwn2Own, widely regarded as the most prestigious hacking competition in the world.
Our primary development focus in SimpleHelp 6.0 was to provide more comprehensive and effective security measures within the product, and to give you the knowledge about how your SimpleHelp instance may be reconfigured for improved protection. Our new Built-In Security Audit is an administrative tool that will analyse your server's configuration and flag issues by severity, with one-click navigation to fix them. This will give you better visibility into the range of security features in SimpleHelp, which now include:
In additional to these security measures we've also included a range of new enhancements to make SimpleHelp better to use. The Access Tab is improved, with configurable columns and improved navigation controls, Toolbox management has been completely reworked providing more features and controls, Clipboard Synchronisation is now configurable within remote sessions and more.
We'll be sharing more about version 6.0 in the weeks ahead, including deeper looks at the features mentioned above and plenty we haven't touched on yet. There is currently a Prerelease version of SimpleHelp 6.0 on our Downloads page. If you are an existing customer, or are exploring remote support tooling, please give it a try and let us know what you think.
Thanks for reading!
-- George Christelis (Co-founder, SimpleHelp Ltd)
SimpleHelp is a unified remote support and RMM platform, designed and built as one application since 2007. Now with AI-powered fleet management through Cyana. Learn more at simple-help.com.
