Thao Doan

About Thao Doan

April 13, 2023

Asset inventory is foundational to security programs

Asset inventory is the foundation of a strong cybersecurity posture. It is often considered the first step in identifying vulnerabilities and potential risks to your organization’s security.

March 14, 2023

How to streamline user permissions with organizational hierarchies

Organizations allow you to create separate entities for your assets, while also allowing you to control what users can see and do with the data. The 3.6 release introduces organizational hierarchies, which enables you to create parent-child relationships between …

March 13, 2023

The role of asset ownership in the Equifax breach

Equifax lacked adequate cyber asset management practices, including a comprehensive IT asset inventory. As a result, when CVE-2017-5638 was announced, Equifax lacked the ability to effectively take action against the vulnerability.

February 14, 2023

How to track asset ownership with runZero

Asset inventory is the first step to getting context around a device. But what about who owns it? Knowing who is responsible for an asset is as important as knowing what an asset is.

February 8, 2023

Why an integrations-only approach isn't enough for full asset inventory - Part 3

Your CAASM may not be enough to help you meet the requirements outlined by CISA BOD 23-01. Learn why you need more than just API integrations for compliance.

January 31, 2023

Single source of truth? The truth about CMDBs

Are you using a Configuration Management Database (CMDB) for IT asset inventory? The truth is that it’s not enough to cover all your bases. You need to complement your CMDB with an asset discovery solution that can enrich your asset data and uncover the unknowns on …

December 21, 2022

CISA BOD 23-01: Why vulnerability scanners miss the mark on asset inventory

Most agencies will attempt to leverage existing solutions, like their vulnerability scanners, to build their asset inventories. It seems reasonable to do so, since most vulnerability scanners have built-in discovery capabilities and can build asset inventories. However, they …

November 1, 2022

runZero launches Infinity Partner Program to bring cyber asset management to networks around the world

runZero, a leader in cyber asset management announced the launch of the Infinity Partner Program, a new program designed to accelerate maximum growth and revenue for partners.

September 30, 2022

Finding Microsoft Exchange Servers on your network

GTSC, a Vietnamese security firm, recently discovered two zero-day vulnerabilities that affect Microsoft Exchange Server 2013, 2016, and 2019. These two vulnerabilities are being tracked as CVE-2022-41040 and CVE-2022-41082.

August 12, 2022

Adventures of Alice and Bob: Social engineering & capture the flag with Chris Kirsch

Podcast Description: On today’s episode of Alice and Bob, they “talk to Chris Kirsch, Co-Founder and CEO of runZero about the ethics and philosophy behind Social Engineering, the amount of research that goes into the DEFCON Capture the Flag Competition, and how …