SecurityBrief Canada - Technology news for CISOs & cybersecurity decision-makers
Canada
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Omdia
#
Asset Discovery
#
Risk Management

RunZero expands platform for enhanced exposure management

Today
Author image
By Kaleah Salmon, Journalist

runZero has announced the expansion of its platform, offering a novel approach to exposure management. The platform aims to assist organisations in managing risk across their total attack surfaces.

According to the company, runZero's updated platform facilitates security teams' identification, prioritisation, and addressing of various exposures across internal and external attack surfaces. This initiative focuses on exposures that are often missed by traditional vulnerability management solutions.

HD Moore, Founder and Chief Executive Officer of runZero, remarked, "Our industry needs a paradigm shift if we're going to secure today's complex attack surfaces successfully. Legacy approaches are fundamentally flawed, starting with incomplete knowledge of the attack surface itself and inadequate exposure detection capabilities."

"Our goal is to help security teams get better outcomes, which means detecting and prioritising the exposures that are most likely to be exploited, not flooding them with irrelevant alerts. runZero started by delivering comprehensive discovery across internal and external attack surfaces and is now leveraging novel techniques to uncover high-risk exposures that other solutions simply can't detect."

The platform aims to resolve Common Vulnerabilities and Exposures (CVEs) issues. The company points out that serious misconfigurations, such as exposed databases and broken network segmentation, pose major security risks and are not always effectively addressed by current vulnerability management approaches.

Traditional vulnerability management tools reportedly miss many vulnerabilities or require significant time before identification. This leaves organisations vulnerable and spending large resources on remediation efforts without adequately reducing risks, which runZero aims to change.

By leveraging advanced technology, runZero intends to offer more comprehensive visibility of organisational attack surfaces, identifying dormant assets and exposures that typically escape detection. Clients have discovered significantly more assets than previously known, acknowledging higher risk.

Rik Turner, Senior Principal Analyst at Omdia, commented on runZero's development, "While runZero started out in the most complex side of ASM, namely the CAASM market, it is already expanding into EASM and broader exposure management use cases, which is a salutary development. Its CAASM background provides the most solid foundation for such a move, giving it valuable insights into a customer's asset estate and making it a strong candidate for any ASM or exposure management project within an organisation."

The runZero platform's capabilities include detecting elusive exposures such as network segmentation failures, externally exposed internal assets, and misconfigurations in OT and IoT devices, all without necessitating rescanning assets.

runZero highlights a data-driven risk prioritisation feature designed to help security teams focus on critical threats by considering business context and device impact rather than inundating teams with non-critical alerts.

Along with new risk findings, today's unveiling introduces dashboards for better organising and managing exposures over time, which include identifying Internet exposures, end-of-life systems, open access services, and more.

Runzero's global expansion is bolstered by partnerships with several channel partners, including Guidepoint in the US, Distology in the UK and Europe, and Secon in the UK.

Sarah Geary, Chief Commercial Officer at Distology, said, "We are thrilled to be partnering with runZero, adding their attack surface and exposure management technology to our expanding portfolio. This amazing product bolsters the Workspace area of the Distology portfolio, and we are excited to jointly take their message to market."

On the leadership front, runZero has bolstered its expertise with Brandon Turner joining as Vice President of Product and Engineering and Tod Beardsley taking on the role of Vice President of Security Research.

Beardsley stated, "runZero is built around the idea of, 'how would an attacker look at my network, and are there tricks that I can borrow from them to make sense of my enterprise?' This unique approach to exposure management provides some of the most valuable introspective intelligence on your own network available. I'm excited to join runZero as we introduce these new capabilities to help security teams proactively mitigate risk."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Kiteworks unveils Private Data Network for data security
Check Point lauded as leader in attack surface management
Cequence Security earns AWS Security Competency status
i-PRO set to secure new AI management certification
Harmony or havoc? The challenge of managing network security complexity
Top stories
Fast Flux DNS tactics escalate cyber defence challenges
Open-source AI gains favour among new developers globally
Check Point Infinity named top AI cyber security platform
N-able expands IT & cybersecurity offerings with new partners
Identities over intrusions: Identity Management Day sparks new considerations