Rumble 1.12 One Year Later

|
Updated

Rumble v1.12 #

What a year! It is hard to believe that Rumble 1.0 went live only 12 months ago. We wouldn't be here without our amazing community -- Thank you! The 1.12 release work was focused on the less visible parts of the platform; consistency, reliability, performance, bug fixes, infrastructure, and security-related efforts.

Read on for the full list of changes since v1.11.

Consistency & Reliability #

The scan engine now splits the discovery process into three distinct stages (ARP/ICMP), UDP discovery, and TCP scanning. All stages are still run for every target address, but this helps to warm the remote ARP cache, and generally improves reliability without drastically increasing scan times.

The UDP probes will now retry up to two times, similar to the TCP SYN scanner defaults. This helps in cases where a single missed UDP reply could cause an asset to flap.

On the Windows platform, the Rumble Agent and runZero Scanner now bundle npcap 1.00, which includes a number of reliability and performance improvements.

Most users should see a reduced number of changes between scans as a result of these updates.

Screenshot of Rumble Scan Results

Authentication & Access Control #

Users with the Viewer role now have a reduced navigation view, limiting their access to just the inventory, reports, agents, and exports. A big thanks to all of the folks who shared feedback on this feature and helped drive the current implementation.

Single Sign On support received a number of small bug fixes related to the default "No Access" role and support for a wider range of SAML assertion signatures.

We really appreciate all of the feedback received on our SSO implementation and will continue working to make this as painless as possible with all SAML/2.0 compliant IdPs.

Screenshot of Rumble View-Only User

Binaries & Installers #

All Rumble executables (scanners, agents, etc) include an internal codesigning signature. This signature is in addition to the Authenticode signature present on the Windows binaries and is verified as part of every download and upgrade. This process has been reworked to separate license validation from code validation. As a result, folks using the Rumble Verifier prior to version 1.0.4 will need to upgrade to the latest version in order to verify new binaries.

The runZero Scanner can now automatically update itself when run with the upgrade argument. Binaries prior to version 1.11.9 will require a manual upgrade to receive this functionality.

The Rumble Agent can now be installed through a MSI wrapper. This static wrapper uses the same Rumble Agent download URLs as before (tied to your active organization), but can be used with automated installers, will verify the signature of all downloads, and can load agent binaries from arbitrary locations, such as internal webservers.

Screenshot of runZero Scanner Upgrade

Fingerprints & Bug Fixes #

A huge thank you to everyone who submitted new fingerprints and bug fixes during this release cycle. We are still a little behind on the queue, but really appreciate the time and effort it takes to submit these, and are looking forward to rolling them out as we get started on the 1.12.x point releases.

Screenshot of Rumble Improve Fingerprint Form

Release Notes #

The complete release notes for v1.12.0 can be found in our documentation

If you haven't had a chance to try runZero before, or would like to play with the new features, sign up for a free trial and let us know what you think!

Written by HD Moore

HD Moore is the founder and CEO of runZero. Previously, he founded the Metasploit Project and served as the main developer of the Metasploit Framework, which is the world's most widely used penetration testing framework.

More about HD Moore
Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.


Related Articles

runZero Insights
Taming the Typhoons: How runZero Keeps You Ahead of State-Sponsored Cyber Threats
China's Typhoon cyber attacks are evolving, but runZero helps you stay one step ahead with unmatched visibility and proactive defense.
runZero Insights
Ensure compliance with DORA’s ICT risk framework using runZero
Learn how to uncover unmanaged and unknown assets— including IT, OT, and IoT— to meet DORA's hidden risk requirements using runZero.
Life at runZero
Employee Spotlight: Doug Markiewicz
Doug Markiewicz is a strategic Customer Success Engineer with a passion for solving complex cybersecurity problems. Learn more about his journey as...
runZero Insights
Evolving from IT to IoT: Flax Typhoon preyed on the lesser knowns
A look at Flax Typhoon's latest operations, and how runZero’s unknown and IoT asset visibility can help calm the storm for security teams.

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

© Copyright 2024 runZero, Inc. All Rights Reserved