runZero has unveiled the availability of of their new runZero Platform, which introduces a number of new features, most notably the addition of native passive discovery.
This functionality positions runZero as the CAASM (cyber asset attack surface management) solution to combine proprietary active scanning, native passive discovery, and API integrations.
Unifying all of these approaches makes runZero able to deliver comprehensive coverage across managed and unmanaged devices, including the full spectrum of IT, OT, IoT, cloud, mobile, and remote assets.
“We believe that comprehensive security visibility is the foundation for effective risk and exposure management,” said HD Moore, CTO of runZero.
“The new runZero Platform enables us to provide our customers and community the most complete view of their environments by combining novel active and passive discovery and fingerprinting techniques with integrated data sources. In doing so, we can deliver unprecedented depth and breadth of coverage, helping security teams quickly surface vulnerabilities, accelerate incident response, and proactively close security controls gaps,” Moore added.
runZero has taken a new approach to CAASM by combining integrations with their own proprietary active scanning and passive discovery technology to deliver complete visibility across both IT and OT environments, as well as IoT, cloud, mobile, and remote assets.
Offering both active and passive native approaches gives customers ultimate flexibility in a single, unified solution and eliminates the need for multiple, siloed tools. These capabilities also enable runZero to uncover previously unknown devices, subnets, and shadow IT, with some customers reporting discovery of up to 10x more assets than they were previously aware of.
runZero’s new passive discovery technology leverages techniques for traffic sampling. This novel approach makes the runZero Platform much faster, more efficient, and easier to implement.
Passive discovery augments the existing sources in the runZero Platform to provide always-on discovery for assets that might miss active scan windows, and coverage for fragile OT environments where active scanning is not permitted or scanning windows are highly restrictive.
“runZero’s traffic sampling functionality immediately improved our visibility into the large OT networks we manage on behalf of our customers,” said Cameron Exley, Head of Technology Commercialisation, Syntric Pty.
“The sampling functionality has highlighted bridged networks that were configured in a way active scanning was unable to detect. Further, some legacy networks under our management have been configured with extremely large broadcast domains. Active scans can take days to complete and provide results, whilst adding to the load of usually fragile networks. Sampling produces results within minutes and allows us to begin our work whilst an active scan runs in the background,” Exley continued.
runZero also introduced a new free version of the runZero Platform as part of this launch. The Community Edition is completely free and designed for small businesses, individuals, and security researchers who have 100 or fewer assets.
runZero Platform Community Edition is fully functional, including active scanning, integrations, and the new passive discovery capabilities.