Rumble 1.13: Roles, Correlation, Reports, and More!

(updated ), by HD Moore
icon
Rumble, Inc. is now runZero!

Rumble Network Discovery is now runZero!

Rumble v1.13

The latest version of Rumble is live with small improvements across the board; better reports, improved role management, updates to asset correlation, and a handful of enhancements to the scan engine. Read on for the full list of changes since v1.12.

User Roles & Permissions

Organizations are now more self-sufficient through the addition of a new tab in the Your Team page. This section shows which users have access to the current organization and allows limited administrators to manage users for the active organization.

A new Billing role has been defined that is limited to license and payment management. Users without permissions to any organization can now manage their account settings, including enrollment for multi-factor authentication.

Asset Correlation

Rumble uses a combination of unique attributes and heuristics to identify multihomed assets and track IP changes as assets move around the network. This process now takes into account a wider group of attributes when identifying unique keys in the environment. This improves asset correlation when “gold images” are widely cloned as virtual machines, preventing any extensively duplicated attribute from being used as a unique correlation key.

Inventory & Reporting

IP address management is now easier through small changes to the Subnet reports. The Subnet Utilization report now accurately sorts density based on the site subnet scopes and not the default subnet mask. The Subnet Grid report is now slightly faster with larger networks.

Identifying assets with public-facing IP addresses has been improved through enhancements to the haspublic and hasprivate keywords. These keywords are now accurate even when a mix of IPv6 and IPv4 addresses are present. Searches that involve a bare IP address or partial IPv4 are now automatically mapped to the host keyword.

Tagging has seen two small updates. Any tags set from the inventory page are now added to the asset tags and only replace existing tags if they have the same name. The overview page now also shows the top 50 asset tags across the organizations. Tags are case sensitive and the top tags list can help identify inconsistencies and typos in tag use.

Scanner

The scan engine now pulls IPv4/MAC pairs from a wider range of devices through additional OID support in the ARP cache enumerator. This helps with older Juniper devices in particular.

Certain HTTP services present a gzip-compressed body even when the client doesn’t set the required Accept-Encoding header. This resulted in the HTTP response being stored compressed, which was ugly and prevented some HTTP fingerprints from being applied correctly. Going forward, gzip-compressed bodies are now automatically unpacked, even when doing so technically breaks the HTTP specification.

A small bug related to overlapping network ranges in scan targets has been resolved. This prevents the same IP from being scanned multiple times when overlapping ranges and subnets were configured in the same scan. The scan time estimation in the scan configuration screen now takes into account overlapping ranges as well.

The standalone CLI scanner received some light updates to the user interface, including display of runtime statistics like memory, CPU utilization, active goroutines, and the number of open files. The available information changes a little by platform, but overall this helps keep an eye on resource usage during a scan.

Release Notes

The complete release notes for v1.13.0 can be found in our documentation.

If you haven’t had a chance to try runZero before, or would like to play with the new features, sign up for a free trial and let us know what you think!

Similar Content

September 13, 2022

runZero 3.1: Sync Active Directory, import assets from Shodan, and launch integrations from Explorers

What’s new with runZero 3.1? Sync your Active Directory users, groups, and machines with runZero Import assets and external services from Shodan Launch integrations from Explorers Connect and sync Active Directory with runZero runZero Professional and Enterprise users …

Read More

August 8, 2022

runZero 3.0: Check out our new name, and sync assets, software, and vulnerability data from Qualys

Rumble Network Discovery is now runZero! What’s new with runZero 3.0? Meet our new brand: runZero! Sync assets, software, & vulnerability data from Qualys Introducing runZero Rumble is officially runZero! This name change reflects our growth as a product and as a …

Read More

July 12, 2022

Rumble 2.15: Sync assets, software, and vulnerability data from Rapid7, scan external domains from our cloud, and report on external assets and services

Rumble Network Discovery is now runZero! What’s new with Rumble 2.15? Sync assets, software, and vulnerability data from Rapid7 InsightVM and Nexpose Quickly identify and report externally exposed assets and services Navigate your inventory faster with an updated …

Read More