Rumble 2.12 Generate organization reports, create scan templates, synchronize GCP, and invite external users

|
Updated

What's new with Rumble 2.12? #

  • Generate Organization Overview Report for stakeholders
  • Create scan templates to simplify scan management
  • Synchronize your GCP virtual machines to Rumble
  • Invite external Rumble users to your account
  • Fingerprints and protocol updates
  • User experience improvements

Generate Organization Overview Report for stakeholders #

The new Organization Overview Report makes it easy to share a comprehensive view (or just a summary) with external stakeholders. This report provides a high-level overview of the organization and can optionally include asset details and web screenshots. The report can be saved as HTML, printed to PDF, and shared with folks without a Rumble login via email or chat.

Generate an Organization Overview Report from the Reports page.

Organization Overivew Report

Create scan templates to simplify scan management #

Create a standard scan configuration and reuse it across recurring scans with the new Scan Template feature. Scan templates help Rumble users simplify the process of configuring multiple scans and reduce errors. If you have multiple scan tasks linked to a template, changing the template will update the configuration on all those tasks. Scan templates can be shared across organizations.

Try out the new scan templates in Tasks.

Scan Templates

Synchronize your GCP virtual machines to Rumble #

In addition to AWS and Azure, Rumble users can now integrate their Google Cloud Platform virtual machines with their Rumble inventory using the new GCP connector to deliver greater visibility into their cloud assets. After setting up the GCP integration, Rumble connects and collects information about the virtual machines, including their zone, size, OS, storage, and networking.

In Rumble, GCP virtual machines display a GCP icon in the Source column and include GCP and VM-specific fields, such as IP forward enabled, disk deletion protection, last start timestamp, and network tier for interface.

To connect your Rumble account to GCP, go to Home / Tasks / GCP.

GCP

Invite external Rumble users to your account #

Rumble superusers can now invite users to the platform that have an existing, separate Rumble account. This supports a number of common use cases:

  • Consultants who need to log on to several customer environments.
  • Value-added resellers that deploy Rumble for their customers.
  • MSPs that manage IT for multiple companies.

External users can be invited and removed as needed, all from the Your Team page. Rumble Enterprise users can combine this with temporary groups (introduced in 2.10) when an outside party only needs access for a short period of time.

For integrators and consultants, a list of accounts you have been given access to will appear in a new drop-down menu next to the Organization selector in the upper right.

External access does not allow for cross-account data sharing and each account’s inventory is kept completely separate.

External Users

Fingerprints and protocol updates #

Discover even more information about your assets with the addition of new fingerprints and protocols in the Rumble scan engine. This release introduces support for Kerberos and LDAP protocols. These additional protocols can be used to identify unauthorized domain controllers and misconfigurations across the environment.

Rumble will identify Kerberos services using both TCP and UDP transports, uncovering details such as the realm, server time, and principal name.

Through anonymous binds, Rumble discovers LDAP servers including Microsoft Active Directory servers. The LDAP fingerprinting shows connection and authentication information as well as configuration details such as the distinguished name, LDAP vendor, and LDAP version.

On the fingerprinting side, Rumble’s database has been extended with additional support for products by Sony, 3M, Allen-Bradley, BARIX, Compal, Data-O’Neil, Denon, D-Link, Gude Systems, HPE, Mitsubishi, Moxa, Nexsan, Nokia, ORing, Samsung, Shelly, Synology, The Energy Detective, VMware, and Zyxel.

Kerberos and LDAP

User experience improvements #

Quickly navigate the Rumble platform with an updated sidebar. The new sidebar provides faster access to product sections without the need to switch between in-page tabs. This navigation update improves responsiveness and supports a wider range of display resolutions.

The asset details screen now better scales when viewing devices with hundreds of IPs and services. The new design makes it easy to get a high-level view of the asset and to quickly drill down to specific attributes values with minimal interaction. This update makes it possible to dig into the details of even massively multi-homed devices, such as Cisco Nexus switches.

Open any asset in your inventory to see the new asset details screen.

UX Updates

Release notes #

The Rumble 2.12 release includes a rollup of all the 2.11.x updates, which includes all of the following features, improvements, and updates.

New features #

  • Generate Organization Overview Report for stakeholders
  • Create scan templates to simplify scan management
  • Synchronize your GCP virtual machines to Rumble
  • Invite external Rumble users into your account
  • Protocol support for Kerberos and LDAP

Integration improvements #

  • A regression in the VMware connector has been resolved.
  • A bug that prevented some third-party connectors from recording a task-completed event has been resolved.
  • A bug that could lead to timeouts with large CrowdStrike imports has been resolved.

Inventory management improvements #

  • The inventory search now supports a wider range of UTF-8 input for search patterns.
  • The dashboard has been updated to display a helpful tooltip icon on the RTT latency chart that defines certain terms and metrics.
  • The console now correctly filters bogus ARP replies over a reasonable threshold.
  • The Network Switch report can now be launched from the reports page.
  • The Asset inventory now displays the subnet tag descriptions on hover of subnet tags.
  • The Asset CSV import now supports cell widths of up to 16,384 characters (from 1,024).
  • Long-running export requests now timeout after 90 minutes, from 30 minutes, for large organizations.
  • Incorrect outlier search result links have been fixed.
  • Autocompletion of search keywords has been added for Sites and Queries.
  • Alert rule queries now take into account assets found through integrations.
  • A bug that prevented {{organization.name}} from being used in certain organization alert templates has been resolved.
  • A bug that prevented exact = attribute matches from working has been resolved.
  • A bug that prevented service_ports_tcp and service_ports_udp search keywords from working as intended has been resolved.
  • A bug that could lead to some metric queries timing out has been resolved.
  • A bug that caused the Network Switch report to sometimes show a 500 error has been resolved.

Scan engine improvements #

  • The update process for Explorers on the Windows platform is now more resilient to EDR/AV interference.
  • The scan engine now detects the Veeam Distribution Service API.
  • A bug that could lead to concurrent task processing in the same organization has been resolved.
  • A bug that caused the SNMP probe to default to community strings “public,private” when no communities were provided has been resolved.
  • A bug that allowed update requests to interrupt scans has been resolved.

Self-hosted platform improvements #

  • The self-hosted rumblectl set-role command now also supports setting the superuser role.
  • The self-hosted rumblectl reset command now also resets the MFA token.
  • The self-hosted platform now supports scan imports larger than 4GiB.
  • The self-hosted CLI now supports setting the superuser role and resetting MFA.
  • A bug that prevented the self-hosted server from restarting in out-of-memory conditions has been resolved.
  • A bug that caused self-hosted Explorer and Scanner offline updates to fail has been resolved.

Fingerprinting changes #

  • Support for Kerberos and LDAP protocols.
  • Additional support for products by Sony, 3M, Allen-Bradley, BARIX, Compal, Data-O’Neil, Denon, D-Link, Gude Systems, HPE, Mitsubishi, Moxa, Nexsan, Nokia, ORing, Samsung, Shelly, Synology, The Energy Detective, VMware, and Zyxel.

User access and management improvements #

  • The group mappings tab no longer shows when a user has SSO disabled.
  • The group column in the user table was not meant to be sortable and this has been fixed.
  • The SSO group mapping form now displays a relevant error when the groups list is empty or no group has been selected.
  • A bug that prevented sso-login events from being recorded when the connection was terminated mid-event has been resolved.
  • A bug that prevented login events from being displayed in the Events view has been resolved.

API improvements #

  • The response time when exporting assets via the API has been improved.
  • The API now handles temporary maintenance-related errors more consistently.

Start your free trial #

Want to take Rumble for a spin? Sign up for a free trial to try out these capabilities free for 21 days.

Written by runZero Team

Due to the nature of their research and out of respect for their privacy, runZero team members prefer to remain anonymous. Their work is published under the runZero name.

More about runZero Team
Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.


Related Articles

runZero Insights
Taming the Typhoons: How runZero Keeps You Ahead of State-Sponsored Cyber Threats
China's Typhoon cyber attacks are evolving, but runZero helps you stay one step ahead with unmatched visibility and proactive defense.
runZero Insights
Ensure compliance with DORA’s ICT risk framework using runZero
Learn how to uncover unmanaged and unknown assets— including IT, OT, and IoT— to meet DORA's hidden risk requirements using runZero.
Life at runZero
Employee Spotlight: Doug Markiewicz
Doug Markiewicz is a strategic Customer Success Engineer with a passion for solving complex cybersecurity problems. Learn more about his journey as...
runZero Insights
Evolving from IT to IoT: Flax Typhoon preyed on the lesser knowns
A look at Flax Typhoon's latest operations, and how runZero’s unknown and IoT asset visibility can help calm the storm for security teams.

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

© Copyright 2024 runZero, Inc. All Rights Reserved