|
|
Separating signal from noise amidst utter chaos.
Is May really almost over? Has it truly been a month since RSAC? The last few weeks have been a whirlwind. We've had Yetis circling the globe from Dubai to Louisville, Brussels to Baltimore, Cincinnati to Seattle. We've keynoted, given talks, met a ton of new friends, and reconnected with old ones.
Here are some other exciting developments:
- New research! Defenders rely on risk scores every day, but how useful are the signals behind them? In Divining Risk: Deciphering Signals From Vulnerability Scores, runZero’s Tod Beardsley cuts through the noise around CVSS, EPSS, and SSVC to help teams triage smarter. Give it a read and tell us what you think.
- Debates on our new research! Catch the the latest runZero Hour on-demand with special guest Jay Jacobs, EPSS expert. Get some hot takes on our analysis and insights about your favorite scoring systems.
- New product capabilities! We've been releasing new ways to detect exposures, a ton of Rapid Responses, and more great product features. See the full details below.
- New keynote! HD Moore recently kicked off Northsec in Montreal with "A Pirate's Guide to Snake Oil & Security," voyaging through the crowded world of vulnerability management. From clashing tribes to competing frameworks, get HD's take on navigating vendor claims and hype to find what actually works.
Last but not least, we're hitting the road again (or maybe we never got off it). If you're headed to London for Infosecurity Europe or National Harbor for Gartner Security & Risk Management Summit, stop by and connect with us. And don't miss an epic night on a ferris wheel.
Enjoy!
The runZero Team
|
|
|
|
|
|
Vulnerability scores shape how defenders prioritize every day, but which signals actually matter?
In Divining Risk: Deciphering Signals From Vulnerability Scores, Tod Beardsley (VP of Security Research) digs into what each scoring system gets right and where they fall short so that you can triage more effectively.
Inside the report:
- Clear breakdowns of CVSS, EPSS, and SSVC — what’s useful, what’s not, and why
- An analysis of signals from 270,000+ CVEs, including surprising shifts in EPSS scores
- Insights on blending scoring systems with real-world context to improve prioritization
But wait, there's more! Watch our latest runZero Hour on-demand as Tod and Rob King debate the findings with EPSS co-creator Jay Jacobs. From data-driven insights to hot takes on what’s broken (and fixable), it’s a conversation worth catching.
|
|
|
|
|
|
We’re always making improvements—some front and center, others under the hood—all aimed at making runZero work better for you!
Not using runZero yet? Start a 21-day fully featured trial for up to 100,000 assets. When it ends, you can move seamlessly to our free Community Edition. No forms, no sales calls. Just better visibility and exposure detection.
Less Scanner Noise. More Signal.
We're on a mission to help you ditch traditional vulnerability scanners. See how runZero works hand-in-hand with your EDR agents — letting them handle authenticated discovery on managed devices while we uncover everything else. This lets you:
- Maximize the value of your existing tools
- Phase out ineffective and redundant scanner functionality
- Reveal assets and exposures that legacy tools can never reach
To support this, we’ve supercharged our integrations:
- Microsoft 365 Defender: Now imports software and vulnerability data directly into runZero
- SentinelOne: Now supports vulnerability import with improved performance and reliability
No More Re-Scanning Headaches.
We continue to ship Rapid Response detections for critical threats — often within 24 hours of disclosure — so you can identify at-risk assets faster and without needing to rescan.
See all Rapid Responses ›
Beyond Rapid Response, we’re constantly expanding and refining our detection capabilities to keep pace with evolving adversary tactics.
- New detections added: CrushFTP, GitLab RCEs, ElasticSearch, Fortinet, Plesk, F5, SonicWall, Palo Alto, Cisco ConfD, and more
- Expanded coverage: Misconfigurations, end-of-life devices, and insecure service behavior — not just CVEs
Smarter Fingerprinting, Fewer Blind Spots.
Our latest fingerprinting updates improve precision, especially for hard-to-identify OT, IoT, and shadow IT devices.
- New HTTP body fingerprint engine: Launching with Yii PHP, with more to come
- Dynamic fingerprinting upgrades: Enhanced coverage for Rockwell, Siemens, KUKA, Roku, BrightSign, and more
- Phantom device detection improvements: Smarter filtering for SilverPeak and Aruba environments
- SNMP probing enhancements: Improved detection for Fortinet, SonicWall, Ivanti, and F5 devices
- Broader device coverage: Including Adobe ColdFusion, Cisco IP phones and switches, Rockwell thin clients, and industrial barcode scanners
- More accurate Windows OS detection via Defender integration
Performance That Keeps Up With You.
We’ve rolled out behind-the-scenes improvements that make your experience faster, cleaner, and more reliable.
- Optimized event log performance and more responsive wildcard search
- Improved asset merging and more reliable vulnerability exports
- PII exclusion support for privacy-conscious environments
|
|
|
|
|
|
Infosecurity Europe • June 3 - 5 @ ExCel London
Come see our crew in Stand D108! Just look for the very tall Yeti. Literally. We'll be serving up:
- Free coffee
- Cool Yeti gear
- Instant visibility into IT, OT, IoT, mobile, and cloud
- Total attack surface management
- No agents. No authentication. No blind spots.
Then join us, our partner Distology, and some other standout cyber vendors for:
- Cocktails and conversations
- Wednesday, June 4th
- From 16:30pm - late
- WXYZ Bar, Aloft Hotel (located right next to the ExCel)
- Register here ›
Hope to see you there!
|
|
|
|
|
|
Gartner Security & Risk Management Summit • June 9 - 11 @ National Harbor
On the heels of London, we're hopping the pond for Gartner Security & Risk Management Summit. And we have quite a line-up planned for you!
→ Swing by Booth 456 for demos, swag, and delightful conversation!
→ Then, don't miss the most epic event of the Summit! We're taking over the Flight Deck with our friends at Ghost Security and Arms Cyber. Join us for an invite-only night of real conversations, strong drinks, and panoramic views… plus a ferris wheel, because why not?!
Space on the Flight Deck is limited! Register here ›
→ If heights aren't your jam, rock up to our happy hour with Guidepoint at the Walrus and Oyster Ale House for some tasty bites and signature cocktails.
Save your spot! Register for the Guidepoint happy hour ›
|
|
|
|
|
|
runZero Hour: Episode 19
June 18 @ 10AM PT / 1PM ET
Our upcoming runZero Hour will feature Jerry Gamblin, Principal Engineer for Cisco’s Threat Detection & Response. Jerry joins us for a deep dive into today’s vulnerability landscape — from CVE trends and statistics to the launch of his new MCP (Model Context Protocol) server, which uses LLMs to summarize CVEs with more context and clarity.
From Exposed to Empowered: Fixing Fatal Flaws in Vuln Management
Just aired — watch it on-demand!
Vulnerability management needs a reboot. Join runZero and Secon as HD Moore breaks down why traditional tools—CVE scanners, dashboards, and risk scores—miss today’s most dangerous exposures. Learn how attackers view your environment, what your tools are overlooking, and how to cut through the noise to reveal true risk.
Defending Against Zero Day Threats and Other Unknown Unknowns
Just aired — watch it on-demand!
runZero’s own Tod Beardsley joins a line-up of security experts in this EcoCast focused on zero-day exploits and emerging threats. Learn how to strengthen your defenses before attackers strike, from improving visibility to building resilience against the unknown.
Your Next Incident Won't Have a CVE
On-Demand
HD Moore dissects why your next breach won’t be tied to a CVE and reveals why your security stack is failing you through the lens of an attacker. Get new perspectives on what’s required in the next era of exposure management to overcome decades-old challenges with existing tooling. See how you can finally illuminate the true risks that can get you owned, fill the dangerous gaps your legacy solutions left behind, and shrink the window of exploitability.
See all webcasts ›
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
runZero, Inc. is located remotely around the country, but headquartered in sunny Austin, TX, USA.
|
|
|
|
|
