Unique combination of proprietary active scanning, native passive discovery, & API integrations surfaces unknown assets and delivers complete security visibility in minutes
AUSTIN, TEXAS — September 26, 2023 — runZero announced today the availability of their new runZero Platform, which introduces a number of new features, most notably the addition of native passive discovery. This game-changing functionality positions runZero as the only CAASM (cyber asset attack surface management) solution to combine proprietary active scanning, native passive discovery, and API integrations. Unifying all of these approaches makes runZero unique in its ability to deliver comprehensive coverage across managed and unmanaged devices, including the full spectrum of IT, OT, IoT, cloud, mobile, and remote assets.
runZero has evolved and matured from an innovative asset inventory and network discovery product to a world-class CAASM solution under the technical direction of Founder and CEO HD Moore, well known in the security industry as the creator of Metasploit. The new and improved runZero Platform represents the culmination of four years of innovation, and fittingly this is version 4.0 of runZero’s technology.
“We believe that comprehensive security visibility is the foundation for effective risk and exposure management,” said HD. “The new runZero Platform enables us to provide our customers and community the most complete view of their environments by combining novel active and passive discovery and fingerprinting techniques with integrated data sources. In doing so, we can deliver unprecedented depth and breadth of coverage, helping security teams quickly surface vulnerabilities, accelerate incident response, and proactively close security controls gaps.”
Achieving unified, accurate security visibility across IT & OT
Other CAASM solutions on the market rely primarily on integrations to inventory assets; because they are dependent upon third-party sources, these solutions are notoriously incomplete and lack visibility into unknown and unmanaged assets, which typically pose the greatest security risk to organizations. Additionally, these solutions often lack coverage for operational technology (OT), such as devices used in industrial environments and critical infrastructure. As a result, security teams have been forced to purchase and maintain multiple tools to bridge the gap between their IT and OT environments.
runZero has taken a new approach to CAASM by combining integrations with their own proprietary active scanning and passive discovery technology to deliver complete visibility across both IT and OT environments, as well as IoT, cloud, mobile, and remote assets.
Offering both active and passive native approaches gives customers ultimate flexibility in a single, unified solution and eliminates the need for multiple, siloed tools. These capabilities also enable runZero to uncover previously unknown devices, subnets, and shadow IT, with some customers reporting discovery of up to 10x more assets than they were previously aware of.
runZero innovates passive discovery after redefining active network scanning
Highly regarded by customers for its effectiveness, runZero’s safe scanning technology represents a revolutionary take on active scanning. It was designed to creatively gather data points just as an attacker would, extracting asset details to deliver in-depth fingerprinting and insights into operating systems, services, and hardware, providing a remarkable level of visibility into devices and their characteristics.
runZero’s new passive discovery technology leverages equally innovative techniques for traffic sampling. This novel approach makes the runZero Platform much faster, more efficient, and easier to implement than traditional passive solutions on the market designed only for OT environments. Unlike these solutions, runZero does not require additional hardware or labor-intensive deployments.
Passive discovery augments the existing sources in the runZero Platform to provide always-on discovery for assets that might miss active scan windows, and coverage for fragile OT environments where active scanning is not permitted or scanning windows are highly restrictive.
“runZero’s traffic sampling functionality immediately improved our visibility into the large OT networks we manage on behalf of our customers,” said Cameron Exley, Head of Technology Commercialisation, Syntric Pty. “The sampling functionality has highlighted bridged networks that were configured in a way active scanning was unable to detect. Further, some legacy networks under our management have been configured with extremely large broadcast domains. Active scans can take days to complete and provide results, whilst adding to the load of usually fragile networks. Sampling produces results within minutes and allows us to begin our work whilst an active scan runs in the background.”
New free Community Edition democratizes access to foundational security capabilities
runZero also introduced a new free version of the runZero Platform as part of today’s launch. The Community Edition is completely free and designed for small businesses, individuals, and security researchers who have 100 or fewer assets.
runZero Platform Community Edition is fully functional, including active scanning, integrations, and the new passive discovery capabilities. The runZero team believes that everyone deserves to have complete security visibility into their assets and exposure, and has made free versions of their technology available to the broader community since its founding.
To access Community Edition, users simply need to start a free trial, which can be converted to Community Edition after 21 days.
Learn more
To learn more about the new runZero Platform and its capabilities: