runZero Minutes: Our Monthly Newsletter

Fall Vibes at runZero

It's October... the perfect time to sip on a pumpkin spice latte while you uncover scary surprises in your attack surfaces and confront some bone-chilling vulnerabilities. We're here for you.

First up, Tod Beardsley, Vulnerability Analysis & Operations team lead at CISA, joins us for a special runZero Hour to share an insider’s perspective into CISA’s mission and managing the CISA KEV catalog.

Then, tune into our Halloween webcast, Dangerous Dark Matter: Confronting the Creepy Unknowns in Your Network, where we’ll share how to reveal hidden exposures and risky unknowns before they come back to haunt you.

Attending EDUCAUSE, DoDIIS, or FS-ISAC? We’ll be there! Stop by to see how we help safeguard everything from higher ed systems to critical infrastructure.

Finally, our research and engineering teams have been busy! Check out this month's very robust Rapid Response roundup. There’s plenty lurking in the shadows of attack surfaces everywhere, but luckily we've got some product updates to help illuminate the exposures.

Let's dive in!

Product Updates

We love our community of runZero users. And we love your feedback. Your insights inspire us to improve and innovate, and we're excited to share some of our latest product updates. Take a read and then try them out for yourself!

Don't have runZero yet? Fire up a 21-day, fully-loaded free trial for up to 100,000 assets, with a smooth transition to our free Community Edition – no sales call required.

 
Start a Free Trial
 
 

Enhance Visibility & Risk Management with New Integrations!

Tanium
With the release of the Tanium API Gateway integration, runZero enables you to sync and enrich your asset inventory with detailed endpoint data from Tanium. By pulling in attributes like software inventory, patch status, and endpoint health, and combining them with runZero’s network scanning, you can more effectively identify potential vulnerabilities, risky network connections, misconfigurations, and compliance issues across your network.

Microsoft Endpoint Configuration Manager (MECM)
You can now import data from the Microsoft Endpoint Configuration Manager (MECM) / System Center Configuration Manager (SCCM) MSSQL database. When combined with runZero's asset inventory, this feature enables you to cross-reference and sync device data, making it easier to identify unmanaged devices missed by other discovery methods. This integration enhances visibility, ensuring more comprehensive asset management and reducing the risk of shadow IT or unknown vulnerabilities across your network.


Optimize Performance & Scalability with ARM64 Self-hosting

You can now self-host runZero on ARM64 Linux, including AWS Graviton instances, offering better performance and cost efficiency. This provides more scalable deployments and greater control, ensuring your setup meets your organization’s needs while improving security.


Gain Deeper Insights with New Asset Discovery Enhancements

CUPS (IPP) Browser Protocol
On September 26th, we released a CUPS (IPP) Browser protocol probe, now enabled by default on your new scans. This update gives you enhanced visibility into your printing devices, helping you discover and manage vulnerable assets.


Following this release, on September 27th, we published a blog highlighting vulnerabilities in OpenPrinting CUPS associated with these protocols. When chained together, these vulnerabilities could potentially allow an attacker to execute remote code. Click here for more information on these advisories.

Oracle Solaris Service Tag Protocol
The recently introduced Oracle Solaris Service Tag Protocol in runZero enables automatic discovery and identification of Oracle Solaris systems across your network. This protocol allows you to gather detailed asset information without manual intervention, simplifying the process of tracking and managing these systems while ensuring compliance across your asset inventory.




Boost Efficiency with Improved SSO, MFA, & Multi-tab Support

New Login & Improvements to SSO & MFA
The redesigned login screen now features enhanced SSO and MFA for a smoother, more secure experience. The updated interface makes logging in faster and easier, while maintaining the strong security you expect. 

Multi-tab & Multi-org Support
Navigating multiple organizations in runZero just got easier. With improved support for handling multiple tabs, you can seamlessly manage different organizations without switching views. This enhancement streamlines your workflow, allowing you to keep track of everything in one place.

 
Explore More Updates
 
CTA BUTTON (A)
 
CTA BUTTON (A)
runZero Hour: October Episode with CISA
CISA joins us October 16th for a special episode of runZero Hour!

Join us for the next runZero Hour as we uncover how the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is leading the charge in securing the nation's cyber and physical infrastructure.

Tod Beardsley, Vulnerability Analysis and Operations team lead at CISA, will share insights into the agency's mission and their management of the CISA Known Exploited Vulnerabilities (KEV) catalog. We'll also review the latest security threats in our Rapid Response round-up.

And… an important news flash: runZero Hour is now a subscription series!

Now it’s even easier to jump down the security rabbit hole every month. Register for this runZero Hour to automatically receive calendar reminders for the remaining episodes in 2024.

 
Register Now
 
 
Halloween Webcast: Dangerous Dark Matter
Halloween Webcast: Dive Into Dangerous Dark Matter

Tune in to learn what our research reveals about the hidden threats and “network dark matter” lurking in the shadows of your attack surfaces.

Ali Cheikh will share real-world examples where unknowns and dark matter were exploited with chilling outcomes. He'll also show you how to shine a light on the dark corners of your network and discuss strategies to protect yourself—before exposures and unknowns come back to haunt you!

 
Register Now
 
 
Webcasts
runZero Hour: The SSHamble Edition
On-Demand

Missed the latest on SSH vulnerabilities? This runZero Hour episode dives into unexpected Secure Shell protocol exposures and features a demo of SSHamble, our new open-source tool that helps with research and security testing of SSH services. 
Watch now ›

Safeguarding OT/ICS Assets: Insights from the U.S. Department of Energy
On-Demand
Tune in for insights on securing OT/ICS assets. Experts from the National Renewable Energy Lab share challenges, best practices, and their evaluation of the runZero Platform, including their conclusions that our active scanning can be safely used in OT environments. Watch now ›

runZero Hour: Episode 10
On-Demand
Our research team dives into key OT protocols, RDP security, and the latest vulnerability discoveries. Watch now ›

 
See All Webcasts
 
CTA BUTTON (A)
 
CTA BUTTON (A)
Events
Innovate Scottsdale 2024
October 6-8 @ Scottsdale, AZ
Headed to Scottsdale? Come by our table in the Carahsoft Pavillion, see a demo, and learn how runZero is improving security for organizations like yours.

CISO XC
October 8 @ Dallas, TX
We’re excited to sponsor the upcoming CISO XC Executive Event—a collaborative community of cybersecurity executives and strategic partners in the DFW metroplex dedicated to enhancing information security. 

JawnCon0x1

October 11-12 @ Glendale, PA
runZero Founder and CEO HD Moore is headed to Arcadia University to dig into the past, present, and future of network exploration —from the telephone system to virtual overlay IP networks and everything in between. Let's connect!

EDUCAUSE Annual Conference 2024
October 21-24 @ San Antonio, TX
The EDUCAUSE Annual Conference connects the best thinkers in higher education technology. Join us at booth #3026 where we will provide personalized product demos, chat about our product roadmap, and more!

The Cyber Breakfast Club: 4th Annual Summit
October 23 • Virtual
HD Moore will be speaking at the 4th Annual Cyber Security Summit, presented by The Cyber Breakfast Club.

DoDIIS Worldwide Conference 2024
October 27-30 @ Omaha, NE
Join us in beautiful Omaha, along with senior leaders, technical experts, and innovators from across the DoD, Intelligence Community, industry, and academia. Stop by booth #2119 to meet our federal team and dive into the runZero Platform... you might just find yourself spinning the wheel to win some seriously chill prizes. 

FS-ISAC 2024 Americas Fall Summit
October 27-30 @ Atlanta, GA
We're heading to Atlanta to join FS-ISAC members for learning, collaboration, and networking. Swing by the Silver Solution Showcase on October 29th to join our sessions. Want to meet 1:1 at the show?  Schedule now ›
 
See All Events
 
CTA BUTTON (A)
 
CTA BUTTON (A)
Rapid Response

Did you know runZero can help you respond to remotely-discoverable zero-day threats without security probes or a rescan? It’s true!

Check out our Rapid Responses for tips from the runZero Research team and pre-built queries that can help you identify potential exposures in your environment — and that includes free trial users!


[Updated September 2024]
How to find OpenPrinting CUPS services on your network

[Updated September 2024]
How to find Cisco IOS & IOS-XE devices

[Updated September 2024]
How to find Advantech ADAM devices on your network

[Updated September 2024]
How to find XenServer and Citrix Hypervisor on your network

[Updated September 2024]
How to find Ivanti Cloud Services Appliance on your network

[Updated September 2024]
How to find GitLab instances

[Updated September 2024]
How to find VMware vCenter assets on your network

[Updated September 2024]
How to find D-Link routers on your network

[Updated September 2024]
How to find Rockwell Automation devices

[Updated September 2024]
How to find Siemens devices on your network

[Updated September 2024]
How to find Microsoft Windows 10, version 1507 systems on your network

[Updated September 2024]
How to find SonicWall devices on your network

[Updated September 2024]
How to find Veeam software on your network

[Updated September 2024]
How to find D-Link DIR-846W routers on your network

[Updated September 2024]
How to find Zyxel devices on your network

 
See All Rapid Responses
 
CTA BUTTON (A)
 
CTA BUTTON (A)
Articles and Podcasts
[runZero Blog]
Evolving from IT to IoT: Flax Typhoon preyed on the lesser knowns

[Press Release]
runZero recognized as a 2024 SC Media Awards finalist for Most Promising Early-Stage Startup

[Company News]
AmiViz partners with runZero to deliver enhanced cybersecurity visibility across networks
 
Read More Articles
 
CTA BUTTON (A)
 
CTA BUTTON (A)