🗓️ Live on June 17: The New Rules of Risk: EPSS v5 & Agentic Adversaries Register
runZero CAASM

On This Page:

  1. runZero Scanner - version 1.3.1

runZero Scanner Updates & Data Transparency

HD Moore
|
Updated

Data transparancy is one of the key drivers of Rumble development. We do our best to ensure that any data gathered, transmitted, or downloaded is easy to view, import, export, and reprocess. Data generated by the Rumble Agent can be downloaded and reprocessed by the runZero Scanner. Raw data from the runZero Scanner can be imported into the Rumble Console. This data is consistently formatted and almost always backwards compatible between versions.

runZero Scanner Data

runZero Scanner - version 1.3.1 #

This week we released version 1.3.1 of the runZero Scanner, which adds even more features for working with data and bringing that data back into the cloud console. The new additions include:

  • Support for the --baseline option, which accepts an assets.jsonl file from a previous run, or a JSONL export from the Rumble Console, and uses this as a baseline for normalizing and deduplicating assets. Assets matched against the baseline will carry forward the same UUID values, as well as tags and comments, in the resulting assets.jsonl of the new scan. For folks who primarily use the Scanner (and our OEM integrators), this simplifies the process of asset tracking between scans, allowing the same logic as the cloud backend to be applied to local scan data.

  • Support for the --upload option. The runZero Scanner can now upload data directly to the cloud console. If you want more flexibility for how scans are run, when they are run, and from what systems, the Scanner can now be used as a primary driver of scan data for the console. To use this option, specify an Organization API key for the --api-key parameter and optionally, set the --upload-site name to the Site to populate. If you want to send data to your own endpoint, you can override the --api-host parameter and build your own handler for the Import API.

  • Support for multiple --import options. This change allows the runZero Scanner to consolidate raw scan data (scan.rumble.gz or the raw task data from the console) into a single output. This works with the --baseline option to track and correlate assets and with the --upload option. The import option works with or without new scan parameters. If you would like to import one more previous scans into a remote site, specify each --import file, set the --api-key, and an optional --upload-site.

If you haven't had a chance to try the runZero Scanner yet, you can sign up for a free trial and then download the binary for your platform of choice from the Scanner section of the console. For additional information about the Scanner, including the command-line options, take a look at the documentation. We hope you find these additions useful and would love your feedback about what we can do to make Rumble work even better for your use case.

Happy scanning!

-HD

Written by HD Moore

HD Moore is the founder and CEO of runZero. Previously, he founded the Metasploit Project and served as the main developer of the Metasploit Framework, which is the world's most widely used penetration testing framework.

More about HD Moore
Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.

Explore more runZero

Product
Announcing runZero 4.9: Unmask attack paths and segmentation gaps with advanced topology and deep OT device intelligence
With runZero 4.9, visualize attacker lateral movement, harden network choke points, gain deep OT telemetry to secure converged environments, and more.
Read More
Webcasts
runZero Hour, Ep. 30: Segmentation - stop assuming & start verifying with runZero 4.9
See runZero 4.9 in action! Join HD Moore and Tod Beardsley to learn how interactive attack path mapping and advanced OT intelligence expose hidden...
Watch Now
Product Videos
runZero 4.9: Advanced topology, attack path mapping, & deep OT intelligence
With runZero 4.9, visualize attacker lateral movement, harden network choke points, gain deep OT telemetry to secure converged environments, and more.
Watch Now
runZero Perspective
Dawn of the apex agentic adversary
When agentic AI can weaponize exploits in seconds, visibility is everything. Stop the predator with runZero’s exposure management for the AI-attack...
Read More
Webcasts
Beyond the Zero-Day: Mapping the network attackers actually see
Breaches are inevitable. Learn from HD Moore how attackers exploit the seams between IT, IoT, and OT networks — and how to fix the segmentation...
Watch Now
Podcasts
Risky Biz Interview: Navigating the AI vibe shift with HD Moore
runZero Founder and CEO HD Moore drops by in this week's Risky Biz sponsor interview to talk about the concerning AI vibe shift and what to do...
Watch Now
Podcasts
From two weeks to three days: The KEV deadline debate
Former CISA insider Todd Beardsley joins Greg to reveal what it takes to land on the KEV catalog and why ultra-short patching deadlines might...
Listen Now
Solution Briefs
runZero for NIS2 compliance
You can’t secure what you can’t see. runZero provides the complete asset visibility and continuous reporting you need to satisfy strict NIS2...
Read More

See Results in Minutes

See & secure your total attack surface. Even the unknowns & unmanageable.

Try runZero for Free
runZero CAASM
© Copyright 2026 runZero, Inc. All Rights Reserved