Rumble 2.8: Synchronize your VMware inventory, import Censys scan data, and run RFC 1918 scans faster
What’s new with Rumble 2.8? #
Scan, search, and self-hosted improvements
- Discover all RFC 1918 networks, faster
- Customize scan schedules with more options
- Configure multiple SNMP v3 credentials per scan
- Download diagnostic logs for tasks
- Supported TLS version enumeration
- Self-host Rumble on Debian Linux 9, 10, and 11 and Oracle Linux 7.x and 8.x x86_64
User experience improvements
- Manage scan credentials globally
- Easily see recurring and scheduled task details
- Build your search query in an editor
Integration improvements #
Synchronize your VMware virtual machine inventory #
Rumble Enterprise users can now synchronize their VMware vCenter and ESXi virtual machine inventories with Rumble. Integrating with VMware allows you to track virtual machines, enrich assets with virtual hardware and guest operating attributes, in addition to networking details. VMware discovery is implemented through the scanner; get started by adding your VMware credentials and selecting them in your scan.
Import external scan data from Censys #
Rumble Enterprise now integrates with the Censys platform, supporting the Censys Search API (paid and free tiers) and Censys data files. This integration allows you to import scan data from Censys to enrich your inventory with additional details and context for external-facing assets.
There are a couple of ways to leverage the Censys integration:
- You can specify a Censys search query and pull all matching assets from Censys into Rumble.
- You can take all the external IP addresses from an organization in Rumble, query them in Censys, and overlay the information on your Rumble inventory.
To set up the integration, you will need to add Censys Search API credentials and set up a connector in Rumble. Rumble will connect to the Censys Search API to pull in and add the asset data to your inventory. The Censys API integration can also be used from the command-line scanner.
In addition, subscribers to Censys data can now use the Rumble scanner to extract specific network ranges from Censys Avro data files. Host information can be written to Rumble scan data files for later upload, or automatically uploaded to a specific site.
Scan, search, and self-hosted improvements #
Discover all RFC 1918 networks–faster and easier #
Identify all private assets connected to your private RFC 1918 networks with Rumble, faster, and easier than ever. The new Full RFC 1918 Discovery preset lets you run an RFC 1918 internal scan with just one click. For Rumble Enterprise and Professional users, running the RFC 1918 scan will help you identify undocumented IP spaces and close gaps discovered in the RFC 1918 Coverage Report. The preset has default scan settings optimized for speed, but can be customized to tune the scan rate, ports, and scope based on your environment.
Customize scan schedules with more options #
Running scans routinely helps ensure that your asset inventory is always up-to-date. To help you stay on top of your scans, Rumble 2.8 introduces the ability to fully customize scan times based on the frequency you have selected. There is a new scan frequency option called
Nth weekday of month that lets you schedule scans for specific days of the month, like the first Monday of the month. You can also run scans on specific days of the week, like only on Mondays and Wednesdays.
Configure multiple SNMP v3 credentials per scan #
You can now configure multiple SNMP v3 credentials per scan. To get started, add an SNMP v3 credential to your account. When you create a scan, you can choose what credentials to use from the Credentials tab. You can also add SNMP v2 community string credentials to your account to use in scans. SNMP v2 and v3 credentials can be constrained to specific subnets and organizations.
Download diagnostic logs for tasks #
You can download diagnostic logs to troubleshoot issues that may occur with your scan, import, and connector tasks. Diagnostic logs are available for completed and failed tasks and viewable from the task details page.
Supported TLS version enumeration #
Rumble 2.8 helps you shine a light on older versions of TLS/SSL that are still supported by an asset. Good cyber hygiene means taking care of any assets still supporting SSLv2 or v3 as soon as possible. Remember Heartbleed?
To identify assets that support older versions, there are two new service attributes you can look at:
tls.supportedVersionNames- Shows the version names supported by an asset service (e.g., SSLv2).
tls.supportedVersions- Shows the versions supported by an asset service (e.g. 0x0200).
We’ve also added a prebuilt query to our library to help you quickly identify assets that support SSL v2 or SSL v3.
Rumble also shows the default TLS version an endpoint negotiates. You can look at the
tls.versionName (and all other
tls.* attributes for an asset service) for more information around this TLS version.
Self-host Rumble on more operating systems #
You can self-host Rumble now on Debian Linux 9, 10, and 11 and Oracle Linux 7.x and 8.x x86_64.
User experience improvements #
Manage third-party credentials globally #
You might have noticed, but we’ve added quite a few integrations recently. While we added third-party credential management in Rumble 2.4, it wasn’t the easiest to find (it was in your account settings). We wanted to make it easier for you to configure and manage your credentials, so we added a new
Credentials menu under your Global Settings. It’ll take you directly to all of your credentials. Happy integrating!
Easily see recurring and scheduled task details #
The Tasks page now shows cards for recurring and scheduled tasks, making it easier to view details on a task-level. Each card displays the schedule type, site, explorer, and source, as well as the run details. The card view will help you quickly check the status of upcoming tasks, as well as see when they are running next. Cards also have modify, copy, and remove actions available for the task.
Build your search query with an editor #
The Search bar has a new look and feel that matches the other updated areas of the UI. There is a new Edit query button that opens a new, resizable multi-line editor for your query input. Use this editor when you have long queries, and you want to see the query in its entirety. The save, copy query link, and reset buttons have been moved next to the Search bar.
Release notes #
This release includes a rollup of all the 2.7.x updates. Read the changelog to see all the improvements and updates in this release.
Get started with Rumble #
Want to take Rumble for a spin? Sign up for a free trial to try out these capabilities free for 21 days.
September 26, 2023
runZero 4.0: Introducing the runZero Platform and our new Community Edition
What’s new in runZero 4.0? Introducing the runZero Platform and our new Community Edition!
July 11, 2023
runZero 3.10: New integrations page, UX improvements, Black Hat 2023!
What’s new in runZero 3.10? Integrations page and menu updates, a redesigned Explorer detail page, and a peek at what’s coming soon!
June 13, 2023
runZero 3.9: Set measurable goals, find urgent issues, and preview of Attack Surface Management!
What’s new in runZero 3.9? Tracking goal progress, preview of Attack Surface Management, and new Rapid Responses!
Subscribe and stay in the loop!
We won't share your email.
Unsubscribe at any time.