runZero Hour: Episode 1


Episode one of runZero Hour webcast highlighted outlier hunting as a tactic for improving security defense. Looking for the oddball exceptions on your network can be used alongside vulnerability scanning to surface risks quickly. For anyone looking to prevent the compromise, hunting outliers is worthwhile.

Hunting for outliers takes two forms. The focus is on identifying devices different from the others, especially if there is only one or a few on the network. Such devices often lack standard security controls, leaving them susceptible to threats and overlooked in governance and business continuity plans. The second is identifying attributes of devices that should be unique but aren’t. TLS certificates and SSH keys should be unique on every device, whether bare-metal or virtual. Such duplication potentially indicates inappropriate cloning of services or other lack of governance. Whatever the case might be, it’s worth a security review.

Both of these approaches help security teams to surface unknown risks and prioritize known risks on the network. An intriguing revelation from our analysis of outliers is the strong correlation between outlier rank and vulnerability scanner risk rank. Devices with high outlier ranks are likely to have higher risk, so finding outliers is a fast and effective way to identify and address the most critical vulnerabilities.

This was just one topic on the runZero Hour webcast. Watch for additional insights on funky protocols, oddball devices, and the year-end roundup for Rapid Response.

Meet Our Speakers

HD Moore

CEO and Co-Founder

Huxley Barbee

Former Security Evangelist

Rob King

Director of Security Research

Tom Sellers

Principal Research Engineer

Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.

Related Resources

runZero Hour: Episode 5
On this episode, the runZero Research team dives into some hot topics including the XZ Utils Backdoor (CVE-2024-3094) and expert analysis of the...
Securing OT/ICS Environments: Lessons from the Field
Watch this lively discussion on the latest OT and ICS security challenges and how they are being addressed in the field by OT security experts.
runZero Hour: Episode 4
The fourth episode of runZero Hour, featuring the latest insights, anecdotes, and observations from the runZero Research team.
runZero Hour: Episode 3
Episode 3 of the runZero Hour webcast gave us a flavor of what it’s like to fingerprint OT protocols that aren’t as accessible if you aren’t part...

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

© Copyright 2024 runZero, Inc. All Rights Reserved