Rumble 2.8 Synchronize your VMware inventory, import Censys scan data, and run RFC 1918 scans faster

|
Updated

What's new with Rumble 2.8? #

Integration improvements

Scan, search, and self-hosted improvements

User experience improvements

Integration improvements #

Synchronize your VMware virtual machine inventory #

Rumble Enterprise users can now synchronize their VMware vCenter and ESXi virtual machine inventories with Rumble. Integrating with VMware allows you to track virtual machines, enrich assets with virtual hardware and guest operating attributes, in addition to networking details. VMware discovery is implemented through the scanner; get started by adding your VMware credentials and selecting them in your scan.

VMware integration

Import external scan data from Censys #

Rumble Enterprise now integrates with the Censys platform, supporting the Censys Search API (paid and free tiers) and Censys data files. This integration allows you to import scan data from Censys to enrich your inventory with additional details and context for external-facing assets.

There are a couple of ways to leverage the Censys integration:

  • You can specify a Censys search query and pull all matching assets from Censys into Rumble.
  • You can take all the external IP addresses from an organization in Rumble, query them in Censys, and overlay the information on your Rumble inventory.

To set up the integration, you will need to add Censys Search API credentials and set up a connector in Rumble. Rumble will connect to the Censys Search API to pull in and add the asset data to your inventory. The Censys API integration can also be used from the command-line scanner.

In addition, subscribers to Censys data can now use the Rumble scanner to extract specific network ranges from Censys Avro data files. Host information can be written to Rumble scan data files for later upload, or automatically uploaded to a specific site.

Scan, search, and self-hosted improvements #

Discover all RFC 1918 networks–faster and easier #

Identify all private assets connected to your private RFC 1918 networks with Rumble, faster, and easier than ever. The new Full RFC 1918 Discovery preset lets you run an RFC 1918 internal scan with just one click. For Rumble Enterprise and Professional users, running the RFC 1918 scan will help you identify undocumented IP spaces and close gaps discovered in the RFC 1918 Coverage Report. The preset has default scan settings optimized for speed, but can be customized to tune the scan rate, ports, and scope based on your environment.

RFC 1918 quick mode

Customize scan schedules with more options #

Running scans routinely helps ensure that your asset inventory is always up-to-date. To help you stay on top of your scans, Rumble 2.8 introduces the ability to fully customize scan times based on the frequency you have selected. There is a new scan frequency option called Nth weekday of month that lets you schedule scans for specific days of the month, like the first Monday of the month. You can also run scans on specific days of the week, like only on Mondays and Wednesdays.

Scan schedule frequency

Configure multiple SNMP v3 credentials per scan #

You can now configure multiple SNMP v3 credentials per scan. To get started, add an SNMP v3 credential to your account. When you create a scan, you can choose what credentials to use from the Credentials tab. You can also add SNMP v2 community string credentials to your account to use in scans. SNMP v2 and v3 credentials can be constrained to specific subnets and organizations.

Download diagnostic logs for tasks #

You can download diagnostic logs to troubleshoot issues that may occur with your scan, import, and connector tasks. Diagnostic logs are available for completed and failed tasks and viewable from the task details page.

Task log

Supported TLS version enumeration #

Rumble 2.8 helps you shine a light on older versions of TLS/SSL that are still supported by an asset. Good cyber hygiene means taking care of any assets still supporting SSLv2 or v3 as soon as possible. Remember Heartbleed?

To identify assets that support older versions, there are two new service attributes you can look at:

  • tls.supportedVersionNames - Shows the version names supported by an asset service (e.g., SSLv2).
  • tls.supportedVersions - Shows the versions supported by an asset service (e.g. 0x0200).

We've also added a prebuilt query to our library to help you quickly identify assets that support SSL v2 or SSL v3.

Supported TLS enumeration

Rumble also shows the default TLS version an endpoint negotiates. You can look at the tls.version and tls.versionName (and all other tls.* attributes for an asset service) for more information around this TLS version.

Self-host Rumble on more operating systems #

You can self-host Rumble now on Debian Linux 9, 10, and 11 and Oracle Linux 7.x and 8.x x86_64.

User experience improvements #

Manage third-party credentials globally #

You might have noticed, but we've added quite a few integrations recently. While we added third-party credential management in Rumble 2.4, it wasn't the easiest to find (it was in your account settings). We wanted to make it easier for you to configure and manage your credentials, so we added a new Credentials menu under your Global Settings. It'll take you directly to all of your credentials. Happy integrating!

Global credential management

Easily see recurring and scheduled task details #

The Tasks page now shows cards for recurring and scheduled tasks, making it easier to view details on a task-level. Each card displays the schedule type, site, explorer, and source, as well as the run details. The card view will help you quickly check the status of upcoming tasks, as well as see when they are running next. Cards also have modify, copy, and remove actions available for the task.

Task card

Build your search query with an editor #

The Search bar has a new look and feel that matches the other updated areas of the UI. There is a new Edit query button that opens a new, resizable multi-line editor for your query input. Use this editor when you have long queries, and you want to see the query in its entirety. The save, copy query link, and reset buttons have been moved next to the Search bar.

Search editor

Release notes #

This release includes a rollup of all the 2.7.x updates. Read the changelog to see all the improvements and updates in this release.

Get started with Rumble #

Want to take Rumble for a spin? Sign up for a free trial to try out these capabilities free for 21 days.

Written by runZero Team

Due to the nature of their research and out of respect for their privacy, runZero team members prefer to remain anonymous. Their work is published under the runZero name.

More about runZero Team
Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.


Related Articles

runZero Insights
Taming the Typhoons: How runZero Keeps You Ahead of State-Sponsored Cyber Threats
China's Typhoon cyber attacks are evolving, but runZero helps you stay one step ahead with unmatched visibility and proactive defense.
runZero Insights
Ensure compliance with DORA’s ICT risk framework using runZero
Learn how to uncover unmanaged and unknown assets— including IT, OT, and IoT— to meet DORA's hidden risk requirements using runZero.
Life at runZero
Employee Spotlight: Doug Markiewicz
Doug Markiewicz is a strategic Customer Success Engineer with a passion for solving complex cybersecurity problems. Learn more about his journey as...
runZero Insights
Evolving from IT to IoT: Flax Typhoon preyed on the lesser knowns
A look at Flax Typhoon's latest operations, and how runZero’s unknown and IoT asset visibility can help calm the storm for security teams.

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

© Copyright 2024 runZero, Inc. All Rights Reserved