Rumble Network Discovery Beta 6

|
Updated

The Final Beta #

Beta 6 of Rumble Network Discovery is live with a new Service Inventory, per-organization roles for team members, Site import and export, and much more!

This will be our last beta release as we focus on the official launch. If you haven't tried the platform yet, it is now better than ever thanks to the amazing feedback from our Beta community. Beta 6 is free to use until early October and all Beta participants will receive a discount code good for 50% off the first year of service. Please reach out if we can answer any questions about the platform or the upcoming launch (pricing, licensing, security, etc).

Service Inventory #

This release adds the Services tab to the Inventory. Use this interface to find configuration issues, investigate unknown devices, and explore the network from a different angle. Results can be sorted, filtered, and exported into JSON or CSV formats.

A fun example is finding all SSH servers running on a port other than 22.

protocol:ssh and not port:22

Or conversely, find things running on port 22 that are not SSH servers.

port:22 and not protocol:ssh

To identify all systems where a screenshot was captured, the has keyword can be used.

has:screenshot.image.key

Applying the not prefix to has can identify services that are missing a specific field. The query below identifies all HTTPS services that are missing the Strict-Transport-Security header.

protocol:tls and protocol:http and not has:http.head.strictTransportSecurity

Asset service details now directly link to the inventory search, making it simple to drill down into a specific service, attribute, application, or type of asset.

Nearly all asset search fields also apply to service searches, allowing results to be filtered by asset attributes such as operating system as well as service attributes like banners. Take a look at the updated search query syntax documentation for additional information and let us know what you think.

Teams & Roles #

Collaborate with coworkers, create single-organization administrators, and provide view-only access to the inventory with Your Team in Rumble Network Discovery. Beta 6 adds a full permissions matrix, enabling users to have one level of access to all organizations as well as a separate per-organization role. In the example below, a new user is being configured with view access to all organizations and Administrator access to Headquarters. Roles can be used for cross-department collaboration, limiting view-only guest users to a single organization, and much more.

Rumble Agent #

The agent now reports remaining scan time, has improved protocol coverage, updated fingerprints, and bug fixes for race conditions that can occur during high-speed scans. Also a new installation screen.

runZero Scanner #

The scanner now reports the estimated time remaining, writes out a CSV file as a default artifact, and includes all the same fingerprint improvements and bug fixes as the agent. Raw IP interfaces are now supported on Linux, including the OpenVPN tun adapter.

Import & Export Site Definitions #

Site definitions (name, scope, exclusions, description) can now be imported and exported from the Sites page, enabling Site creation using Excel, scripts, or an existing CMDB.

Additional Release Notes #

  • Export file names now refer to the organization name, date, and search query if specified.
  • Updating a recurring scan no longer triggers an immediate scan unless the schedule is changed.
  • Updating a recurring scan in an error status now re-enables the scan.
  • A corner case that could trigger overlapping scans has been resolved.
  • TCP port ranges are now validated at scan configuration time.
  • Services can now track multiple protocols per port (tls, http, http2).
  • HTTP/2 services are now tracked separately from HTTP/1.

Written by HD Moore

HD Moore is the founder and CEO of runZero. Previously, he founded the Metasploit Project and served as the main developer of the Metasploit Framework, which is the world's most widely used penetration testing framework.

More about HD Moore
Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.


Related Articles

runZero Insights
Taming the Typhoons: How runZero Keeps You Ahead of State-Sponsored Cyber Threats
China's Typhoon cyber attacks are evolving, but runZero helps you stay one step ahead with unmatched visibility and proactive defense.
runZero Insights
Ensure compliance with DORA’s ICT risk framework using runZero
Learn how to uncover unmanaged and unknown assets— including IT, OT, and IoT— to meet DORA's hidden risk requirements using runZero.
Life at runZero
Employee Spotlight: Doug Markiewicz
Doug Markiewicz is a strategic Customer Success Engineer with a passion for solving complex cybersecurity problems. Learn more about his journey as...
runZero Insights
Evolving from IT to IoT: Flax Typhoon preyed on the lesser knowns
A look at Flax Typhoon's latest operations, and how runZero’s unknown and IoT asset visibility can help calm the storm for security teams.

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

© Copyright 2024 runZero, Inc. All Rights Reserved