Rob King

Director of Security Research

29 Published Articles

About Rob King

Rob King is the Director of Security Research at runZero. Over his career Rob has served as a senior researcher with KoreLogic, the architect for TippingPoint DVLabs, and helped get several startups off the ground. Rob helped design SC Magazine's Data Leakage Prevention Product of the Year for 2010, and was awarded the 3Com Innovator of the Year Award in 2009. He has been invited to speak at BlackHat, Shmoocon, SANS Network Security, and USENIX.

If your life had a soundtrack, what is one of the songs that would be on it?

"Knees Deep" - The Beths

What's the most interesting place you've ever visited, and what made it special?

Lady Elliot Island (that's my picture on its Wikipedia page!). It's a tiny island just on the tip of the Great Barrier Reef. You can fly out there on a tiny plane from the Australian mainland, dive on the Reef and be awed by its beauty, and then sit and have a drink on the beach and feel the wonderful isolation.

If you could time travel and say three words to yourself when you were 18 years old, what would they be?

Buy dang condo

Latest Stories

Webcasts

runZero Hour: Episode 5

On this episode, the runZero Research team dives into some hot topics including the XZ Utils Backdoor (CVE-2024-3094) and expert analysis of the...

Webcasts

Securing OT/ICS Environments: Lessons from the Field

Watch this lively discussion on the latest OT and ICS security challenges and how they are being addressed in the field by OT security experts.

Rapid Response

How to find Brocade Fabric OS

On April 4, 2024, Broadcom disclosed a vulnerability in their Fabric OS operating system used in their Brocade storage networking devices. Here's...

Rapid Response

How to find Progress Software Flowmon Packet Investigator

On April 2, 2024, Progress Software disclosed a vulnerability in Flowmon Packet Investigator. Here's how to find potentially vulnerable systems.

Rapid Response

How to find potentially vulnerable Ivanti VPN Gateways

On April 2 2024, Ivanti disclosed vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure product. Here's how to find potentially...

Rapid Response

How to find systems impacted by CVE-2024-3094 (XZ Utils backdoor)

Malicious code was pushed to the libxz-utils project that introduced a backdoor in SSH. Here's how to find potentially vulnerable systems.

Rapid Response

How to find Cisco IOS & IOS-XE devices

Cisco Systems has disclosed 14 vulnerabilities in their devices which run Cisco IOS & IOS XE software. Here's how to find potentially vulnerable...

Rapid Response

How to find FortiOS, FortiProxy, and FortiClient devices

On March 12th, 2024, Fortinet disclosed several vulnerabilities in their FortiOS, FortiProxy, and FortiClient products.

Rapid Response

How to find Fortra FileCatalyst installations

Fortra has disclosed a vulnerability in their FileCatalyst Workflow product which allows for attackers to write files to arbitrary locations in the...

Rapid Response

How to find Siemens Devices

Siemens has released security advisories for a variety of products and devices, including the SENTRON, SCALANCE, and RUGGEDCOM product lines.

Webcasts

runZero Hour: Episode 4

The fourth episode of runZero Hour, featuring the latest insights, anecdotes, and observations from the runZero Research team.

Rapid Response

How to find Apple iOS and iPadOS devices

On March 5th, 2024, Apple disclosed several vulnerabilities in its iOS and iPadOS operating systems used on its phones and tablets.

Rapid Response

How to find VMware ESXi installations

On March 5th, 2024, VMware disclosed several vulnerabilities in its ESXi, Workstation, and Fusion products.

Rapid Response

How to find TeamCity instances

On March 3rd, 2024, JetBrains disclosed two serious vulnerabilities in the TeamCity On-Premises product.

Rapid Response

How to find Progress OpenEdge Authentication Gateway and AdminServer installations

On February 27, 2024, Progress Software disclosed an authentication bypass vulnerability in its OpenEdge Authentication Gateway and AdminServer...

Rapid Response

How to find ScreenConnect installations

On February 19, 2024, ConnectWise disclosed two serious vulnerabilities in their ScreenConnect (formerly Control) remote-access product.

Rapid Response

How to find Microsoft Exchange Servers on your network

On February 13, 2024, Microsoft disclosed a vulnerability in Microsoft Exchange that would allow attackers to authenticate to Microsoft Exchange...

Podcasts

Risky Biz Interview: Breaking apart OT protocols

runZero's Rob King on the how and why of reverse engineering for active discovery

Webcasts

runZero Hour: Episode 3

Episode 3 of the runZero Hour webcast gave us a flavor of what it’s like to fingerprint OT protocols that aren’t as accessible if you aren’t part...

Rapid Response

How to find AnyDesk installations

On February 2, 2024, AnyDesk disclosed that they have been the victim of a cyber attack that has compromised production systems.

Rapid Response

How to find Fortra GoAnywhere MFT installs

On January 22nd, Fortra disclosed a serious vulnerability in its GoAnywhere Managed File Transfer (MFT) product.

Webcasts

runZero Hour: Episode 2

Episode 2 of the runZero Hour webcast took a quick survey of new IoT devices that showed up on the network over the holidays at the end of 2023....

Rapid Response

How to find Juniper SRX and EX devices

On January 12th, 2024, Juniper Networks disclosed a serious vulnerability in Juniper SRX firewalls and EX switches.

Webcasts

runZero Hour: Episode 1

This inaugural episode of runZero Hour features the latest insights, anecdotes, and observations from the runZero Research team.

Rapid Response

How to find NGINX Ingress Controllers

Today, three vulnerabilities in the NGINX Ingress Controller for Kubernetes were disclosed, as described in this article from The Hacker News....

Talks

BSidesLV 2023: Regular expressions are good, actually

A technical deep-dive into an ideal infosec regex implementation.

Rapid Response

How to find Ivanti EPMM (MobileIron Core)

On July 24th, Ivanti announced that their Endpoint Manager Mobile (EPMM, formerly MobileIron Core) product versions 11.10 and prior contain a...

Rapid Response

How to find Zyxel Network Devices

Last month, Zyxel disclosed a remote command execution vulnerability affecting a handful of their product families. This vulnerability has been...

Rapid Response

How to find Cisco Small Business switches

Cisco recently disclosed several highly critical vulnerabilities that affect some of their Ethernet switches designed for small businesses.