See runZero in action

Contact us to book a demo with our team.

runZero and Noetic integrate to automate workflows that solve coverage gaps

(updated ), by Huxley Barbee

Lack of visibility, correlation, and automation are major hurdles impeding security vulnerability identification and mitigation. Existing tooling often imprecisely fingerprints anything but common devices like standard-issue workstations. Some tools miss unmanaged and orphaned devices entirely. Identification coverage gaps for an attack surface are all too typical as a result. Leveraging additional sources of asset data can help but only if properly chained together for actionable insights that may be automated for effective mitigation.

Better asset data and coverage for your cyber risk management programs #

runZero is a cyber asset attack surface management solution that helps security and IT teams know every asset and stay on top of changes in the network. Noetic is a cyber security asset management and controls platform that delivers visibility into cyber security posture, cloud and on-premise environments, using existing insights from IT management and security tools. Together, runZero and Noetic can identify coverage gaps and automate workflows to address them.

Most asset inventory solutions have gaps in what they detect. runZero covers all of your bases, including managed and unmanaged devices, IT and OT infrastructure, devices at work and at home. On top of accurate OS and service fingerprints, runZero learns attributes such as installed anti-malware products, secondary network interfaces, and Windows domain memberships.

Network and asset discovery with runZero #

runZero fits well into any organization. Many asset inventory solutions use aggressive scan tactics that can destabilize some IT and OT devices. runZero only sends well-formed IP packets and does not use security probes. The proprietary unauthenticated scanner means no agents on every device, no collecting passwords from different teams and organizations, and no access to SPAN ports in your sprawling network. runZero offers easy deployment for fast and accurate asset inventory.

See runZero and Noetic in action

Sign up for the upcoming Reducing Risk and Delivering Insights through Cyber Asset Management webinar.

Sign up

How runZero and Noetic work together #

Noetic’s integration with runZero offers out-of-the-box functionality for immediate value in the form of queries, workflows, and functions. Using provided queries, users can quickly see which assets are already scanned or still to be scanned by runZero. Predefined workflows allow Noetic users to ingest all supported entities from runZero, but that is not all. Noetic provides a bidirectional connector to runZero, so users can also queue a scan on a runZero Explorer directly from Noetic.

The agentless connector also exposes underlying capabilities of runZero to support integrated workflows that link capabilities across multiple solutions. An organization can automatically create a ServiceNow ticket for orphaned or unmanaged assets through visibility from runZero combined with Noetic’s workflow engine. Similarly, an organization can automatically identify devices missing an EDR agent and remediate with automated deployment, with no human intervention.

Aside from workflows for continuous improvement, Noetic provides updated views of cyber risk. Noetic’s runZero integration provides a dashboard to see high-level statistics to highlight previously unknown assets, possible rogue wireless access points, and security coverage gaps. Beyond the dashboard, Noetic correlates and aggregatesDo the runZero asset inventory with data sources for a multi-dimensional, holistic view of the entire cyber estate.

How to set up the integration #

To link Noetic and runZero, enable the runZero connector in the Noetic platform. You will need to provide a runZero API key to link the two applications, you can then schedule a regular import feed to ensure your data is fully up-to-date.

The runZero connector comes with out-of-the box workflows, queries and functions that are designed to take advantage of runZero’s capabilities, such as ingesting specific data types or scheduling additional scans.

Get runZero Professional free for 21 days

Deploy runZero and build your asset inventory in minutes.

Start your trial
runZero on laptop
Huxley Barbee
Written by Huxley Barbee

Huxley Barbee is the Security Evangelist at runZero. He has spent over 20 years as a software engineer and security consultant, previously working for Cisco, Sparkpost, and Datadog. Huxley attended his first DEF CON in 1999, and holds both CISSP and CISM certifications. Huxley is also an organizer of BSidesNYC.

Similar Content

January 24, 2020

Syncing Rumble Assets with Splunk

We are excited to announce the availability of an official Splunk Addon for Rumble! This addon uses the new Asset Sync API included in version 1.3.1 of the platform and supports two modes of operation. The New Assets Only mode will only pull in assets that have not been seen …

Read More

Subscribe and stay in the loop!

We won't share your email.

Unsubscribe at any time.