runZero Hour: Episode 1

Overview

Episode one of runZero Hour webcast highlighted outlier hunting as a tactic for improving security defense. Looking for the oddball exceptions on your network can be used alongside vulnerability scanning to surface risks quickly. For anyone looking to prevent the compromise, hunting outliers is worthwhile.

Hunting for outliers takes two forms. The focus is on identifying devices different from the others, especially if there is only one or a few on the network. Such devices often lack standard security controls, leaving them susceptible to threats and overlooked in governance and business continuity plans. The second is identifying attributes of devices that should be unique but aren’t. TLS certificates and SSH keys should be unique on every device, whether bare-metal or virtual. Such duplication potentially indicates inappropriate cloning of services or other lack of governance. Whatever the case might be, it’s worth a security review.

Both of these approaches help security teams to surface unknown risks and prioritize known risks on the network. An intriguing revelation from our analysis of outliers is the strong correlation between outlier rank and vulnerability scanner risk rank. Devices with high outlier ranks are likely to have higher risk, so finding outliers is a fast and effective way to identify and address the most critical vulnerabilities.

This was just one topic on the runZero Hour webcast. Watch for additional insights on funky protocols, oddball devices, and the year-end roundup for Rapid Response.

Meet Our Speakers

HD Moore

CEO and Co-Founder

Huxley Barbee

Former Security Evangelist

Rob King

Director of Security Research

Tom Sellers

Principal Research Engineer

Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.


Related Resources

Webcasts
runZero Hour: Episode 8
The latest insights (and opinions!) on the impending US ban of Kaspersky products, the FBI's warning for threats against the renewable energy...
Webcasts
runZero Hour: Episode 9
Join the runZero research team for a special episode of runZero Hour featuring our deep dive research on the SSH protocol and SSHamble, an open...
Webcasts
Unknown Assets are the Achilles Heel of Effective Cyber Defense — And Zero Trust
Achieving complete visibility across complex environments is a core tenet of zero trust. See how to achieve your goals with tips form our experts.
Webcasts
Department of Energy Cyberforce Program: Operational Technology Threat Landscape
Rob King joins the Department of Energy Cyberforce Program to share his deep expertise on the operational technology (OT) threat landscape.

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

© Copyright 2024 runZero, Inc. All Rights Reserved