Simplifying network visiblity and asset inventory for security and IT teams

    runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.

    Company Mission

    Discovery is the first step to building the asset inventory needed for effective IT and security programs. Yet, most organizations struggle to obtain a true inventory of all the devices and services running in their networks. runZero’s mission is to make discovery as easy and safe as possible, so organizations know everything they have on their network and in the cloud.

    Why runZero

    Quickly
    deploy runZero anywhere, on any platform, in minutes

    SaaS or self-hosted: choose the deployment model that works for you. No agents, credentials, traffic captures, netflows, span ports, or network taps needed. Just deploy the runZero Explorer (a lightweight scan engine) to carry out scan operations and upload data to the console.

    Get the
    most accurate data about any asset on your network

    runZero provides critical context and data needed by incident response and security teams to accelerate decision making. Never wonder what an IP address is ever again. Instantly search your inventory for answers.

    Use runZero as a standalone or with other IT & security solutions

    Enrich runZero asset inventory with data from other IT and security solutions, like CMDBs, MDMs, and EDRs. Integrate runZero with your existing technology stack to achieve greater visibility of assets and services across your network.

    Simplifying network visiblity and asset inventory for security and IT teams

    runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.

    Company Mission

    Discovery is the first step to building the asset inventory needed for effective IT and security programs. Yet, most organizations struggle to obtain a true inventory of all the devices and services running in their networks. runZero’s mission is to make discovery as easy and safe as possible, so organizations know everything they have on their network and in the cloud.

    Why runZero

    Quickly
    deploy runZero anywhere, on any platform, in minutes

    SaaS or self-hosted: choose the deployment model that works for you. No agents, credentials, traffic captures, netflows, span ports, or network taps needed. Just deploy the runZero Explorer (a lightweight scan engine) to carry out scan operations and upload data to the console.

    Get the
    most accurate data about any asset on your network

    runZero provides critical context and data needed by incident response and security teams to accelerate decision making. Never wonder what an IP address is ever again. Instantly search your inventory for answers.

    Use runZero as a standalone or with other IT & security solutions

    Enrich runZero asset inventory with data from other IT and security solutions, like CMDBs, MDMs, and EDRs. Integrate runZero with your existing technology stack to achieve greater visibility of assets and services across your network.

    Discover your entire infrastructure

    Most asset inventory solutions have gaps in what they can detect. runZero covers all of your bases, including managed and unmanaged devices, on-premises and cloud assets, IT and OT infrastructure, devices at work and at home. With runZero, you can discover devices you may not know you even had.

    Get quality data with unauthenticated scans

    runZero’s secret sauce is its proprietary unauthenticated scanner, which safely elicits more information from devices than they should be giving up. In addition to accurate OS and service fingerprints, get attributes such as installed anti-malware products, secondary network interfaces, and Windows domain memberships.

    Get quality data with unauthenticated scans

    runZero’s secret sauce is its proprietary unauthenticated scanner, which safely elicits more information from devices than they should be giving up. In addition to accurate OS and service fingerprints, get attributes such as installed anti-malware products, secondary network interfaces, and Windows domain memberships.

    Augment asset data via APIs

    Once you have started with an active scan, augment your inventory with other sources through integrations. runZero ingests data from MDMs, EDR solutions such as CrowdStrike, and external perimeter scans such as Censys to round out your inventory. Integrate runZero with AWS, Microsoft Azure, and VMware to pull data from your cloud and virtualized environments.

    Include fragile IT and OT devices

    runZero has been designed without aggressive scan tactics that can destabilize some IT and OT devices. runZero’s proprietary scan technology only sends well-formed IP packets and does not use security probes. You can limit the number of packets per device and spread the workload across the entire IP range to scan without overloading individual devices. runZero regularly scans manufacturing, energy and healthcare environments without issues and delivers better visibility than with passive network monitoring.

    Include fragile IT and OT devices

    runZero has been designed without aggressive scan tactics that can destabilize some IT and OT devices. runZero’s proprietary scan technology only sends well-formed IP packets and does not use security probes. You can limit the number of packets per device and spread the workload across the entire IP range to scan without overloading individual devices. runZero regularly scans manufacturing, energy and healthcare environments without issues and delivers better visibility than with passive network monitoring.

    Uncover unknown active subnets

    Scan the entire internal address space (RFC 1918) overnight to get situational awareness of active subnets, then run a full audit scan. Spot any MAC addresses that are connected to your network devices but unreachable by your current explorers. Find hints of active subnets in the RFC 1918 map when devices leak secondary network interfaces.

    Augment your CMDBs and SIEMs with better data

    Build a common foundation for your asset inventory across the organization by feeding runZero data into CMDBs and SIEMs. Use runZero’s export APIs or out-of-the-box integrations with ServiceNow and Splunk.

    Augment your CMDBs and SIEMs with better data

    Build a common foundation for your asset inventory across the organization by feeding runZero data into CMDBs and SIEMs. Use runZero’s export APIs or out-of-the-box integrations with ServiceNow and Splunk.