Rumble 2.14: Sync assets, software, and vulnerability data from Tenable, run external discovery from our cloud, and extend your Microsoft Azure coverage

(updated ), by Megg Daudelin
icon
Rumble, Inc. is now runZero!

Rumble Network Discovery is now runZero!

What’s new with Rumble 2.14?

Sync assets, software, and vulnerability data from Tenable

Rumble Enterprise users can now enrich their inventory with an authenticated API connection to Tenable.io or a scan file import from Tenable Nessus. This allows you to search for Tenable attributes, software entries, and vulnerabilities in Rumble, as well as find assets not monitored by Tenable.io or Nessus. Rumble automatically correlates Tenable assets to Rumble assets based on unique fields. Vulnerability data can now be viewed in the asset detail view as well as a dedicated inventory tab. Vulnerability attributes include CVSS score, relevant CVEs, vulnerability description, and any recommended remediations.

To get started, set up an API connection to Tenable.io or import a scan file from Tenable Nessus.

Tenable connectors

Explore identified vulnerabilities

View, search, and export vulnerability data through the new Vulnerabilities inventory. This inventory populates through third-party integrations or data imports, such as the Tenable.io integration or a Tenable Nessus scan file import.

After configuring the integration, explore results in your Vulnerabilities inventory.

Vulnerability inventory

Discover external assets with Rumble cloud-hosted scanners

Rumble Enterprise customers can now scan external-facing assets using the Rumble cloud. Configure a cloud-sourced scan by selecting a hosted zone from the scan configuration screen.

External asset scanning

This release also includes support for specifying external scan targets (and exclusions) by AS number and geolocation country. For example, to scan all of AS #13 but exclude the UK, use the scan scope asn4:13 and the scan exclusion of country:gb.

Track Azure Function Apps through the Microsoft Azure integration

The Microsoft Azure integration now supports importing Azure Function Apps through the Azure Web Apps API. When you configure this connector, you can also set it to automatically include new supported asset types as they are added.

Configure the Microsoft Azure integration to include importing Azure Function Apps now.

Azure Function Apps integration

Release notes

The Rumble 2.14 release includes a rollup of all the 2.13.x updates, which includes all of the following features, improvements, and updates.

New features

  • Scans can now specify asn4:<id> and country4:<2-letter ISO code> in the scan and site scope and exclusion fields.
  • User access and management improvements
  • Single organization administrators can now manage non-global credentials for their organization.

Performance improvements

  • The size limit for cloud-hosted scans has been increased from 4GiB to 10GiB.
  • Bogus results caused by firewall interference are now automatically ignored in more cases.

Reporting improvements

  • Organization overview report now includes asset tags when available.

Integration improvements

  • The Censys integration now reports the observed_at, extended_service_name, perspective_id, and source_ip for all services.

Fingerprinting changes

  • New fingerprints for Atlassian Confluence Server and Atlassian Confluence Data Center.
  • Improved ability to fingerprint exact version and build of Atlassian Jira.
  • Improved ability to distinguish Oracle Enterprise Linux and Rocky Linux from Red Hat Enterprise Linux.
  • New coverage for Docker to identify versions, host OSes, hostnames, and more.
  • Improved fingerprint selection and fallback logic resulting in higher quality OS and hardware detection.
  • General improvements in fingerprinting, specifically for VoIP, Cisco networking equipment, HP printers, and Lexmark printers.
  • Additional support for products by Advantech, Apache, Apple, Ascom, Atos Unify, AudioCodes, Avocent, Belden, Blackberry, Bosch, DallasDelta, Darktrace, Dell, Eaton, EfonVNC, EMC, Encom, Echelon, Ericsson, F5, Fortinet, Gemalto, Grandstream, Hitachi, Honeywell, HPE, IBM, Intel, Juniper, Keycloak, KongHQ, LANDesk, Linksys, Micro Focus, Microsoft, Microware, MinIO, Mitel, NetApp, Netgate, OpenResty, OpenWRT, Pivotal, Polycom, Portainer, Red Hat, RemObjects, Reolink, Samsung, SAS, Schneider Electric, Shelly, Shibboleth, Siemens, Sipura, SoftEther, Spectralink, Steelcase, Sun, VMWare, Wind River, Wowza, Xerox, Yealink, and Zenitel.

Bug fixes

  • A bug that prevented searching software by version has been fixed.
  • A bug that presented input fields for unselected credential types has been fixed.
  • A bug that prevented the self-hosted installer from completing has been resolved.
  • A bug affecting some users of scan templates has been fixed to ensure the scan configuration is followed.
  • A bug preventing the “TLS JARM hashes” report from properly running has been fixed.
  • A bug preventing the “TLS serial numbers” report from properly running has been fixed.
  • A bug that could lead to event processing terminating early has been resolved.

Start your free trial

Want to take Rumble for a spin? Sign up for a free trial to try out these capabilities free for 21 days.

Similar Content

September 13, 2022

runZero 3.1: Sync Active Directory, import assets from Shodan, and launch integrations from Explorers

What’s new with runZero 3.1? Sync your Active Directory users, groups, and machines with runZero Import assets and external services from Shodan Launch integrations from Explorers Connect and sync Active Directory with runZero runZero Professional and Enterprise users …

Read More

August 8, 2022

runZero 3.0: Check out our new name, and sync assets, software, and vulnerability data from Qualys

Rumble Network Discovery is now runZero! What’s new with runZero 3.0? Meet our new brand: runZero! Sync assets, software, & vulnerability data from Qualys Introducing runZero Rumble is officially runZero! This name change reflects our growth as a product and as a …

Read More

July 12, 2022

Rumble 2.15: Sync assets, software, and vulnerability data from Rapid7, scan external domains from our cloud, and report on external assets and services

Rumble Network Discovery is now runZero! What’s new with Rumble 2.15? Sync assets, software, and vulnerability data from Rapid7 InsightVM and Nexpose Quickly identify and report externally exposed assets and services Navigate your inventory faster with an updated …

Read More