2024_12_Corporate_Holidays_Minutes_Email_Header.png

'Tis the season for all things merry and bright. 

Happy holidays! The eggnog is flowing, lights are twinkling, and airports are utter chaos. We wish all of you a very merry holiday season and a happy new year!

With last-minute deliveries arriving on doorsteps and in inboxes, we've rounded up a few of our favorite things from 2024 as our gift to you. Here's a peek at what's inside this month's edition:

  • New research from HD Moore on inside-out attack surface management
  • A full year of on-demand runZero Hours (and a link to subscribe to the 2025 research webcast series!)
  • Our inaugural research report
  • Our first open source tool
  • Our favorite webcasts
  • Rapid Responses to help you tackle zero-day threats into the New Year

As we look ahead to 2025, we’re grateful for your support. This edition also marks one year of runZero Minutes; we truly hope these newsletters have offered helpful tools and insights to help you stay secure.

The runZero Team

Inside Out Attack Surface Management

HD Moore’s Latest Research: Inside Out Attack Surface Management

We've got new research that will forever redefine how you approach attack surface management. See how flipping external approaches inside-out overcomes common challenges like attribution accuracy and false positives, and why starting with a deep understanding of your internal attack surface delivers significant improvements in external defenses.

Tune in now to learn:

  • How to find hidden risks that other solutions miss: Uncover high-risk exposures, cloned servers, exposed encryption keys, duplicated certificates, misconfigurations, and other vulnerabilities that traditional EASM tools often miss.

  • Why asset fingerprinting is key: Understand why an accurate view of your external attack surface starts with detailed asset fingerprinting—not just IPs and domain names—enabling you to determine if any assets discovered within your internal networks are also visible on the public internet.

  • Inside-out techniques in action: See a live demonstration of how inside-out methods, powered by the runZero Platform, can reveal what’s truly at risk and how everything is connected.

Check out this novel approach to bridge amazing internal visibility with external defenses.

 
Watch Now
 
 

Our first year of runZero Hour is a wrap!

Cozy up with your favorite holiday beverage and watch all thirteen episodes of runZero Hour on-demand! Jump down the security rabbit hole to investigate risky exposures and attack surface anomalies, and get the lowdown from our expert researchers who have been unpacking them for decades.

Watch on-demand ›

Gear up for 2025 and ensure you don't miss an episode by subscribing to the runZero Hour series. Tap into novel insights, pioneering research, and practical strategies to help you stay secure... plus some good old-fashioned cybersecurity fun and entertainment!

Register for the 2025 series ›

 
Join Us!
 
 

Check out our inaugural research report! 

The runZero research team analyzed tens of millions of data points to better understand today’s attack surfaces, exposure patterns, and emerging threats—and the results were surprising!

Download "The State of Asset Security: Uncovering Alarming Gaps & Unexpected Exposures" to see what we found, including:

  • Unusual assets are risky assets—and how to find the “outliers” on your network
  • OT/ICS devices are increasingly connected to the public Internet—and what to look for in your environment
  • More than half of physical devices are invisible or offer “limited visibility” to security teams—and methods for uncovering this “dark matter”
  • Network segmentation is decaying—and ways to visualize and verify segmentation quickly
  • Zero-day attacks at the network edge are surging—and how you can better defend yourself
 
Get the Report
 
 
Get our first open source tool: SSHamble.

SSHamble simulates potential attack scenarios, including unauthorized remote access due to unexpected state transitions, remote command execution in post-session login implementations, and information leakage through unlimited high-speed authentication requests.

The SSHamble interactive shell provides raw access to SSH requests in the post-session (but pre-execution) environment, allowing for simple testing of environment controls, signal processing, port forwarding, and more.

Ready to dive in?
 
Get SSHamble
 
rZ Hour: SSH Edition
 
DEF CON 32

Popular webcasts of 2024

runZero Hour, Ep. 13: Anniversary episode reflecting on 2024 through the lens of IT-OT/IoT convergence

On-Demand
We gathered an all-star panel of cybersecurity experts to look back on 2024 through the lens of IT-OT/IoT convergence. Together, we shared real-world experiences from the trenches and unpacked the progress made in safeguarding complex attack surfaces, as well as the ongoing hurdles that continued to expose critical systems.

runZero Hour, Ep. 11: A CISA insider's perspective on managing the KEV catalog
On-Demand
Ever wondered how CISA tackles its crucial role in protecting the nation’s cyber and physical infrastructure? Tod Beardsley, Section Chief for Vulnerability Analysis and Operations, at the U.S. Cybersecurity and Infrastructure Security Agency (CISA), joined us to share an insider’s perspective into CISA’s mission and the management of the  Known Exploited Vulnerabilities (KEV) catalog.

Safeguarding OT/ICS Assets: Insights from the U.S. Department of Energy
On-Demand
Hear an insightful discussion on asset identification, attack surface enumeration, and configuration management of OT/ICS devices through the lens of a new, groundbreaking research report from the National Renewable Energy Lab’s (NREL) Clean Energy Cybersecurity Accelerator™ (CECA) program.

Dangerous Dark Matter: Confronting the Creepy Unknowns in Your Network
On-Demand
Explore “network dark matter” and zero-day threats, with real-world examples of how these unknowns have been exploited. Learn strategies to illuminate and secure the dark corners of your network.

Rapid Response

Did you know runZero can help you respond to zero-day threats without security probes or a rescan? It’s true!

Check out our Rapid Response posts for tips from our runZero Research team and pre-built queries that can help you identify potential exposures in your environment — and that includes free trial users!


[Updated Dec. 2024]
How to find Go SSH servers on your network

[Updated Dec. 2024]
How to find Siemens devices on your network

[Updated Dec. 2024]
How to find potentially vulnerable Ivanti Connect Secure and Policy Secure installations

[Updated Dec. 2024]
How to find Cleo Harmony, LexiCom, and VLTransfer installations on your network

[Updated Dec. 2024]
How to find Cisco NX-OS assets on your network

[Updated Dec. 2024]
How to find Automation Direct C-MORE EA9 HMI devices

[Updated Dec. 2024]
How to find Veeam software on your network

See all Rapid Responses ›
runZero
 
runZero, Inc. is located remotely around the country, but headquartered in sunny Austin, TX, USA.