Risky Biz Podcast, Episode 645: Integrations for cloud APIs and Censys

Questions from the interview

What’s new with runZero?

Since we last joined Patrick on Risky Business, [runZero’s] released versions 2.6, 2.7, and 2.8. With the latest release focusing on cloud service API integrations and Censys data ingestion.

For Rumble 2.8, why did we focus on cloud and externally facing assets?

Cloud environments are becoming increasingly more wired to internal corporate networks through VPN connections. More people are looking for a complete view of what’s on their corporate network, what’s inside their cloud environment, and what’s visible externally using a service like Censys.

Why did we build cloud API integrations?

runZero doesn’t take a credentials-first approach. Most of the value we deliver is through unauthenticated, fast internal discovery. We combine the results from active scans and the API results to enrich the data we have.

We started to hear about customers who were scanning entire RFC 1918 spaces and finding things they didn’t know about. runZero would be able to tell them that it’s their AWS environment, and they’re actually routing their external AWS to their internal network. They were asking us questions like, “What instances are on it, what team owns it, what tag is on it?” runZero has the ability to connect to the AWS instance, support multi-account, and enumerate subaccounts, which means teams can now add owners, tags, and tracking information to those assets.

What are the use cases for the Censys integration?

There are generally two use cases:

  • People who are scanning their external environments and want to see what’s visible in runZero and visible from an external perspective.
  • People who are using external IP addresses internally and want to ensure those internal addresses aren’t reachable from the internet.

Is runZero only an internal asset discovery tool?

If you have an IP address, runZero can cover it.

There are even cases where runZero knows about the asset even if it doesn’t have the IP address. For example, with our VMware integration, we can tell you which VMs are running–even if they aren’t on your network or attached to anything at all. We do this by getting information out of the guest networking tools and networking API.

How can runZero help with advisories and breaking security news?

runZero focuses on turning your network into a knowledge base you can search. For example, when there’s breaking news, like with the recent PAX point-of-sale or Hikvision vulns, you can quickly query your inventory for those devices via our Rapid Response program. With vulnerability management flows, it can take weeks as they’re figuring out what they have, scanning the network, and trying to identify things that are vulnerable. runZero gives you the data ahead of time, so you don’t have to hunt it down.

Meet Our Speakers

HD Moore

Founder & CEO

Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.


Related Resources

Podcasts
Risky Biz Podcast, Episode 769: Sophos pwns Chinese APTs
This episode features runZero's Founder and CEO, HD Moore, who joins to talk about marrying up the outside and inside views of your network.
Podcasts
La Jaula del N00b Interview with HD Moore
This episode of La Jaula del N00b features HD Moore where he shares his story, challenges, and vision in cybersecurity.
Podcasts
The Coffee and Pizza Podcast #0011: This Hacker (HD Moore) created Metasploit
Tune in to see HD Moore on a special episode of the Pizza and Coffee podcast as he shares challenges the challenges and triumphs associated with...
Podcasts
LimaCharlie: Defender Fridays - Decay of Network Segmentation with HD Moore
HD Moore, Founder and CEO at runZero, joined Defender Fridays to discuss the decay of network segmentation.

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

© Copyright 2024 runZero, Inc. All Rights Reserved