Huxley Barbee

Former Security Evangelist

64 Published Articles

About Huxley Barbee

Huxley Barbee is a former Security Evangelist at runZero. He spent over 20 years as a software engineer and security consultant, previously working for Cisco, Sparkpost, and Datadog. Huxley attended his first DEF CON in 1999, and holds both CISSP and CISM certifications. Huxley is also an organizer of BSidesNYC.

Latest Stories

runZero Hour: Episode 4
The fourth episode of runZero Hour, featuring the latest insights, anecdotes, and observations from the runZero Research team.
Oil and Gas Upstream
Huxley Barbee discusses why and how cybersecurity for operational technology (OT) and industrial control systems (ICS) including oil and gas...
runZero Hour: Episode 3
Episode 3 of the runZero Hour webcast gave us a flavor of what it’s like to fingerprint OT protocols that aren’t as accessible if you aren’t part...
Upcoming NYDFS regulatory requirements on asset inventory and vulnerability enumeration
February 8, 2024
Is your business prepared for the approaching deadlines for complying with the latest version of the NYDFS Cybersecurity Regulation (23 NYCRR 500)?...
Why is cybersecurity compliance challenging for financial institutions?
February 1, 2024
Let’s explore the complicated and continually evolving regulations, laws, and standards financial institutions face with cybersecurity compliance.
ExpedITioners Podcast: The modern divergence of environments and security methodologies
In this episode, Zach and Huxley talk about the modern divergence of environments and security methodologies.
Industrial Talk: OT Security vs IT and Passive Discovery vs Active Scanning
Scott MacKenzie talks with Huxley Barbee about active scanning techniques for OT security challenges, active scanning, and much more.
runZero Hour: Episode 2
Episode 2 of the runZero Hour webcast took a quick survey of new IoT devices that showed up on the network over the holidays at the end of 2023....
runZero Insights
Top 8 Podcasts Picks of 2023: Navigating the Cybersecurity Soundscape
December 22, 2023
Here are our top eight cybersecurity podcast episodes for your holiday podcast playlist to kick back and listen to while you sip on some eggnog.
runZero Hour: Episode 1
This inaugural episode of runZero Hour features the latest insights, anecdotes, and observations from the runZero Research team.
runZero Platform: In-Depth Tutorial
runZero delivers the most complete security visibility possible, providing organizations the ultimate foundation for successfully managing risk and...
Risky Biz Interview: Finding the Unknown Unknowns
Hear from Huxley Barbee as he explains finding the unknown unknowns and what even is a security evangelist anyway.
Dark Rhino Security: Unexpected Call - Cyber Horror Stories
Tune in for a cyber horror story for the ages.
Application Security Weekly: OT Security
We chat about the common failures of OT design and discuss a few ways that systems designed today might still be secure 30 years from now.
Unveiling OT Security: Expert Insights and Real-World Stories
OT experts and runZero customers Jens Baetens (Deloitte) and Tim Pryor (formerly Meta) dive into the unique challenges of discovering and managing...
Product Release
runZero 4.0: Introducing the runZero Platform and Community Edition
September 25, 2023
The new and improved runZero Platform represents the culmination of four years of innovation, so it’s only fitting this is version 4.0 of our...
EM360: Network Asset Discovery and the World of Incident Response
In this episode of the EM360 Podcast, Head of Content Matt Harris speaks to Huxley Barbee.
MSP 1337: Do I Know My Assets (IoT, IIoT, and OT)?
Huxley Barbee shares cybersecurity threat considerations when addressing your asset inventory.
BSidesLV 2023: Shining a Light into the Security Blackhole of IoT and OT
Huxley Barbee explores the unique challenges that IoT and OT pose for network scanning and provides solutions for effectively addressing them.
Security Breach: The Growing Problem of 'Insecure by Design'
It just boggles the mind that things that are so important to how our world works are so shockingly unprotected.
onSecurity Podcast: Securing IoT and Operational Technology
Huxley delves into securing IoT and OT systems, exploring the significance of asset inventory in fortifying these vital networks against potential...
Asset inventory in higher education is a PhD-level problem
July 18, 2023
Universities have more complexity and less control than a company with a collection of offices. So they need cybersecurity tools and services to...
Cyber Asset Attack Surface Management (CAASM): Explained
Join Huxley Barbee as he explains Cyber Asset Attack Security Management (CAASM) and provides a comprehensive overview of its functionalities,...
Influencing Security: A Masterclass in Higher Ed Cyber Defense
Hear from accomplished CISOs of two large research universities who have successfully navigated cybersecurity challenges unique to higher education.
Tech & Main: Security and the Asset Inventory
Shaun St.Hill, the CEO of Tech and Main interviews Huxley Barbee
The Cybersecurity Defenders Podcast, Episode 47: Tips for Submitting Papers to Conferences
Learn about Huxley Barbee's role at runZero, BSides NYC, as well as his tips, tricks, and pointers for submitting proposals to conferences.
Why NACs are inadequate for cyber asset attack surface management
July 10, 2023
NACs aren’t the best at asset discovery. Allowing or denying access to the network on Layer 2 is their primary function, but finding everything on...
Cyber Crime Junkies: Blind Spots. Where Danger Lives.
Come see what many leaders miss, their blind spots. Behind-scenes talk with Huxley Barbee, a highly sought after security expert, public speaker...
CMDB in 5 days with runZero, 4me, and StreamLine Partners
This webinar discusses runZero's asset discovery capabilities alongside 4me's complete service management platform to build a working CMDB in just...
runZero: Product Demo (June 2023)
Watch this video as Huxley Barbee, Security Evangelist at runZero, takes you through a tour of the runZero product.
The limitations of vulnerability scanners for cyber asset attack surface management
June 20, 2023
Beyond a lack of detail, vulnerability scanners sometimes simply get it wrong; crashing devices, providing a backward-looking view, finding phantom...
Data Protection Gumbo: The Resilience Roadmap - Exploring Your Assets for a Stronger Tomorrow
Huxley Barbee shares his valuable insights on various approaches to asset discovery, such as agents, authenticated active scanning, and pulling...
Work Bytes Podcast by InfoSec: The Nuts and Bolts of Asset Detecting and Asset Mapping
In this episode, Huxley Barbee talks about asset detection, the day-to-day work of asset detection and asset mapping.
runZero Insights
runZero’s week at RSA 2023 killer robots, time machines, and natural disasters
May 12, 2023
Watch Chris Kirsch chat with Chris Nickerson, then Roger Rustad to talk pentesting “war stories”, and how runZero has helped the Fortinet team.
Security Confidential: Having an Accurate Asset Inventory
In this episode of Security Confidential host Rory Meikle talks to Huxley Barbee, a security evangelist at runZero about having an accurate asset...
The Bid Picture - Cybersecurity & Intelligence Analysis Podcast, Episode 217
Host Bidemi Ologunde spoke with Huxley Barbee about the pros and cons of the different methods of conducting cyber asset inventory.
ITSPmagazine Podcast: It's Difficult To Secure The Invisible - Reinventing Asset Management For Modern Tech Challenges
Huxley Barbee delves into the world of InfoSec and asset management, discussing the importance of having a full asset inventory
ITSPmagazine: Rebooting Cybersecurity: A Revived Conference Takes Center Stage in New York City
ITSPmagazine Event Coverage: BSides NYC 2023 | A Conversation with Lead Organizer, Huxley Barbee
Product Release
Introducing runZero's new ServiceNow Service Graph integration Get greater data accuracy for your CMDB
April 11, 2023
runZero now integrates with ServiceNow Service Graph. This integration is a powerful tool to gain better visibility into IT, IoT, and OT assets and...
The Virtual CISO Podcast: If Your Asset Management Sucks, Your Security Sucks
John Verry, sits down with Huxley Barbee, Security Evangelist at runZero, to discuss the importance of Asset Management, how it’s a critical...
That Tech Pod: Putin's Blackout, The Pentagon's Leaked Emails & All Things Cybersecurity
Putin's Blackout, The Pentagon's Leaked Emails & All things Cybersecurity With Security Evangelist From runZero Huxley Barbee
How to Improve ServiceNow CMDB Coverage and Accuracy with runZero
Security teams wish the CMDB data coming out of ServiceNow were more accurate and included more than managed IT devices. See why hundreds of...
Risk Management Show Podcast: Asset Inventory Demystified
Learn what concrete security vulnerabilities companies face when they are not fully aware of their network assets, how asset inventory is a bedrock...
Cyber Security Matters Podcast, Episode 12: Assets Connected to the Internet Just Keep Going Up!
This podcast episode highlights Huxley Barbee and dives into how he first got into the cybersecurity industry, ow he sees cyber asset management...
CISO Series Podcast: Defense in Depth - Securing Unmanaged Assets
Hear from Huxley Barbee on this episode of CISO Series Podcast about what we have been doing that's not working for asset discovery and why it is...
How to Vet a Mergers & Acquisitions Target with runZero
Learn how customers can leverage runZero to vet a merger or acquisition by quickly gathering an astonishing amount of detail on their assets...
Which discovery approach works best for unmanaged devices?
November 3, 2022
Unmanaged devices are the Achilles heel of any asset inventory. Shadow IT, rogue, or orphaned devices are easy targets for the adversary to gain...
Down the Security Rabbithole, Episode 524: Cybersecurity Starts and Ends with Assets
In this podcast episode, Huxley Barbee talks about the need to identify and understand the assets on your network and in your various environments.
The Cybersecurity Readiness Podcast, Episode 37: Comprehensive Asset Discovery
Huxley Barbee discusses the various methods of comprehensive asset discovery and provides guidance in selecting an appropriate asset discovery tool.
runZero Practitioner Interview: How to Contextualize Honeypot Alerts Automatically
Cybersecurity expert Justin Varner walks us through how to orchestrate GreyNoise, runZero, and Thinkst Canary together with Tines.
Secure Talk Podcast: The Importance of a Comprehensive Network Asset Inventory
In this episode of Secure Talk, hear from Huxley Barbee as he explains the importance of running a comprehensive network asset inventory and...
How to Use runZero to Strengthen Vulnerability Management Programs
Learn how to use runZero as part of your vulnerability management program alongside your vulnerability scanner in 3 ways.
How to Use runZero to Find Applications that Use Log4J
runZero can help you build an up-to-date asset inventory and search for assets that may be affected by the spate of Log4J vulnerabilities.
Asset Route Pathing Report: Use runZero to Find Potential Network Paths for Lateral Movement
This video will show you the asset route pathing report available in runZero.
Getting Started with runZero: Linux
This video will show you how to start scanning your network and building your asset inventory in minutes with runZero - specifically using a Linux...
Getting Started with runZero: Mac
This video will show you how to start scanning your network and building your asset inventory in minutes with runZero - specifically using a Mac...
How to Use runZero to Find Endpoints Missing Crowdstrike
Adding your CrowdStrike data to runZero makes it easier to find things like endpoints that are missing an EDR agent. Learn more.
Getting Started with runZero: Windows
This video will show you how to start scanning your network and building your asset inventory in minutes with runZero - specifically using a...
Product Release
Rumble 2.13 Sync assets & software from SentinelOne, track more cloud resources, view cross-organization inventory, and schedule automated reports
May 10, 2022
Sync asset and software inventory from SentinelOne Explore software identified through runZero scans and much more.
Product Release
Rumble 2.12 Generate organization reports, create scan templates, synchronize GCP, and invite external users
April 5, 2022
Generate Organization Overview Report for stakeholders, create scan templates to simplify scan management and more.
Life at runZero
runZero and Noetic integrate to automate workflows that solve coverage gaps
March 10, 2022
Lack of visibility, correlation, and automation are major hurdles impeding security vulnerability identification and mitigation. Existing tooling...
Product Release
Rumble 2.11 Identify outliers, trace network paths, and streamline SSO user provisioning
March 8, 2022
Identify outliers to find misconfigurations, missing patches, and rogue devices and more.
Product Release
Rumble 2.10 Uncover IPv6 blindspots and manage permissions with user groups
February 8, 2022
Discover IPv6 assets anywhere, group users to easily manage permissions and much more.
Product Release
Rumble 2.9 Compare internal and external attack surfaces
December 7, 2021
Compare assets to find exposure differences, visualize your network with updated topology reports and more.
© Copyright 2024 runZero, Inc. All Rights Reserved