0. Set the correct Nessus. Step 4: Add users to the runZero app in Azure. This means you can scan. You can discover your entire inventory including managed and unmanaged devices, on-premises and cloud assets, IT and OT. Some locations, like retail stores or customer sites, may not have staff or hardware. The timestamp fields, created_at and updated_at, can be searched using the syntax created_at:<term> and updated_at:<term>. Import the Nexpose files through the inventory pages. Start a 21-day free trial today!Step 1: Scan your network with runZero. To find gaps in vulnerability scan coverage, start by scanning your entire network with runZero. Step 3. 2. Navigate to Tasks > Scan > Template scan. To find gaps in vulnerability scan coverage, start by scanning your entire network with runZero. runZero supports the three main versions of the protocol: SNMPv1, the SNMPv2c variant of SNMPv2, and SNMPv3. For the subject line, enter something that’s descriptive, like runZero scan {{scan. Differences between runZero and EASMs; How to scan your public-facing hosts. Note that once duplicate assets are. runZero has brought to market a new version of its cyber asset attack surface management (CAASM). These fields can be used to set the scan scope for scans of the site. Another key value-add that the team. Create the body message. Configure an alert rule. Scan probes or connector tasks. We strive to provide a fast, low-impact scan by default, but also try to include as many services and protocols as possible. With runZero’s integration with Microsoft Azure, you can easily and rapidly sync your cloud inventory with your runZero asset inventory and search across your entire asset inventory to identify issues or risks. Raw data from the runZero Scanner can be imported into the Rumble Console. The Organization API provides read-write access to a specific organizations (Professional and Platform licenses). Fresh on the heels on Beta 3, we are excited to announce support for the Apple macOS platform. Set up the Nessus Professional integration by creating a credential and running a scan. Haven't seen Ping Castle or NetDisco suggested yet, both are certified bangers. 3. The leading vuln scanner. Step 1: Determining domains and ASNs to scan; Step 2: Adding Censys or Shodan integrations; Step 3: Starting an. 9 release includes a rollup of all the 3. Choose whether to configure the integration as a scan probe or connector task. runZero currently supports Internal, Email, and Webhook channel types. To add a team member, access the Your Team page, and use the Invite User button to send an invitation. When viewing the Users inventory, you can use the following keywords to search and filter users. The Tenable integration allows you to enrich your asset inventory with vulnerability data. RunZero for Asset inventory and network visibility solution. The solution enriches CMDBs with detailed asset and network data from a purpose-built unauthenticated active scanner. Prerequisites To use the Service Graph connector for runZero, you need the following: An Platform license for runZero. In order to run a scan against a specific site, an Explorer must be activated and either assigned to. runZero scales across all types of environments, and works with cloud, EDR, VM, CMDB, and MDM solutions. The runZero scanner now reports legacy RDP authentication, decodes additional ISAKMP/IKEv2 fields, and improves the. What customers are saying Source "runZero is an exceptional asset discovery tool that allows us to easily discover/track assets, while providing excellent insights into missing AV products or any assets with vulnerabilities. port, and service. runZero can gather asset data through unauthenticated active scanning, passive traffic sampling, and inbound integrations. Setting up the integration requires a few steps in your Sumo Logic console. All runZero editions integrate with Jira Service Management via an import in Atlassian Insight. 0 of Rumble Network Discovery is live with updates in two major areas; wider scanning, through improved protocol support, scan engine enhancements, and more comprehensive decoders; and deeper searching, with the addition of a dozen new search filters and other enhancements to the web console. 2. Scan missed subnets: The missing subnets will be shown in the scan scope and the subnet ping will be enabled by default. 0. That Explorer should be able to scan all VMs on the same VMnet without VMware needing to track all of the connections. Get runZero for free. HD Moore is the co-founder and CEO of runZero. Subscribe to the runZero blog to receive updates about the company, product and events. These custom integrations allow for creating and importing asset types not previously supported within. Data generated by the Rumble Agent can be downloaded and reprocessed by the runZero Scanner. The Inventory now supports setting, clearing, and searching based on Tags. Deploy runZero anywhere, on any platform, in minutes. Updated Ethernet fingerprints. It’s a network scanner that you just set loose and it will go and find all the devices on your. Name The Name field can be searched using the syntax name:<text>. A memory leak in the runZero Explorer and runZero Scanner has been resolved. From the Export menu, choose the HP iLO CSV format. Connector tasks run independently from either the cloud or one of your Explorers, only performing the integration sync. id:cdb084f9-4811-445c-8ea1-3ea9cf88d536 Name Use the syntax name:<text> to search by scan template name. Really great value, puts. After deploying runZero, just connect to Tenable. Each time a scan runs using values from a template, the scan task is saved with a copy of the parameters. Step 3: Choose how to configure the SentinelOne integration. runZero vs CrescentLink. 254. Select an Explorer deployed in your OT environment. Any users you add to the runZero app will be viewable from the Team members page in runZero, once they have logged into runZero. runZero scales across all types. network and provide the asset data they need. runZero provides asset inventory and network visibility for security and IT teams. Scan probes run as part of a scan task. runzero. When you run a scan with runZero, you’re given most of the options you need right away. runZero is a comprehensive cyber asset attack surface management solution with the. This means the task will list the values used for the scan, even if the template is modified after the scan completes. . 0. When viewing software, you can use the keywords in this section to search and filter. Beta 4 is Live! # This release includes support for macOS agents and scanners, web screenshots, and major improvements to the user interface. The Explorer now uses the “runZero” brand by default (and matching filesystem/registry locations). The command-line runZero Scanner now compresses the scan. LANSweeper will do either on-prem or cloud at any pricing level (of course on-prem will require a server with MS SQL). Deemed “critical” in severity with a CVSS score of 10 out of 10, this vulnerability affects most supported versions of Confluence Server and Confluence Data Center running 8. v1. Deploy runZero anywhere, on any platform, in minutes. You can view and manage discovery scans and other background actions from the Tasks overview page. Source The source reporting the software installed can be searched or filtered by name using the syntax source:<name>. The TCP SYN scanner is now friendlier to stateful firewalls in the network path. Rumble Network Discovery is now runZero! We rolled out support for automatic web service screenshots this morning in both the Rumble Agent and the runZero Scanner (v0. runZero Scanner; Rumble Agent; Excited about the new features? Sign up for a free trial and give this release a spin! Written by HD Moore. Rumble v1. Now, let’s create the email body. Scanner release notes Starting with version 1. runZero's secret sauce is its proprietary unauthenticated scanner powered by high-fidelity fingerprinting. 0. OAuth 2. The integration can be set up to support two distinct purposes: Complete asset visibility Targeted alerting and visualization Requirements A Sumo Logic. Dynamic binaries make it easy to deploy Explorers that connect back to the right organization, but present a challenge for. Reduce the scan speed. You can turn it off or customize it using the SNMP tab when setting up a scan or a scan template. Professional Community Platform runZero can trigger automatic alerts when certain events occur through a combination of Channels and Rules. After checking permissions and. When a single asset is selected, the. runZero is not a vulnerability scanner, but you can share runZero’s results with your security team for investigation and mitigation. 7. 8. This data is consistently formatted. By leveraging product APIs and export/import functionality, runZero can provide additional asset context in other IT and. Presidio can quickly deploy a runZero Explorer in their client network and start scanning. Concurrent scans: Conduct concurrent scans on the same Explorer (not available on Windows). Partial site scans now consider ARP cache data from the entire site. Click Continue to scan configuration. 7. The runZero platform scales across all types of environments, and works with VM, EDR, CMDB, MDM, and cloud solutions. A scan template is simply a predefined set of scan options and settings, and all updates that are made to the scan template are applied to new and recurring scans that use the template. 0 is now live with alert and asset automation via the Rules Engine, ridiculously fast scans with subnet discovery, cross-organization management via the Account API, support for ServiceNow CMDB integration, an automated query dashboard, self-hosting support, and much more! Read on for the. CLI update with offline mode. In a new or existing scan configuration: Ensure that the NESSUS option is set to Yes in the Probes and SNMP tab and change any of the default options if needed. 5x what they had insight into before, or a 150% increase. Last updated on April 26, 2022 at 08:00 CST (-0600) runZero can help you build an up-to-date asset inventory and search for assets that may be affected by Log4J vulnerabilities, such as Log4shell. name asset attribute is now updated to show when a runZero scan no longer detects the EDR. They discussed the challenges, rewards, and lessons learned from their work building network scanning technology. 6. The Shodan integration can be configured as either a scan probe or a connector task. We are currently trialing both CyberCns and RUNzero (aka Rumble). The term supports the standard runZero [time comparison syntax] [time]. Automated cloud scanning and reports across 150+ CIS controls for identifying misconfigurations at a resource and account level. io console. At runZero, we empower every voice and listen when those voices are being used. However, heavily segmented networks may require the deployment of multiple scanners. This can be useful in adding new fingerprint coverage for very unique or custom assets and services, such as device prototypes or proprietary applications/services. 6. This helps teams leverage runZero to the fullest while optimizing the team’s workflows with automation. Deploy runZero anywhere, on any platform, in minutes. runZero uses dynamically generated binaries for the runZero Explorer downloads and this doesn’t always play well with MSI-based installation methods. The SentinelOne integration can be configured as either a scan probe or a connector task. In this article, we compare and contrast several free tools and provide our take on why we believe runZero is best suited for corporate security teams. Reduce gaps in asset. 10. times paired with its ease of use have saved Nadeau and his team valuable time to dedicate to more mission critical needs. We’re still the same company, with the same people and mission; we just have a new name and. 168. SiterunZero supports a deep searching across the Asset, Service, and Wireless Inventory, across organizations and sites, and through the Query Library. Professional Community Platform runZero integrates with Azure AD to allow you to sync and enrich your asset inventory, as well as gain visibility into Azure AD users and groups. Corporate network Explorer that is able to get all on-premise networks. sc) by importing data from the Tenable Security Center API. Adding your CrowdStrike data to runZero makes it easier to find things like. A video demo is available to show the final outcome of these instructions. Choose Import > Nessus scan (. This article will show you how to export your runZero inventory into Sumo Logic for use within the SIEM. The best runZero Network Discovery alternative is Nmap, which is both free and Open Source. The runZero 3. The scanner has the same options and similar performance characteristics to the Explorer. 0 or later. On the import data page: Choose the site you want to add your assets to, and. io, or import vulnerability scan results from Nessus. r u n Ze r o API d o c u m e n t a t i o n Pa g e 1 o f 1 5 3 runZero API runZero API. The Tenable Vulnerability Management, Nessus Professional, and Tenable Security Center integrations pull data. 8,192: Scan. This limits the number of targets runZero can scan at once, which correlates to the number of connections the router sees. Vulnerability ID The ID field is the unique identifier for a given vulnerability, written as a UUID. Cyber Asset Attack Surface Management (CAASM) is an emerging technology that focused on presenting a unified view of cyber assets to an IT and security team. Most integrations can be run either as a scan probe or a connector task. The overall detail Runzero provides is unmatched and it's given us insights into devices that other asset discovery products haven'tProfessional Community Platform Customers running a self-hosted instance or using the standalone scanner have the ability to use custom-written fingerprints. Want a free trial that’s fully functional for up to 100,000 assets, no holds barred? We got you. runZero provides asset inventory and network visibility for security and IT teams. 4 and above' and is a IP Scanner in the network & admin category. Sites. Step 2. For more solutions and FAQs, check out the knowledgebase on the runZero support portal. The runZero platform scales across all types of environments, and works with VM, EDR, CMDB, MDM, and cloud solutions. To add a team member, access the Your Team page, and use the Invite User button to send an invitation. The scanner now supports a new syn-reset-sessions option that can be used to reduce session usage in middle boxes. runZero binary verification; Automated MSI deployments; Installing on a Raspberry Pi; Using the scanner. Just deploy the runZero Explorer (a lightweight scan engine) to carry out scan operations and upload data to the console. name}} completed at {{scan. What UDP ports does runZero scan? runZero scans the following UDP ports by default: 53 69 88 111 123 137 161 443 500 623 987 1194 1434 1701 1900 2049 2228 3391 3671 3702 4433 5060 5246 5349 5351 5353 5632 5683 5684 9302 10000 10001 11211 19132 30718 37810 41794 46808 47808 48808 65535. runZero’s secret sauce comes from combining the best of API connectors and our scanner. We want the email to tell us how many new, online, offline, and modified assets there are, as well as. source:ldap Name fields There are multiple name fields found in the user attributes that can be searched or filtered using the same syntax. 3. These report can also be generated using previous scan. Hosted. 7. This method downloads all HP iLO data from the runZero inventory to a CSV file. Most scanning. Platform The Service Graph connector for runZero allows you to bring runZero assets into your ServiceNow CMDB as CIs, and optionally periodically update the CIs with fresh information from runZero scans. About runZero. View pricing plans for runZero. The SecurityGate. Active scanning The runZero Explorer and scanner perform unauthenticated active scanning of your specified networks based on the configurations you set. Pulling serial numbers remotely can be very useful to for support questions and to. Step 2: Connect with CrowdStrike. A runZero site represents a site network, a distinct network whose IP addresses may overlap with those of any other site. The quick start path is recommended for testing out runZero. Select Configure Rule. Type OT Full Scan Template into the search box and select the radio button for the template. Generally, queries can be broken into two concepts: Filters or parameters used in the search bars on pages across the console, or System and custom queries for which match metrics are calculated as tasks complete. runZero users that have a self-hosted platform or standalone scanner now have the ability to add custom asset and service fingerprints. Requirements. jsonl files from runZero that have been uploaded into your AWS S3 bucket. You will jump straight into deploying an Explorer for discovery, running your first scan, and onboarding users. Other great apps like runZero Network Discovery are Angry IP Scanner, Zenmap, Fing and Advanced IP. Step 3: Activate the Google Cloud Platform integration. Setting up a connector will work if you’re self-hosting runZero or integrating with Tenable Vulnerability Management. What’s new with Rumble 2. runZero is the first step in security risk management and the best way for organizations to understand their exposure through comprehensive asset inventory. Protocol support has been added for Brother’s proprietary scanner protocol, allowing us to identify Brother scanners or Brother multi-function devices that include a. The runZero 3. Command-Line Scanner & Offline Support # This release allows basic inventory to be completed using either an installed agent or the command-line scanner. After deploying runZero, just connect to Tenable. io integration will pull runZero asset data from. No agents, credentials, traffic captures, netflows, span ports, or network taps needed. When viewing assets, you can use the following keywords to search and filter. Unauthenticated network discovery tools #When viewing scan templates, you can use the keywords in this section to search and filter. The task stop API documentation has been updated. 0/8, 172. The leading vuln scanner fingerprinted it as a CentOS Linux device, but runZero accurately identified it as an F5 load balancer, which happened to be running a CentOS-based. This can be a corporate account with a paid license, or you can use a personal email to create a community account which will make you the superuser. Community Platform runZero integrates with Rapid7 Nexpose by importing files that were exported from your Nexpose instance. The current fingerprints handle protocols that expose TLS directly. Professional Community Platform As part of a discovery scan, runZero will automatically enrich scanned assets with data from the AWS EC2 API when available. Pros: Runzero is an exceptional asset discovery tool that allows us to easily discover/track assets, while providing excellent insights into missing AV products or any assets with. From the Rules. The scanner output file named scan. 5 with the new Switch Topology report, quite a few folks wrote in to ask if this feature was available in SNMPv3 environments. 5 of the Rumble platform is live! This release includes a new Switch Topology report, updates to the Network Bridges report, and improvements to how SNMP data is collected during scans. You can then use the coverage reports to check for assets in unexpected private address ranges. name:WiFi name:"Data Center" Timestamps Use the following syntaxes to. After deployment, you can manage your Explorers from the Deploy page in your runZero web console. 0 client credentials can now be used to authenticate with runZero APIs. You can run the Qualys VMDR integration as a scan probe so that the runZero Explorer will pull your vulnerability data into the runZero Console. The edr. The scan task can be used to scan your environment and sync integrations at the same time. The quick start path is recommended for testing out runZero. address, service. Setting up the integration requires a few steps in your SecurityGate. Adding your AD data to runZero makes it easier to find. Navigate to Tasks > Scan > Standard Scan to create a scan task Chose the new site you created in step 1 Include a range of the RFC1918 IP addresses in the Discovery Scope,. Choose whether to configure the integration as a scan probe or connector task. A. end_time}}. A ServiceNow ITOM. The user interface is still far from perfect, but an effort was made to reclaim screen real estate for what matters most; your network assets. The solution enriches existing IT & security infrastructure data–from vuln scanners, EDRs, and cloud service providers–with detailed asset and network data from a purpose-built unauthenticated active scanner. Getting started with Tenable Security Center To set up an integration with Tenable Security Center, you’ll need to: Create an API key for a user that has access to view and query vulnerabilities in. A port scan provides valuable information about a target environment, including the computers that are online, the applications that are running on them, and potentially details about the system in question and any defenses it may have such as firewalls. 14. runZero provides asset inventory and network visibility for security and IT teams. These assets. Data expiration is processed as a nightly batch job based on the current settings for each organization in your account. While legacy scanners cannot be used safely on OT assets, modern purpose-built scanners can safely scan ICS environments by following a few basic rules: Use only standard-conforming IP traffic - All traffic sent from the scanner must be completely RFC compliant. The search keywords has_os_eol and has_os_eol_extended are now supported on the Assets and Vulnerabilities inventory pages. Custom ownership. Subscribe to the runZero blog to receive updates about the company, product and events. He’s here to tell us more about what’s happening with his latest creation, [runZero]. The self-hosted runZero platform must be updated prior to first use. In addition to a flexible query. Professional Community Platform runZero integrates with Microsoft Active Directory (AD) via LDAP to allow you to sync and enrich your asset inventory, as well as gain visibility into domain users and groups. What’s new in runZero 3. Surfacing unowned. The runZero Explorer enables discovery scanning. Previously, he founded the Metasploit Project and served as the main developer of the Metasploit Framework, which is the world's most widely used penetration testing framework. This includes both 3. Step 4: Starting an external scan using hosted zones . runZero includes a standalone command-line scanner that can be used to perform network discovery without access to the internet. Instead, you deploy runZero Explorers to carry out scan operations. SNMPv1/v2 scanning A discovery scan finds, identifies, and builds an inventory of all the connected devices and assets on your internal network. The Analysis Reports section has been added, including the new Domain Membership and Service. To access the coverage reports, go to Reports on the main menu and. This format is returned when downloading the task data for an Explorer-run scan and correlates to the scan. Adding custom asset sources can be accomplished through the API or by leveraging the runZero Python SDK. 7. The agent-offline system event specifically targets scenarios where an Explorer goes offline. runZero includes a query library of prebuilt searches which can be browsed from the Queries page. Connector tasks run independently from either the cloud or one of your Explorers, only performing the integration sync. The organization settings page provides three ways to control how runZero manages your asset and scan data. Importing runZero scan data allows you to import data that was scanned by the standalone runZero scanner. io), Tenable Nessus, and Tenable Security Center to enrich your asset inventory and gain visibility into vulnerabilities detected in your environment. ID The ID field is the unique identifier for a given template, written as a UUID. We do our best to ensure that any data gathered, transmitted, or downloaded is easy to view, import, export, and reprocess. The build number on recent releases looks something like 10. The Rumble scan engine is now better than ever at fingerprinting assets running the Windows operating system. Where Partial alignment is noted, runZero can play a complementary role in helping an organization implement safeguards. By default, the file has a name matching censys-*. 0 of Rumble Network Discovery is now available with a host of changes. Scan Grace Periods # Starting with the 1. HD Moore is the co-founder and CEO of runZero. 1. Today we released version 0. com Name Use the syntax name:<text> to search for someone by name. Navigate to Tasks > Scan > Template scan. runZero provides asset inventory and network visibility for security and IT. July 18, 2023. Unauthenticated network discovery tools # When viewing scan templates, you can use the keywords in this section to search and filter. After a successful sync,. x and 1. Creating a scan template. Update the runZero platform and scanners with an offline updateCommunity Platform runZero integrates with CrowdStrike by importing data through the CrowdStrike Falcon API. A large telecom customer used a leading vuln scanner and runZero to scan the same device. Discovering IT, OT, virtual, and IoT devices across. The data across your runZero account can be queried and filtered using the search syntax in conjunction with the available component keywords. Podcast Description: “Today’s Soap Box guest is an industry legend – Metasploit creator HD Moore. Step 3: Choose how to configure the SentinelOne integration. To understand the numbers, it’s important to remember that runZero doesn’t just rely on IP addresses. runZero is a comprehensive cyber asset attack surface management solution with the most efficient way to full asset inventory. 6+). io or Tenable Nessus and bring your vulnerability scan results into runZero to achieve better visibility of gaps in your scan coverage. Identify subnets to scan (reference video): Known subnets can be provided via CSV. If you use a SAML2-compatible single sign-on (SSO) implementation, the SSO Settings page can be used to configure an SSO Identity Provider (IdP) and allow permitted users to login to the runZero console. This increased visibility has benefited the team in other ways, including a reduction in overall risk for the university community. runZero Enterprise customers can now import assets from custom sources using the runZero SDK. Go to the Inventory page in runZero. Tagging has been updated across the. You can discover your entire inventory including managed and unmanaged devices, on-premises and cloud assets, IT and OT infrastructure, endpoints at work and at home. Activate the Microsoft 365 Defender integration to sync your data with runZero. ID The ID field is the unique identifier for a given template, written as a UUID. runZero. The term can be the tag name, or the tag name followed. The Cybersecurity and Infrastructure Security Agency (CISA) has announced the release of a scanner for identifying web services impacted by two Apache Log4j remote code execution. runZero scales across all types of environments, and works with EDR, VM, CMDB, MDM, and cloud solutions. runZero’s SSO implementation is designed to work with common SAML providers with minimal configuration, but there are a few requirements:. 0. The runZero platform scales across all types of environments, and works with VM, EDR, CMDB, MDM, and cloud solutions. Proceed with the rest of your investigation. Alternatively you can specify an output filename with the --output-raw option, as if performing a runZero scan. Some probes. Passive discovery augments the existing sources in the runZero Platform to provide always-on discovery for assets that might miss active scan windows, and coverage for fragile OT environments. The runZero scanner now supports the Bitdefender, NDMP, Munin, MySQL X, and Spotify Connect protocols over TCP, improved support for capturing Telnet banners and improved OS/firmware detection via BACnet UDP probe, and introduced new UDP probes for CoAP, Minecraft Bedrock, L2TP, Dahua DHIP, KXNnet, Webmin, and the. runZero treats assets as unique network entities from the perspective of the system running the Explorer. Used to scan a fairly large network (/8) and the intel it gathers has become vital to my groups ability to not only identify issues proactively, but also respond quicker to events. 3: 15: Scan range limit: Maximum number of IP addresses per scan. Discover managed and unmanaged devices, on-premises and cloud assets, IT and OT infrastructure, endpoints at work and at home. Click Initialize scan to save the scan task and have it run immediately or at the scheduled time. Rumble Starter Edition is now available as a free tier! This option supports many features of our paid subscriptions, including Inventory, Reports, the Export API, SSO via SAML/2. The Credentials page provides a single place to store any secure credentials needed by runZero, including: SNMPv3 credentials Access secrets for cloud services like AWS and Azure API keys for services such as Censys and Miradore Credentials are stored in encrypted form in the runZero database. runZero Scanner # The scanner now reports the estimated time remaining, writes out a CSV file as a default artifact, and includes all the same fingerprint improvements and bug fixes as the agent. The proprietary, unauthenticated scanner safely elicits information as a security researcher would, extracting asset details and accurately fingerprinting operating systems, services, and hardware. Instead, it fingerprints the assets based on how they respond to probes, and tries to catch situations where known assets change IP. By default, data is retained for one year in the runZero Platform. If you haven’t had a chance to try runZero before, or would like to play with the new features, sign up for a free trial and let us know what you think! Wireless Network Inventory # This release include support for automatic wireless network discovery and. SNMP enumeration is more configurable through the disable-bulk-walk and max-repetitions settings in the advanced scan configuration. These assets can serve as an attack vector for unauthorized users to gain access to a system to steal information or launch a cyber attack. 9 Ratings Breakdown 5 ( 34) 4 ( 3) 3 (. This game-changing functionality positions runZero as the only CAASM (cyber asset attack surface management) solution to combine proprietary active scanning, native passive discovery, and API integrations. By default, data is retained for one. runZero supports multiple concurrent users with a variety of roles. Source The source reporting the users can be searched or filtered by name using the syntax source:<name>. Deploy your own scan engines for discovering internal and external attack surfaces. The Your team menu entry has four submenus. 16. Provide a Name for the new rule. Discovery scope. runZero provides a. io), Tenable Nessus, and Tenable Security Center to enrich your asset inventory and gain visibility into vulnerabilities detected in your environment. 3 in site A's network will be treated as completely separate from 10. Scan probes gather data from integrations during scan tasks. From the scan configuration page: Choose US – New York as the Hosted zone (this is a runZero-hosted Explorer in the cloud). By default, Any organization and Any site will be selected. Overall: Excellent overall. runZero can also find gaps in your vulnerability scan coverage by identifying assets that have been discovered by runZero but.