Announcing Rumble Network Discovery v1.0.0

|
Updated

We are thrilled to announce the general availability of Rumble Network Discovery!

This release is the result of six months of beta testing by nearly 3,000 users tracking almost 3,000,000 assets. We feel like the product is finally taking shape and are more excited than ever to tackle the problem of unauthenticated network discovery and asset inventory.

A HUGE thanks to our beta community for their relentless (and awesome) feedback about every part of the product, from specific network probes to the look and feel of the inventory. This feedback has driven our development process and helped us define the roadmap ahead.

For those who have already subscribed or started the purchasing process, we really appreciate your support, and are looking forward to working with you as we continue to improve the platform.

If you haven't had a chance to try runZero before, or just haven't seen a recent version, we recommend signing up for a free trial and taking this release for a spin.

Release Notes Since Beta 6 #

  • Rumble scans now pull the ARP cache, MAC table, and VLAN table of SNMP v2 network devices when a community string is available (or the device responds to public). This feature allows Rumble to obtain even more MAC addresses from routed networks. ARP entries found in another device's cache are noted in the source field of the ARP service.

  • The Inventory now offers a Screenshots tab that can be sorted by image size (the screenshots column). This makes it easy to browse all screenshots quickly. A gallery-mode experience can be achieved removing all columns from the table except for the screenshot itself.

  • Rumble now uses an IPSEC IKE probe to identify responsive hosts. This helps find even more devices, especially VPN gateways with minimal services exposed.

  • The Rumble agent now reports additional data about scans as they are running. This includes finer-grained estimate of the completion time, the total runtime, and the number of datapoints gathered so far.

  • Asset correlation now takes into account SMB computer names and TLS certificates for RDP when deciding whether a newly found asset matches an existing entry. This should result in less churn for DHCP environments with short leases.

  • Asset correlation now looks at a broader set of TCP/IP stack fingerprints when determining whether an IP-based match is credible. This should result in less churn for highly-filtered environments (many external networks).

  • Rumble now intentionally skips sending probes to and reporting results from network broadcast addresses. The benefits of identifying a few extra systems were outweighed by buggy behavior by certain networking equipment.

  • Security improvements were made in response to our first third-party security assessment.

  • Bug fixes for occasional deadlocks in the runZero Scanner (CLI).

Written by HD Moore

HD Moore is the founder and CEO of runZero. Previously, he founded the Metasploit Project and served as the main developer of the Metasploit Framework, which is the world's most widely used penetration testing framework.

More about HD Moore
Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.


Related Articles

runZero Insights
Evolving from IT to IoT: Flax Typhoon preyed on the lesser knowns
A look at Flax Typhoon's latest operations, and how runZero’s unknown and IoT asset visibility can help calm the storm for security teams.
runZero Insights
How runZero finds unmanaged devices on your network
How do you find unmanaged devices on your network when they aren't accounted for? Learn how you can use runZero to find unmanaged devices on your...
runZero Research
RDP security: The impact of secure defaults and legacy protocols
Explore the evolution of the Remote Desktop Protocol to become secure by default and learn how to audit your environment for risky RDP configurations.
Industry
Active scanning industrial control systems safely
Do you still believe active scanning in OT environments isn't safe? We all know passive scanning is difficult to deploy, misses assets, and is...

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

© Copyright 2024 runZero, Inc. All Rights Reserved