See what we're thinking about, working on, & blogging about.

Explore the latest insights, ideas, & opinions from our talented team of experts & researchers.

CVSS, EPSS, and SSVC: How to Read Between the Vulnerability Scores runZero Research

Learn about strengths and limitations of each scoring systems – and how to best leverage them inform your triage strategy.

Subscribe Now

Get our latest Rapid Responses, insights, and blogs delivered directly to your inbox.

Welcome to the club! Your subscription to our newsletter is successful.

Rapid Response
How to find Versa Director installations with runZero
August 27, 2024
How to find Versa Director (targeted by Volt Typhoon) installations using runZero
Rapid Response
How to find MOBOTIX IP cameras on your network
August 22, 2024
MOBOTIX has disclosed several vulnerabilities in its P3 and Mx6 cameras. Here's how to find them on your network.
runZero Research
End-of-life assets: managing risks in outdated technology
August 19, 2024
Outdated assets create a more accessible entry point for attackers to exploit your attack surface. Learn how the runZero Platform effectively...
runZero Research
Cyber asset management in the era of segmentation decay
August 14, 2024
Network segmentation faces limitations with modern equipment. See how a CAASM approach can improve asset discovery and threat protection.
Rapid Response
How to find IPv6-exposed Microsoft Windows systems on your network
August 13, 2024
On August 13, 2024, Microsoft disclosed a vulnerability affecting a number of different versions of the Windows operating system. Here's how to...
Rapid Response
How to find Windows Remote Desktop Licensing Services on your network
August 13, 2024
Microsoft disclosed multiple vulnerabilities in their RDS product that allows for remote code execution. Here's how to find affected services on...
runZero Research
How runZero speaks to the TwinCAT 3 Automation Device Specification (ADS) protocol
August 1, 2024
In industrial automation, TwinCAT 3’s Automation Device Specification (ADS) protocol ensures seamless communication between components and systems....
runZero Research
Unusual Assets: The riskiest factor in attack surface management
July 31, 2024
runZero’s research finds outlier assets, even if just slightly unusual, are often significantly riskier than others. The outlier score gives...
runZero Research
Active Asset Discovery in OT networks: runZero and the NREL/CECA Report
July 26, 2024
The Cohort 2 report describes how runZero safely discovers devices in a large, complex OT/ICS environment. Learn more about runZero's discovery...
runZero Research
AI in CAASM: The Risks of LLM data in security-critical workflows
July 25, 2024
Current generation AI tools provide appealing answers but struggle with a crucial challenge: knowing the truth, which poses great security risks.
runZero Research
SSHamble: Unexpected exposures in the Secure Shell
July 23, 2024
We conducted a deep dive into the SSH ecosystem and identified vulnerabilities across a wide range of implementations. During the research process,...
runZero Research
Attack Surface Challenges with OT/ICS and Cloud Environments
July 19, 2024
Learn why successfully navigating changes to operational technology and cloud attack surfaces is critical for successful asset security.

Discover the new era of exposure management!