Discover your entire infrastructure

Cyber asset discovery

Uncover all managed and unmanaged devices, IT, IoT, and OT, from all environments, on-premise, cloud, and remote.

Once discovered, it is easy to see which devices are missing an EDR agent, are not included in vulnerability scans, or violate policy.

Start trial Book a demo

“You can't protect what you can't see, so you need to be able to see your entire IT estate. With runZero, it's scary the amount of information it is able to get with unauthenticated scanning.”

Jason Loveday | Information Security Manager | ACH Group

The importance of cyber asset discovery

Asset discovery is the fundamental first step in protecting the network according to CIS Critical Security Controls, the NIST Cybersecurity Framework, among others. Many customers find out they have more assets than they thought. One customer uncovered ten times the number of devices after using runZero. Until you know about everything connected to your network, the size of your attack surface is unknown.

Risky unmanaged devices

Unmanaged devices that have "slipped through the cracks" through staffing changes, updates of business strategy, and mergers & acquisitions introduce the most extreme risks. Nobody knows who's responsible for them, so they never get patched, making them vulnerable to intruders.

Vulnerable cloud environments

Temporary cloud environments become vulnerable when abandoned without proper decommissioning. Even worse, many organizations don't even know what networks they have.

Previously unknown subnets

Plenty of subnets spring up on their own as if by magic, and if you're not looking for them, there's a good chance you won't even know they exist.

Try runZero for free

Start trial Book a demo

How runZero helps


Discover assets and services – everywhere

runZero’s secret sauce comes from combining the best of API connectors and our scanner. The proprietary, unauthenticated scanner safely elicits information as a security researcher would, extracting asset details and accurately fingerprinting operating systems, services, and hardware. The API connectors provide even more comprehensive insight into your cyber assets by ingesting and correlating with cyber asset data from IT and security tools in your technology stack.

Safe scanning

Include fragile IT and OT devices

runZero has been designed without aggressive scan tactics that can destabilize some IT and OT devices. Our customers regularly scan manufacturing, energy and healthcare environments without issues using runZero which delivers better visibility than with passive network monitoring.

  • Our proprietary scan technology only sends well-formed IP packets and does not use security probes.
  • We use an incremental fingerprinting approach aimed at detecting fragile devices. If we encounter a fragile device, we modify our method to scan these devices safely.
  • You can easily limit the number of packets per device and spread the workload across the entire IP range to scan without overloading individual devices.
RFC 1918

Find previously unknown subnets

  • Run a scan of your entire internal address space (RFC 1918) to get situational awareness of active subnets, then run a full audit scan.
  • Quickly spot any MAC addresses that are connected to your network devices but unreachable by your current runZero Explorers.
  • Find hints of active subnets in the RFC 1918 map when devices leak secondary network interfaces.
Better together

Unify and enrich asset data from your existing IT and security tools

  • Add off-network assets, BYOD devices and software from MDMs and EDRs, such as CrowdStrike, Microsoft Defender, Intune and SentinelOne, to your inventory.
  • Integrate with AWS, Microsoft Azure, GCP and VMware to pull virtualized compute and non-compute resources.
  • Take in vulnerability data from vuln scanners like Rapid7 and Tenable and round out your inventory with perimeter scans from Censys and Shodan.
  • Bring your own integration and import assets from any external asset data source using the runZero ingress SDK with a bit of Python.
Export runZero data

Augment your CMDBs and SIEMs with better data

  • Build a common foundation for your asset inventory across the organization by feeding runZero data into CMDBs and SIEMs.
  • Use runZero’s export APIs or out-of-the-box integrations with ServiceNow and Splunk.
Risk assessment

Reduce blindspots for mergers or acquisitions

Effortlessly gather data to feed into a risk assessment about a target company.

  • runZero doesn’t need credentials which makes it easy to deploy and no need to involve additional teams.
  • Our scanner is lightweight and deploys on numerous platforms, including Raspberry Pis, making it easy to discover assets behind a firewall.
  • Thoroughly and quickly support M&A due diligence while keeping with the principle of need-to-know.
Explore more runZero use cases:

Cyber asset inventory CAASM Cyber hygiene

Get runZero for free

runZero is a cyber asset attack surface management solution that is the easiest way to get full asset inventory with actionable intelligence