The runZero Explorer and runZero Scanner now use npcap 1. For example, if you only want to export iLOs that have the ProLiant DL360p. The runZero scanner now reports legacy RDP authentication, decodes additional ISAKMP/IKEv2 fields, and improves the fingerprinting of AirPlay devices. HD Moore is the co-founder and CEO of runZero. runZero's secret sauce is its proprietary unauthenticated scanner powered by high-fidelity. gz file created by the command-line. November 18, 2021 (updated October 5, 2023), by Thao Doan. Email Use the syntax email:<address> to search for someone by email address. We also recommend using the RFC1918 scan playbook to verify full coverage. 6. Connector tasks run independently from either the cloud or one of your Explorers, only performing the integration sync. Discover every asset–even the ones your CMDB didn’t know about. 0/12, and 192. 0 report from Nexpose. rumble. With runZero, you can set up multiple scan schedules, allowing for a customized asset inventory and network discovery approach. Previously, he founded the Metasploit Project and served as the main developer of the Metasploit Framework, which is the world's most widely used. Connector tasks run independently from either the cloud or one of your Explorers, only performing the integration sync. Tagging has been updated across the. Òܾ ÒÃÂ`Õ ÒÂ$ܧ *»ÏÃÒÙ§¾¡Â ¾  îÏÃÒÙ§¾¡ÂÕ§Ù Õ [§Ù Õ ¾  îÏ·ÃÒ ÒÕ [ · 1¤ÃÕÙ§¾¡ÂÒܾ ÒÃAccess to scan configurations for each RFC1918 range to find missing subnets and view subnet analysis to find unscanned devices Find subnets to target with the RFC1918 network coverage maps # The scan coverage maps show all the addresses scanned within the 10. LANSweeper will do either on-prem or cloud at any pricing level (of course on-prem will require a server with MS SQL). The runZero Explorer and runZero Scanner runtime has been upgraded. Type OT Full Scan Template into the search box and select the radio button for the template. ( Note: much of the host information provided by Tenable. Asset inventory There is a column on the asset inventory page showing the count of vulnerabilities detected by Rapid7 for each asset. We strive to provide a fast, low-impact scan by default, but also try to include as many services and protocols as possible. Self-hosted The self-hosted version runZero allows you to run the entire platform on-premises or within your own cloud environment. How runZero helps Discover assets and services – everywhere. v1. Requirements A Tines account runZero Export API and Organization API tokens There. Scanning your AWS assets with runZero will merge the scan results with the AWS attributes, giving you one place to look when you need to understand the assets on your network. Used to scan a fairly large network (/8) and the intel it gathers has become vital to my groups ability to not only identify issues proactively, but also respond quicker to events. Scan templates help Rumble users simplify the process of configuring multiple scans and reduce errors. 0 of Rumble Network Discovery is live with a handful of new features. Step 2: Connect with CrowdStrike. These assets can serve as an attack vector for unauthorized users to gain access to a system to steal information or launch a cyber attack. v1. runZero’s vulnerability management integrations let. action:agent-reconnected Created timestamp The timestamp fields created_at can be searched using the syntax. 4. 6. Configuring the integration as a scan probe is useful if you are running self-hosted runZero Platform and your console cannot access Google Workspace. Most integrations can be run either as a scan probe or a connector task. Scan probes or connector tasks. Getting started with Tenable Security Center To set up an integration with Tenable Security Center, you’ll need to: Create an API key for a user that has access to view and query vulnerabilities in. With this information, you can find things like missing subnets, rogue devices, and misconfigurations. Then, you will configure a runZero integration with your vulnerability management platform to merge vulnerability data with runZero data. The speed of the scans and the accuracy of results are stupendous. The runZero Scanner and Rumble Agent now detect the CheckMK service. Combined, these updates can shine a light on misconfigured network segmentation and help identify. A video demo is available to show the final outcome of these instructions. We want to share the magic of great network discovery with. Set the severity levels and minimum risk level to ingest. 7 2020-05-22 Fingerprint updates. However, heavily segmented networks may require the deployment of multiple scanners. The runZero scan engine was designed from scratch to safely scan fragile devices. This format is returned when downloading the task data for an Explorer-run scan and correlates to the scan. Planning This first set of tasks will help your team identify target results. With other tools, deployment required credentials or endpoint agents, which was not a feasible route for them. Test backups. name}} completed at {{scan. Use the syntax tag:<term> to search tags added to an Explorer. 0. Try it free. 15. Explorers. Add a. It combines integrations with EDR and other sources with a proprietary network scanner that is fast and safe even on fragile IoT and OT networks. 6 2020-05-14 Corrects inconsistent use of the new service attributes when processing the dynamic MAC address filter. Step 2: Configure traffic sampling on Explorer (s) The Explorer details page is also where users can configure traffic sampling. He’s here to tell us more about what’s happening with his latest creation, [runZero]. runZero provides asset inventory and network visibility for security and IT teams. In most cases, you can deploy an Explorer on an existing system that has connectivity to the network you want to discover. runZero treats assets as unique network entities from the perspective of the system running the Explorer. runZero is the first step in security risk management and the best way for organizations. New features # Rumble is now runZero and the product UX has been updated to match. When viewing the Groups inventory, you can use the following keywords to search and filter groups. Scan probes or connector tasks. with Amazon Web Services. 3: Scan range limit: Maximum number of IP addresses per scan. Step 2: Choose how to configure the Shodan integration. Add the Microsoft 365 Defender credential in runZero. organization:runZero organization:"Temporary Project" organization:f1c3ef6d-cb41-4d55-8887-6ed3cfb3d42dOverview # Version 1. Scanning with runZero. A memory leak in the runZero Explorer and runZero Scanner has been resolved. You can discover your entire inventory including managed and unmanaged devices, on-premises and cloud assets, IT and OT infrastructure, endpoints at work and at home. This can be useful in adding new fingerprint coverage for very unique or custom assets and services, such as device prototypes or proprietary applications/services. To work around this issue, we have provided a shim MSI package that can be used with automated installers. You will jump straight into deploying an Explorer for discovery, running your first scan, and onboarding users. Dan Kobialka September 27, 2023. runZero logs system events on a wide range of administrative actions related to assets, agents, tasks, users, and other components of the platform. Professional Community Platform With runZero goals, users are able to create and monitor progress toward achieving security initiatives. Partial site scans now consider ARP cache data from the entire site. With 2022 marking the 25th anniversary of Nmap, runZero hosted a moderated conversation between security industry legends, HD Moore and Gordon “Fyodor” Lyon. io or Tenable Nessus and bring your vulnerability scan results into runZero to achieve better visibility of gaps in your scan coverage. Unifying all of these approaches makes runZero unique in its ability to deliver comprehensive coverage across managed and unmanaged devices. This retention. The runZero 3. Dynamic binaries make it easy to deploy Explorers that connect back to the right organization, but present a challenge for independent integrity validation. runZero Enterprise customers can now sync asset and vulnerability data from Qualys VMDR. runZero. The TCP SYN scanner is now friendlier to stateful firewalls in the network path. Integrating runZero with Sumo Logic Setting up the connection between Sumo Logic and runZero has three options with different configuration steps. These reports can help you understand the layer 2 topology and layer 3 segmentation of a network without having to upload the scans into the cloud platform. Beyond a lack of detail, vulnerability scanners sometimes simply get it wrong. x updates, which includes all of the following features, improvements, and updates. Really great value, puts. The self-hosted runZero platform must be updated prior to first use. Configurable max group size that limits the number of targets runZero can scan at once, which correlates to the number of connections stateful devices such as firewalls or routers. Customers tell us that they can take action on their vulnerability scan results most effectively when paired with comprehensive asset and network context. The Cybersecurity and Infrastructure Security Agency (CISA) has announced the release of a scanner for identifying web services impacted by two Apache Log4j remote code execution. The overall detail runZero provides is unmatched and it’s given us insights into devices that other asset discovery products haven’t. runZero is a cyber asset attack surface management solution that is the easiest way to get full asset inventory with actionable intelligence. Prerequisites Prior to starting this training, we have two recommendations: Superuser access to a runZero account. Ownership types Superusers can manage the available types of ownership on the Account > Ownership types page. Alternatively you can specify an output filename with the --output-raw option, as if performing a runZero scan. runZero’s SNMP support. Activate the Microsoft 365 Defender integration to sync your data with runZero. Quicklydeploy runZero anywhere, on any platform, in minutes. By default, data is retained for one year in the runZero Platform. When viewing all tasks, you can use the keywords in this section to search and filter them. He’s the founder of [runZero], the network asset discovery scanner, and he’s joining us to talk about some new tricks he’s added to the product, like integrations with cloud service APIs and external. Overview # The 1. The scanner has the same options and similar performance characteristics to the Explorer. Completion of the runZero 101 training is also recommended so that you understand the context behind all of the administrative. Tasks can now be stopped during data gathering and processing phases. Deploy the Explorer in your. 0. It is widely used by network administrators. November 9, 2023. All actions, tasks, Explorers, scans, and other objects managed by runZero are tied to specific organizations and isolated from each other. Cons: There are several options for scan frequency but I would like something between daily weekly like every 8 hours or every three days. Go to the Inventory page in runZero. Error: Enable cookies in your browser to continue. The second tab, Groups, lists the user groups available; the groups define the. Version 1. When you run a scan with runZero, you’re given most of the options you need right away. By default, the file has a name matching censys-*. Unauthenticated network discovery tools # When viewing scan templates, you can use the keywords in this section to search and filter. Get runZero for free. Professional Community Platform runZero integrates with Azure AD to allow you to sync and enrich your asset inventory, as well as gain visibility into Azure AD users and groups. Reduce the scan speed. Go to the Inventory page in runZero. About runZero. Site: Specify the site the assets discovered as a result of Traffic Sampling will be added to. We want the email to tell us how many new, online, offline, and modified assets there are, as well as. runZero-hosted Explorers: Scan all your external assets with a runZero-managed Explorer. The Organization API provides read-write access to a specific organizations (Professional and Platform licenses). runZero is a Cyber Asset Management solution that delivers comprehensive asset inventory–quickly, easily, and safely. x updates, which includes all of the following features, improvements, and updates. Used to scan a fairly large network (/8) and the intel it gathers has become vital to my groups ability to not only identify issues proactively, but also respond quicker to events. Set up the Nessus Professional integration by creating a credential and running a scan. SNMP enumeration is more configurable through the disable-bulk-walk and max-repetitions settings in the advanced scan configuration. 1. runZero provides asset inventory and network visibility for security and IT teams. Scan range limit (8,192) Scan rate limit (5,000). Scan probes gather data from integrations during scan tasks. The leading vuln scanner fingerprinted it as a CentOS Linux device, but runZero accurately identified it as an F5 load balancer, which happened to be running a CentOS-based. runZero leverages applied research to build an asset inventory quickly, easily, and comprehensively. runZero is a Cyber Asset Management solution that delivers comprehensive asset inventory–quickly, easily, and safely. View pricing plans for runZero. Use the syntax id:<uuid> to filter by the ID field. runZero has taken a new approach to CAASM by combining integrations with their own proprietary active scanning and passive discovery technology to deliver. They covered everything–from product development to. This increased visibility has benefited the team in other ways, including a reduction in overall risk for the university community. 9 release includes a rollup of all the 3. Step 2: Connect with Google Workspace. runZero can inventory all remote, managed and unmanaged devices, on-premise and cloud assets, and IT and OT infrastructure. Add a template by selecting Tasks > Templates from the side navigation and then click. When performing a scan, runZero Explorers and scanners use probes to extract information from open scanned ports. 6. The following illustrates how runZero aligns with the CIS Critical Security Controls v8. See moreGain essential visibility and insights for every asset connected to your network in minutes. Proceed with the rest of your investigation. For the subject line, enter something that’s descriptive, like runZero scan {{scan. This feature can be toggling. Some locations, like retail stores or customer sites, may not have staff or hardware. runZero provides asset inventory and network visibility for security and IT teams. Presidio can quickly deploy a runZero Explorer in their client network and start scanning. This is newline-delimited JSON – JSONL – that represents the unprocessed output of the scan engine. API use is rate limited, you can make as many calls per day as you have licensed assets. The runZero scanner now supports the Bitdefender, NDMP, Munin, MySQL X, and Spotify Connect protocols over TCP, improved support for capturing Telnet banners and improved OS/firmware. Integrate with Tenable. 0/16 ranges. The new Python SDK supports runZero’s custom integration API functions for ease of automation and use for those familiar with Python. The Tenable Vulnerability Management, Nessus Professional, and Tenable Security Center integrations pull data from the Tenable API, while all. Another key value-add that the team. Import & Export Site Definitions #The dashboard is the standard visual view into your asset inventory. In your runZero Console, go to your inventory. 7. name asset attribute is now updated to show when a runZero scan no longer detects the EDR. runZero vs Datadog. Meet us at Infosecurity Europe 2023Reviews of runZero. The search keywords has_os_eol and has_os_eol_extended are now supported on the Assets and Vulnerabilities inventory pages. nessus) from the list of import types. Connector tasks run independently from either the cloud or one of your Explorers, only performing the integration sync. The most common cause of duplicate assets in the runZero inventory is scanning the same devices from multiple sites. However, there may be times when the traditional deployment model may not work for you. Last updated on April 26, 2022 at 08:00 CST (-0600) runZero can help you build an up-to-date asset inventory and search for assets that may be affected by Log4J vulnerabilities, such as Log4shell. Explorer downloads are then available by selecting Deploy in the left navigator and choosing the Deploy Explorers sub-menu. An asset may have multiple IP addresses, MAC addresses, and hostnames and it may move around the network as these attributes are updated. An actively exploited zero-day has surfaced in popular wiki software Confluence. However, there may be times when the traditional deployment model may not work for you. 2. Some locations, like retail stores or customer sites, may not have staff or hardware available to install the Explorer, making remote. Network discovery tools, like runZero, look at other sources, such as SNMP community strings and ARP caches. To install the Rumble macOS Agent, copy the download link from the Agents page, download a local copy, and install it using the command line: For a quick rundown on how to use the command-line scanner, take a look at the scanner. Navigate to Tasks > Scan > Template scan. runZero integrates with a variety of tools to extend visibility across your network and enrich asset inventory data. rumble file by default. Pros: Runzero is an exceptional asset discovery tool that allows us to easily discover/track assets, while providing excellent insights into missing AV products or any assets with vulnerabilities. The best free network scanners for security teams in 2023. Requirements Configuring the SecurityGate. The standard deployment plan is broken out into six stages which will help you plan out your requirements, execute the deployment, and optimize your environment based on runZero’s best practices. 0. As of this evening, the answer is yes. Scan probes gather data from integrations during scan tasks. Note that once duplicate assets are. TroubleshootingDiversity, equity, and inclusion at runZero. In most cases, you can deploy an Explorer on an existing system that has connectivity to the network you want to discover. The first, Users, shows all users in the current client account. 10 is live with continuous scanning, user interface updates, an event log, updates to the scan. The Organization Overview Report is useful for sharing with teams and leaders who may not have access to runZero. Vulnerability scanning plays a crucial role in any enterprise security program, providing visibility into assets that are unpatched, misconfigured, or vulnerable to known exploits. To leverage SNMP v3 credentials in a Rumble scan, set the following options in the Advanced Options section of the Scan Configuration screen. Fresh on the heels on Beta 3, we are excited to announce support for the Apple macOS platform. Adding your AD data to runZero makes it easier to find. 16. By leveraging product APIs and export/import functionality, runZero can provide additional asset context in other IT and. HD Moore is the co-founder and CEO of runZero. Protocol support has been added for Brother’s proprietary scanner protocol, allowing us to identify Brother scanners or Brother multi-function devices that include a scanner. v1. This training uses the runZero success outcomes to help you understand the top use cases for runZero and how to achieve them. In smaller environments, a single Explorer is usually sufficient. The runZero Export API uses the same inventory search syntax to filter results. SaaS or self-hosted: choose the deployment model that works for you. Community Platform runZero integrates with Tenable Vulnerability Management (previously Tenable. You can use the Mustache syntax for the subject. Start your 21 day free trial today. Deploy Explorers: runZero Explorers are the scanners. If you are looking for more to test out after finishing these tasks, you can jump to the deployment plan to dive deeper. Using runZero data to enrich other tools In addition to being able to enrich your runZero inventory with data from your other IT and security tools, the runZero platform offers egress integrations with several platforms. By scanning your Azure assets with runZero, you can enrich the scan results with Azure attributes, building a single source of truth. 9 Ratings Breakdown 5 ( 34) 4 ( 3) 3 (. runZero is an unauthenticated scanner, like nmap, but it’s based on a new proprietary scan engine. runZero users that have a self-hosted platform or standalone scanner now have the ability to add custom asset and service fingerprints. The SecurityGate. Activate the Azure integration to sync your data with runZero. They should really look at integrating RunZero. After the trial expires, you will have the option to convert to the free Community Edition. July 18, 2023. The 169. The leading vuln scanner. Activate the AWS integration to sync your data with runZero. x OpenSSL versions when TLS-enabled service uses either TLS 1. runZero is the only cyber asset attack surface management ( CAASM) solution that unifies proprietary active scanning, native passive discovery, and API integrations to deliver the most complete coverage across managed and unmanaged devices, including the full spectrum of IT, OT, IoT, cloud, mobile, and remote assets. Choose Import > Nessus scan (. Select asset-query-results for asset queries or service-query-results for service queries. Community Platform runZero integrates with Rapid7’s InsightVM and Nexpose to enrich your asset inventory and gain visibility into vulnerabilities detected in your environment. Professional Community Platform runZero can trigger automatic alerts when certain events occur through a combination of Channels and Rules. io or Tenable Nessus and bring your vulnerability scan results into runZero to achieve better visibility of gaps in your scan coverage. Set the correct Nessus. Step 3: Activate the Google Cloud Platform integration. Data expiration is processed as a nightly batch job based on the current settings for each organization in your account. Just deploy the runZero Explorer (a lightweight scan engine) to carry out scan operations and upload data to the console. No agents, credentials, traffic captures, netflows, span ports, or network taps needed. CyberCns does have a network asset scanner, but their focus is on assets that they are able to produce a vulnerability scan report on, which at this point is mainly actual computers. Discovering IT, OT, virtual, and IoT devices across any type of environment is simple with runZero's active scanner, which doesn't require any credentials. You can view and manage discovery scans and other background actions from the Tasks overview page. runZero scales across all types of environments, and works with cloud, EDR, VM, CMDB, and MDM solutions. Go to Alerts > Rules and select Create Rule. The Import button has two options. The timestamp fields, created_at and updated_at, can be searched using the syntax created_at:<term> and updated_at:<term>. The scan task can be used to scan your environment and sync integrations at the same time. In the runZero Console, go to the Alerts page, located under Global Settings. Select Configure Rule. We are ridiculously excited to announce the beta program for Rumble Network Discovery, a platform designed to make network asset discovery quick and painless. When viewing services, you can use the keywords in this section to search and filter. 2. runZero scans can be performed with the following SNMP configurations: SNMPv1 and SNMPv2. Step 5: View Azure AD assets. You will no longer be able to run discovery scans. runZero scales across all types of environments, and works with cloud, EDR, VM, CMDB, and MDM solutions. The scanner output file named scan. The runZero Agent will verify its own binary and exit on startup if corrupted. Tag value matches must be exact. Surfacing unowned. RUNZERO_STORAGE_MODE=s3 ASSET_BUCKET=company-runzero-assets SCAN_BUCKET=company-runzero-scans If a non-AWS backend is used that is compatible with the S3 API, use the same AWS and bucket variables above but override AWS_REGION and set the AWS_ENDPOINT_URL_S3 or. This can be a corporate account with a paid license, or you can use a personal email to create a community account which will make you the superuser. 0. Many probes can be configured using the Probes and SNMP tab of a scan task configuration. If your subscription has expired, you will see: This is a runZero [edition] subscription that expired on [date and time]. 1. Both the Community Edition and runZero Platform include SaaS console, traffic sampling, self-hosted explorers, runZero-hosted explorers, goal tracking, advanced reports, export API, custom integration SDK, asset ownership and more. New Rumble icons!Reviews of runZero. The runZero Explorer enables discovery scanning. runZero includes a standalone command-line scanner that can be used to perform network discovery without access to the internet. Finding externally exposed assets # Rumble Enterprise customers using the cloud-hosted platform can now scan external assets easier than ever. runZero multi-homed asset detection Network segmentation is a critical security control for many businesses, but verifying that segmentation is working correctly can be challenging, especially across large and complex environments. Step 3: Query your asset inventory to find endpoints missing CrowdStrike agents. To use a hosted scanner, set your Explorer to None and select a hosted zone during the scan. To us, runZero captures the outcomes we want you to have: zero barriers for deployment and zero unknowns on your network. The runZero 3. What to do when a runZero scan results in hundreds of identical assets being created for systems that don't exist. SNMPv1/v2 scanning A discovery scan finds, identifies, and builds an inventory of all the connected devices and assets on your internal network. Higher Education/ Banking Industry OVERVIEW. The Asset and Service exports now include the service. HD Moore is the co-founder and CEO of runZero. Therefore an address like 10. Types of networks; runZero 101 training; runZero 201 training; Organizations; Sites; Self-hosting runZero. Adding your CrowdStrike data to runZero makes it easier to find things like. name:WiFi name:"Data Center". - runZero Network Discovery is the most popular SaaS alternative to Advanced IP Scanner. There are more than 10 alternatives to IP Scanner for a variety of platforms,. Alternatively you can specify an output filename with the --output-raw option, as if performing a runZero scan. The scanner now supports a new syn-reset-sessions option that can be used to reduce session usage in middle boxes. Sample runZero implementation. Scan missing subnets: From the coverage report, you can launch a scan for any missing subnets in a given RFC1918 block – look for the binocular icon. Differences between runZero and EASMs; How to scan your public-facing hosts. Quicklydeploy runZero anywhere, on any platform, in minutes. Step 3: Query your asset inventory to find endpoints missing CrowdStrike agents. 6+). To set up the Microsoft 365 Defender integration, you’ll need to: Configure Microsoft 365 Defender to allow API access through runZero. Want a free trial that’s fully functional for up to 100,000 assets, no holds barred? We got you. Setting up the integration requires a few steps in your Sumo Logic console. Gain essential visibility and insights for every asset connected to your network in minutes. Read MoreThis limits the number of targets runZero can scan at once, which correlates to the number of connections the router sees. ( Note: much of the host information provided by Tenable. Name The Name field can be searched using the syntax name:<text. A port scan provides valuable information about a target environment, including the computers that are online, the applications that are running on them, and potentially details about the system in question and any defenses it may have such as firewalls. Professional Community Platform runZero’s query language allows you to search and filter your asset inventory, based on asset fields and values. They discussed the challenges, rewards, and lessons learned from their work building network scanning technology. Scan missed subnets: The missing subnets will be shown in the scan scope and the subnet ping will be enabled by default. runZero is not a vulnerability scanner, but you can share runZero’s. Podcast Description: “This week’s sponsor interview is with HD Moore. Stay alert about the latest in cyber asset management. Step 3: Choose how to configure the SentinelOne integration. HD Moore is the co-founder and CEO of runZero. From the scan configuration page: Choose US – New York as the Hosted zone (this is a runZero-hosted Explorer in the cloud). Name The Name field can be searched using the syntax. Stay on top of changes in your network. 8. Instead, it fingerprints the assets based on how they respond to probes, and tries to catch situations where known assets change IP. 7. Automated cloud scanning and reports across 150+ CIS controls for identifying misconfigurations at a resource and account level. runZero is not a vulnerability scanner, but you can share runZero’s results with your security team for investigation and mitigation. 0 is out with major updates to the scan engine, reports, fingerprinting, user interface, documentation, and much more!runZero is a cyber asset attack surface management solution that delivers full asset inventory–quickly, easily, and safely. 0 release includes a rollup of all the 2. runZero scanned an entire retail store in under two minutes, sometimes completing the process in just thirty seconds. For on-premises use you will need to use the InsightVM connector as a scan probe from a runZero Explorer which has network access to the InsightVM deployment. This limits the number of targets runZero can scan at once, which correlates to the number of connections the router sees. Cons: There are several options for scan frequency but I would like something between daily weekly like every 8 hours or every three days. Self-hosted platform improvements # Scan probes gather data from integrations during scan tasks. Step 2: Connect with CrowdStrike. The runZero console includes a diagnostics collection script inspired by the need to troubleshoot a self-hosted environment. 0 can be found in our documentation. When viewing the Users inventory, you can use the following keywords to search and filter users. What protocols does runZero scan for? runZero supports the following list of protocols: acpp activemq adb airplay ajp amqp arp backupexec bacnet bedrock bitdefender-app brother-scanner cassandra cdp chargen checkmk chromecast ciscosmi citrix click coap consul couchdb crestron dahua-dhip daytime dcerpc dns docker dotnet-remoting drbd drobo-nasd dtls echo elasticsearch epm epmd erldp etcd2. runZero is now part of Presidio's arsenal of tools, not only for internal discovery, but for client onboarding as well. If you want to refine the results in your exported data, you can filter the inventory first. runZero is the first step in security risk management and the best way for organizations to understand their exposure through comprehensive asset inventory. Hosted. Installation To install the runZero Explorer, log in to the runZero Console and switch to the Organization that should be associated with the Explorer.