Kivu Consulting trusts runZero to quickly address vulnerabilities and exploits.

Overview

Kivu Consulting was searching for a solution that would enable their customers to proactively strengthen their cybersecurity, particularly against ransomware and other threats. Their runZero rollout happened to coincide with the emergence of Log4J, providing immediate value in a critical moment. Thanks to runZero’s ability to identify 0-day threats without rescanning, Kivu Consulting and their clients could quickly address exposures related to Log4J. runZero has also helped Kivu Consulting's clients avoid spending on unnecessary security services.

Favorable Outcomes

How runZero helped:

Fast incident response

By leveraging runZero’s canned queries, Kivu Consulting was able to quickly address Log4J, other vulnerabilities, and risky misconfigurations.

Cost savings

runZero’s asset ownership feature enable Kivu Consulting customers to assign assets without leveraging a vendor to conduct an audit.

Proactive approach

runZero has become Kivu Consulting’s go-to cyber asset discovery and remediation solution for a truly proactive approach to cyber security.

Problem

Kivu Consulting is an incident response consulting company that specializes in post-breach remediation, managed security services, and security program maturity support for their customers. They were witnessing the challenges their customers were facing with improperly deployed security rules and not knowing which assets were missing EDR agents. Kivu Consulting needed to provide their customers with a solution for asset inventory and management to impart vital insight into the assets on their networks and be able to determine their level of risk to reduce their security vulnerabilities and prevent future attacks.

Solution

After first hearing about runZero on a security podcast, the Kivu Consulting team became intrigued and decided to initially test it out internally. They leveraged runZero to locate unmanaged devices and rogue assets as a result of their workforce moving to a work-from-home environment. It proved to be an invaluable tool, which ultimately convinced their leadership to move forward with bringing runZero onboard and deploying the solution on a broader scale to their customers.

Outcomes

About a month post-deployment of runZero, the Log4J/Log4Shell vulnerability emerged. Kivu Consulting leveraged runZero's ready-to-use queries to swiftly pinpoint the vulnerability within their clients' networks and identify affected software libraries—a significant undertaking. This capability, coupled with the elimination of rescans, enabled quick and proactive remediation advice over the crucial weekend. Since this incident, Kivu Consulting has continued to rely on runZero for identifying further vulnerabilities and risky configurations, saving crucial time in thwarting potential cyber-attacks.

Why runZero?

"We have clients coming out of incident response engagements where they're asking about some of these zero-day vulnerabilities and exploits. Oftentimes, runZero already has a search query in place for us. So, from a threat hunting and proactive security standpoint, these queries are a huge advantage in time saving and information gain." - Chase Martin | Senior Consultant | Kivu Consulting

© Copyright 2024 runZero, Inc. All Rights Reserved