Rumble 1.13 Roles, Correlation, Reports, and More!

|
Updated

Rumble v1.13 #

The latest version of Rumble is live with small improvements across the board; better reports, improved role management, updates to asset correlation, and a handful of enhancements to the scan engine. Read on for the full list of changes since v1.12.

User Roles & Permissions #

Organizations are now more self-sufficient through the addition of a new tab in the Your Team page. This section shows which users have access to the current organization and allows limited administrators to manage users for the active organization.

A new Billing role has been defined that is limited to license and payment management. Users without permissions to any organization can now manage their account settings, including enrollment for multi-factor authentication.

Asset Correlation #

Rumble uses a combination of unique attributes and heuristics to identify multihomed assets and track IP changes as assets move around the network. This process now takes into account a wider group of attributes when identifying unique keys in the environment. This improves asset correlation when "gold images" are widely cloned as virtual machines, preventing any extensively duplicated attribute from being used as a unique correlation key.

Inventory & Reporting #

IP address management is now easier through small changes to the Subnet reports. The Subnet Utilization report now accurately sorts density based on the site subnet scopes and not the default subnet mask. The Subnet Grid report is now slightly faster with larger networks.

Identifying assets with public-facing IP addresses has been improved through enhancements to the haspublic and hasprivate keywords. These keywords are now accurate even when a mix of IPv6 and IPv4 addresses are present. Searches that involve a bare IP address or partial IPv4 are now automatically mapped to the host keyword.

Tagging has seen two small updates. Any tags set from the inventory page are now added to the asset tags and only replace existing tags if they have the same name. The overview page now also shows the top 50 asset tags across the organizations. Tags are case sensitive and the top tags list can help identify inconsistencies and typos in tag use.

Scanner #

The scan engine now pulls IPv4/MAC pairs from a wider range of devices through additional OID support in the ARP cache enumerator. This helps with older Juniper devices in particular.

Certain HTTP services present a gzip-compressed body even when the client doesn't set the required Accept-Encoding header. This resulted in the HTTP response being stored compressed, which was ugly and prevented some HTTP fingerprints from being applied correctly. Going forward, gzip-compressed bodies are now automatically unpacked, even when doing so technically breaks the HTTP specification.

A small bug related to overlapping network ranges in scan targets has been resolved. This prevents the same IP from being scanned multiple times when overlapping ranges and subnets were configured in the same scan. The scan time estimation in the scan configuration screen now takes into account overlapping ranges as well.

The standalone CLI scanner received some light updates to the user interface, including display of runtime statistics like memory, CPU utilization, active goroutines, and the number of open files. The available information changes a little by platform, but overall this helps keep an eye on resource usage during a scan.

Release Notes #

The complete release notes for v1.13.0 can be found in our documentation.

If you haven't had a chance to try runZero before, or would like to play with the new features, sign up for a free trial and let us know what you think!

Written by HD Moore

HD Moore is the founder and CEO of runZero. Previously, he founded the Metasploit Project and served as the main developer of the Metasploit Framework, which is the world's most widely used penetration testing framework.

More about HD Moore
Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.


Related Articles

Life at runZero
Employee Spotlight: Doug Markiewicz
Doug Markiewicz is a strategic Customer Success Engineer with a passion for solving complex cybersecurity problems. Learn more about his journey as...
runZero Insights
Evolving from IT to IoT: Flax Typhoon preyed on the lesser knowns
A look at Flax Typhoon's latest operations, and how runZero’s unknown and IoT asset visibility can help calm the storm for security teams.
runZero Insights
How runZero finds unmanaged devices on your network
How do you find unmanaged devices on your network when they aren't accounted for? Learn how you can use runZero to find unmanaged devices on your...
runZero Research
RDP security: The impact of secure defaults and legacy protocols
Explore the evolution of the Remote Desktop Protocol to become secure by default and learn how to audit your environment for risky RDP configurations.

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

© Copyright 2024 runZero, Inc. All Rights Reserved