Cisco recently disclosed several highly critical vulnerabilities that affect some of their Ethernet switches designed for small businesses. With a CVSSv3 score of 9.8, these vulnerabilities (assigned CVE-2023-20024, CVE-2023-20156, and CVE-2023-20157) are due to various faults in the handling of input to the web-based management interface of these switches. Successfully exploiting one of these vulnerabilities would allow an attacker to create a denial-of-service condition or execute arbitrary code with root privileges.

Along with this disclosure, Cisco announced updated software to address these issues. However, several of the affected models are past their End-of-Life (EOL) dates and no software updates have been released for them. Users are advised to update the software on affected systems as soon as possible and if updates for their devices are available. 

Finding affected devices using runZero

You can locate Cisco switches in your organization by visiting the Asset Inventory and using the following pre-built query:

hw:"Cisco" and type:"switch"

You can also limit your search to only the affected product families, using the following pre-built query:

hw:"Cisco" and type:"switch" and (snmp.modelNames:"CBS" or snmp.modelNames:"SF2" or snmp.modelNames:"SG2" or snmp.modelNames:"SF3" or snmp.modelNames:"SG3" or snmp.modelNames:"SF5" or snmp.modelNames:"SG5")

As always, any prebuilt queries we create are available from our Queries Library. Check out the library for other useful inventory queries.

It might sound funny, but these were a few talking points that came up last week during runZero’s two hosted fireside chats, where CEO and Co-Founder Chris Kirsch sat down with Lares CEO Chris Nickerson on Tuesday and then Fortinet Systems Engineer Roger Rustad on Wednesday.

If you’ve had the pleasure of hearing Chris Nickerson tell his pentesting “war stories,” you might already know some of the references here. But for first-time listeners, these narratives cover the potential dangers of a red team member’s (mis)adventures, and the role of asset inventory from an attacker’s perspective. As for natural disasters and time machines, our talk with Roger elaborated on his work with the Information Technology Disaster Resource Center (ITDRC), as well as his view on how runZero’s solution has been helpful to the incident response and forensics teams at Fortinet.

Chris Nickerson Recap

The first fireside chat began over margaritas as Chris Nickerson (CN) joined Chris Kirsch (CK) on stage at our pop-up venue, the runZero Cafe, on Tuesday, April 25. Their chat covered:

• Why the recon phase is an important stage in pentesting
• The human element (and fallibility) of IT and security
• What tools Chris Nickerson uses in his pentesting

And sprinkled humorously throughout the dialogue were moments from Nickerson’s past exploits, including welding people to cars with killer robots.

Specifically, CN talked about how recon (for attackers) and asset inventory (for defenders) are two sides of the same coin. In answer to why the recon phase is important, he noted,

Video transcription

In answer to what tools he’s using:

Video transcription

When it comes to testing more fragile environments, CN delved into the problem of legacy technologies lacking resiliency, and the importance of not only understanding the environment as a pentester, but also ensuring companies know what’s on their networks, including “what’s old and going to misbehave.”

As an example of misbehaving machines, here’s CN’s killer robot story:

Video transcription

While many companies understand how critical asset inventory is, they still face challenges when trying to implement it; they often lack the knowledge and resources to do it effectively. However, CN points out that if you have the proper tools, you can avoid making tragic mistakes:

Video transcription

Yes, getting those parameters is important, and luckily, runZero can give you that right out of the box.

As a final note on the importance of asset management, CN told us:

Video transcription

So happy hunting to you, Chris! And many thanks for your entertaining insights on asset inventory from an attacker’s perspective.

Roger Rustad Recap

During Roger and Chris’s fireside chat, we heard about Roger’s journey in finding an asset management solution both for Fortinet and the volunteer group the Information Technology Disaster Resource Center (ITDRC).

Video transcription

Roger elaborated that other methods and solutions involved waiting for results, and interpreting the data – even though there was often consensus on his team, sometimes the interpretations got lost in translation when presented to other teams.

As Roger and his team looked to find different approaches to the problem, they looked at attack surface management solutions. Unfortunately, many of these tools require agents or APIs, and because Fortinet is more of a hacker culture internally, they preferred command line tools. They wanted to start there and wanted something that started there, too. He noted that runZero’s agentless solution made it very easy for his team to get a quick 30,000 ft view and then trim it appropriately.

As for first steps on how they began their runZero journey, Roger stated,

Video transcription

Once they had runZero up and running, Roger provided some insight into how the solution has been helpful in specific use cases:

Video transcription

We’re so glad we could help you at Fortinet, Roger, but we’re also happy to help with your work at ITDRC. This volunteer group is a nonprofit that builds IT solutions in areas affected by disasters, with no cost to the communities using these solutions. Roger explained that a lot of the work involves setting up simple connectivity, including setting up satellites and access points so first responders, shelters, kitchens, and churches can have access to their networks.

How does runZero help the ITDRC?

Video transcription

And for how the ITDRC plans to use runZero in the future:

Video transcription

With all of the work that Roger does, we’re so happy that we can take off some of the strain in both his day-to-day job and volunteering. Thank you, Roger, for chatting with us during RSA!

RSA Venue Recap

In summary, the runZero team had a great time at our venue during the RSA conference, and we were grateful we could host these informative discussions with Roger Rustad and Chris Nickerson. We were also glad we could welcome many other cybersecurity professionals throughout the week to join us for drinks, tacos, digital caricatures, and faraday bag giveaways.

If we were lucky enough to see you at the venue, thank you for stopping by! We hope you had a wonderful time. And if we missed you during RSA week, we’d love to catch you at Black Hat in August. Feel free to shoot us a message if you’d like to coordinate a meeting at our Mandalay Bay suite!

Either way, if you are interested in learning more about how runZero can help your company with cyber asset management, please let us know by reaching out via our contact us form.

Build your asset inventory in minutes

Sign up for a free account to get started.

Try runZero now

What’s new with runZero 3.8?

• Identify and triage risky assets
• Public preview of goal tracking
• Protocol improvements
• New and improved fingerprints
• Passwordless logins
  
  

Identify and triage risky assets

runZero customers can now identify risky assets across their environment and assign them to users for triage and remediation. Asset risk and criticality are presented as new fields in the inventory that can be used for both queries and alerts. The asset risk field is automatically set to the highest risk level of associated vulnerabilities; this data can be sourced from third-party vulnerability management imports as well as runZero queries. Asset risk can be overridden individually in the asset detail page or by applying a new risk level to assets matching a query. In addition to the changes above, a new Asset risk report is now available, which summarizes asset risk across each level of criticality.

The 3.8.0 release includes 34 new queries that automatically apply vulnerability records to matching assets. These queries are shown in the screenshot below and the full list can be found at the end of this post.

Although the new runZero queries are focused on unintended exposure, any query can be used to associate vulnerabilities to the corresponding asset, which also updates the asset risk level, and ties into the Security Ownership model for triage.

These queries can run against the assets, services, software, and vulnerability inventories. If you are importing software inventory through an integration, you can now create a query that automatically associates a vulnerability with assets with specific software installed.

As an example, if you would like to identify and remove all instances of Photoshop in your environment, create a new software query for name:photoshop, enable the new vulnerability association setting, and provide a unique vulnerability ID for the query. On the next update, a new vulnerability will be associated with every matching asset, and these vulnerabilities can be assigned through the console.

Queries can also be used to prioritize existing vulnerabilities. To add a critical finding when a low-risk vulnerability is reported on an asset with a public IP address, create a new vulnerability inventory query using the public:true asset filter, add additional conditions for the specific vulnerabilities that you would like to match, provide a unique vulnerability ID, and finally set the risk to Critical. On the next update, any assets with the specified vulnerabilities will have an additional critical risk finding attached if they also have a public IP address.

Users can find a list of assigned assets in the asset and vulnerability inventory pages by clicking their owner name in the inventory table or by viewing their user detail page under Your Team > Users.

Once a vulnerability has been remediated, the next update will remove the vulnerability from the asset and update the risk of the associated asset. Risky asset triage and query-based vulnerability associations are available to all runZero Professional and runZero Enterprise users.

Public preview of goal tracking

Measuring progress toward your security and organizational goals can be challenging and difficult to communicate to leadership. With the introduction of goals, runZero customers can set time-bound and query-driven goals that are customizable to what matters most to your team. Goals can be used with new features like asset risk as well as existing features like asset ownership. If you can query for it in runZero, it can now be a goal!

Some examples of goals could include:

• Managing expiring TLS certificates
• Remediating critical risk vulnerabilities on assets within a set timeframe
• Keeping insecure management services off external networks

This feature is in a public preview and we would love your feedback via email or through the in-product support form.

Protocol improvements

The default TCP port list has grown to almost 600 ports (from ~500) for better coverage. Protocol support has been added for Brother’s proprietary scanner protocol, allowing us to identify Brother scanners or Brother multi-function devices that include a scanner. SNMP enumeration is more configurable through the disable-bulk-walk and max-repetitions settings in the advanced scan configuration. Protocol detection has also been improved for TNS Listener and Android Debug Bridge services.

New and improved fingerprints

New fingerprints were added for products by Advantech, Amazon, Apache, ASUSTeK, AV Costar, Avaya, AVM, Bosch, Canon, Canonical, Cisco, Citrix, Codonics, Cognosys, CostarHD, Cradlepoint, Cubic Transportation Systems, DataDirect Networks, Dahua, Daktronics, Datamax, Debian, Dell, DigitalOcean, Eaton, Econolite, EnGenius, Entrust, EVGA, ExaGrid, F5, Fortinet, Getinge, Glenayre, Grandstream, HP, HPE, Huawei, iCAD, Kali, LAVA, March Networks, Microsoft, Moen, MSI, MultiTech, Multitone, Netgear, Oce, Okidata, OpenLogic, The Ottawa Hospital Cancer Center, Palo Alto Networks, Panasonic, PaperCut, Proxim, Prusa, Qualys, Red Hat, RICOH, The Royal Marsden NHS Foundation Trust, Saulmatics, Schneider Electric, Somfy, Sonos, SUSE, Ubiquiti, VMware, and ZTE.

Other research improvements

We published a Rapid Response post and new query for finding servers running the PaperCut MF and ND software.

In addition to the above protocol and fingerprinting improvements, we improved our normalization of x509 certificate issuer and subject values, allowing us to more consistently apply fingerprints regardless of ordering/formatting variants found in the field or due to tech stacks.

Passwordless logins

We don’t want your password.

From the beginning, runZero has supported single sign (SSO) for all users, including the free Starter Edition. From this version (3.8.0) of runZero onward we now support using a one-time authentication link in addition to any configured MFA token.

This feature is no less secure than an email-based password reset and prevents runZero from storing even the hashed and encrypted passwords on our servers. If you are unable to set up SSO, using passwordless logins with a WebAuthn token is the next best thing.

See runZero 3.8 in action

Watch the video to see a demonstration of the newest features in runZero, including asset risk and criticality, goal tracking, and applying vulnerabilities from queries.

Release notes

The runZero 3.8 release includes a rollup of all the 3.7.x updates, which includes all of the following features, improvements, and updates.

New features

• Risk and criticality levels can now be assigned to assets through third-party integrations, the asset inventory, and custom rules.
• runZero Preview Program: Goal tracking helps users with Professional and Enterprise licenses track progress toward completing their security initiatives. Use built-in goals for asset ownership coverage or system queries, or create goals with custom queries to fit your needs.
• runZero system and custom queries can now be used to create vulnerability records.
• Passwordless authentication is now available, allowing users to request one-time authentication links via email rather than storing a password. This provides a secure authentication alternative when SSO cannot be configured.
• Added support for Azure and Intune GCC, GCC High, and DoD environments.
• Improved compatibility with WireGuard and Tailscale on macOS and *BSD.
• Added support for searching software attributes.
• Alert channels now support more than one email address.
• Asset limit warnings have been updated to be more clear about whether or not scans will be affected.
• A bug preventing explorer reassigned to a previous organization and picking up assigned tasks has been resolved.
• A bug causing software search links to navigate to a 404 page has been resolved.
• A bug causing task-failed events to ignore the site restriction has been resolved.
• A bug causing the hostname override tag to not update the hostname displayed has been resolved.
• A bug that prevented clearing Insights from the dashboard has been resolved.
• A bug where the copy scan button was cut off in the recurring tasks tab has been resolved.

New vulnerability queries

• Application: Apache HTTP Server versions vulnerable to CVE-2021-41773 or CVE-2021-42013
• Application: HPE iLO 4 authentication bypass
• Application: HPE iLO 5 firmware versions known to be vulnerable
• Application: OMI WSMAN versions vulnerable to OMIGOD
• Application: OpenSSH servers vulnerable to CVE-2023-25136
• Application: SolarWinds Serv-U MFT
• Application: VMware ESXi vulnerable to CVE-2021-21974 (OpenSLP)
• Hardware: Accellion legacy file transfer appliances
• Hardware: Cisco VPN routers vulnerable to CVE-2022-20825
• Policy: Android debug bridge
• Policy: Cassandra (unauthenticated)
• Policy: CouchDB (unauthenticated)
• Policy: Distributed Ruby service
• Policy: Elastic Search (unauthenticated)
• Policy: HTTP directory index
• Policy: InfluxDB (unauthenticated)
• Policy: IPMI cipher type zero authentication bypass
• Policy: Java RMI service
• Policy: Memcached (unauthenticated)
• Policy: MongoDB (limited)
• Policy: MongoDB (unauthenticated)
• Policy: Neo4J (unauthenticated)
• Policy: NFS world-readable exports
• Policy: Redis (unauthenticated)
• Policy: Remote desktop service on internet-facing host
• Policy: Riak (unauthenticated)
• Policy: SMB signing not required
• Policy: SMB v1 enabled
• Policy: SNMP default communities
• Policy: SSH password authentication on internet-facing host
• Policy: SSLv2 / SSLv3 services
• Policy: Windows management service on internet-facing host
• Policy: Zabbix agent without ACL
• Policy: Zookeeper (unauthenticated)

Product improvements

• Improved error message when attempting to delete a scan template twice
• Grace period for tasks can now be configured from the task template page.
• Improved asset correlation for multi-source assets.
• Public API endpoints to view hosted zones have been added.
• The API endpoints for managing scan tasks now accept an argument to select a hosted zone.
• Validation for stored queries has been improved to prevent saving queries with warnings or errors.
• Excerpts of task log messages are now available on the task details page for tasks that are in error status.
• The display of datagrid warning and error messages has been improved.
• Improved asset processing when FortiGuard endpoints with “Policy Override Authentication” enabled are present.
• Self-hosted installs now support an option to disable TLS validation between Explorers and the console application
• The max-repetitions and disable-bulk parameters have been added to SNMP probes.
• Task failures are now reported in the Task details pane.
• All queries, including runZero-provided system queries, can now be copied.
• The configuration for runZero-provided system queries can be modified.

Integration improvements

• Credential verification is now allowed only after all required fields have been completed.
• Third-party vulnerability integrations now support a more granular risk filter.
• Third-party integrations now support more granular vulnerability filters.
• Crowdstrike will now use Connection IP and Connection MAC for asset matching.

Bug fixes

• A bug that could result in a panic while performing a scan has been resolved.
• A bug that could prevent the API from creating valid scan tasks has been resolved.
• A bug that negatively impacted fingerprinting via TLS certificates has been resolved.
• A bug preventing TLS negotiation in some cases has been resolved.
• A bug that was triggered when submitting Azure credentials for verification with a subscription ID has been resolved.
• A bug that could cause deadlocks in the TCP LDAP probe and Active Directory integration has been resolved.
• A bug that caused an infinite redirect when clicking on site breadcrumbs has been resolved.
• A bug causing recurring tasks to be incorrectly sorted by start time on the tasks page has been resolved.
• A bug allowing “Verify & save” on the credentials update page to error has been resolved.
• A bug where Dell laptops were identified as desktops or servers has been resolved.
• A bug preventing TLS negotiation in some cases has been resolved.
• A bug that caused imported queries to be parsed improperly has been resolved.
• A bug with the default webhook Slack alert template has been resolved.
• A recent update in Explorer and Scanner behavior which could inadvertently trigger CrowdStrike EDR detection has been disabled
• A bug regarding Intune rate limiting and intermittent failures has been resolved.
• A bug where certain tasks could not be edited has been resolved.
• A bug regarding erroneously returned results from unscanned runZero assets when searching the asset inventory has been resolved.
• A bug marking assets “unscanned” has been resolved.
• A bug that resulted in a 500 error when running the asset attribute report has been resolved
• A bug that could prevent custom integration results from merging into existing assets has been resolved.
• A bug that could cause the save button on the credential edit form to be disabled has been resolved.
• A bug where clicking links on the Query page of a self-hosted instance may return a 500 has been resolved.
• A bug where clicking links in the Tasks column of the Credentials page would result in an error has been resolved.
• A bug where paginated results could display Viewing 0 – N for the first page has been resolved to now display Viewing 1 – N.
• A bug that could result in duplicate offline assets has been resolved.
• A bug that prevented CSV exports of assets when using free text search has been resolved.
• A bug where the number of hops could be incorrectly set to zero when ARP is present as a service has been resolved.
• A bug that prevented searching assets using the task search key has been resolved.

Want to take runZero for a spin?

Sign up today to test out these capabilities free for 21 days.

Get runZero now

Think of the technological ecosystem an organization relies on to operate efficiently and effectively: desktop workstations, mobile devices, IT/IoT/OT devices, virtual systems, web apps, data, cloud infrastructure–just to name a few. Keeping track of every single one of these devices feels impossible.

As the number and types of assets continue to grow exponentially, organizations need help staying on top of these devices. Left unmanaged, these devices can act as potential footholds for malicious actors. Security teams need to be able to discover and identify unmanaged assets if they ever want to secure or protect them. How could they effectively secure and protect their organization if there are assets they don’t know about–what they do, where they are, or what their status is?

Cybersecurity frameworks and regulations start with a comprehensive asset inventory

Asset inventory is the foundation of a strong cybersecurity posture. It is often considered the first step in identifying potential risks to your organization’s security. This is why it is a key recommendation in many cybersecurity frameworks, including the NIST Cybersecurity Framework (CSF) and CIS Controls. By maintaining an up-to-date inventory of all hardware, software, users, and digital assets across your organization, you can better understand your attack surface and take proactive measures to protect against potential threats.

Let’s take a look at some of the major frameworks and regulations that require an asset inventory.

CIS Controls

The Center for Internet Security (CIS) provides a list of recognized standards for defending your systems and data against modern cyber threats. Cybersecurity professionals and subject matter experts use a consensus-based process to establish these controls. Organizations such as ISC2 and the SANS Institute contribute to the process.

You can consider the CIS Controls an essential safety check that ensures you have your house in order by following security best practices. It speaks volumes that the first control on the list, seen as foundational for good cyber hygiene, is “Inventory and Control of Enterprise Assets.” The rationale is that you need an up-to-date inventory to know what to monitor and protect within the enterprise. An asset inventory also helps you identify unauthorized and unmanaged assets to remove or remediate.

NIST CSF

The NIST Cybersecurity Framework (NIST CSF) is a set of cybersecurity guidelines developed by a non-regulatory agency of the United States government. The NIST CSF is about guidance and best practices with a framework centered around five core functions: Identify, Protect, Detect, Respond, and Recover.

It’s in the Identify function of this framework that asset inventories get flagged as vital for modern cybersecurity programs. According to the framework, the Identify function is all about “risk to systems, people, assets, data, and capabilities.” A big part of this is knowing what assets you actually have.

SOC2

SOC2 is a voluntary compliance standard, but it’s often required to land vendor contracts, particularly with SaaS and B2B companies. Compliance with SOC2 shows clients and partners that your company maintains the highest standards of information security. Meeting SOC2 requirements can make all the difference in whether you succeed in various industries and types of services.

Effective IT asset management is pivotal for obtaining SOC2 certification. In particular, the certification looks for your ability to safeguard assets against unauthorized access and reliably assign owners and users to assets.

HIPAA

Compliance with the Health Insurance Portability and Accountability Act (HIPAA) is essential in the healthcare industry. High standards of security must protect sensitive patient healthcare information. Violations of HIPAA are costly from a financial standpoint, and the penalty involved depends on the level of negligence.

Healthcare providers and business associates need IT asset inventories in order to track the location of electronic health information (ePHI). This reliable, up-to-date asset inventory helps comply with the regulation’s Security Rule.

PCI DSS

The Payment Card Industry Data Security Standard (PCI DSS) is a mandatory regulation aimed at protecting cardholder data. Companies that store, process, or transmit cardholder data must comply with PCI DSS. In requirement 2.4 of PCI DSS, the regulation requires companies to maintain an inventory of physical devices, software, user accounts, and more.

The elusive single-source-of-truth for assets

An asset inventory is like the blueprint of a house–without it, there isn’t a clear understanding of what needs protecting. But just like how blueprints can change over time with additions and renovations, an inventory can also become outdated as assets get added or removed from the network.

Networks change constantly, with users logging into enterprise platforms from personal devices or rapidly spinning up new cloud infrastructure that often gets forgotten about. Unsanctioned shadow applications get stood up or accessed by different departments. Add remote work and the continued proliferation of IoT devices to the mix, and you have a more complex IT ecosystem that’s harder to track than ever.

A couple of statistics that drive home the challenges include:

• Shadow IT cloud usage is estimated to be 10x the size of known cloud usage.
• One survey found just 28 percent of companies thought their asset inventories were more than 75 percent complete.

Why do asset inventories pose such a challenge for so many organizations? Part of the challenge is that many companies use outdated processes, like spreadsheets, for tracking and managing their cyber assets. As a result, gaps in visibility emerge regularly in today’s dynamic IT ecosystems and risky security scenarios are commonplace. For these reasons, it’s crucial to have a system in place that allows for continuous discovery and monitoring of assets.

The risks of not having an accurate asset inventory

If you’re not proactively maintaining and analyzing your asset inventory, you’re putting your organization at risk. An up-to-date and comprehensive asset inventory is essential for you to make informed business decisions and ensure operational efficiency. Let’s take a look at some of the common issues you’ll encounter when your asset inventory is lacking.

Issue 1: Misalignment between IT and security teams

IT and security teams end up counting different numbers of assets, depending on how they track and update their inventories. This makes it hard to discern the truth of what your IT ecosystem looks like and reduce risks.

Issue 2: Weak security controls coverage

Given the lack of a single source of truth, gaps are more likely to arise in security control coverage. Different teams take responsibility for various areas of security. If these teams lack alignment you’ll end up with a lack of visibility into security controls coverage, leaving you unaware of:

• Endpoints not covered by an endpoint detection and response solution (EDR), such as CrowdStrike.
• Missing hosts from the SIEM tools used by security operations teams to correlate events and proactively respond to more advanced threats.

Issue 3: Failure to manage risky assets

An asset inventory is crucial for identifying and responding to security risks. Not all assets pose the same level of risk, and a comprehensive inventory helps to identify those that do. For example, an isolated device with encrypted traffic may be less risky than an internet-facing asset with insecure configurations. By keeping track of all assets, organizations can respond quickly to zero-day vulnerabilities that require immediate attention. For example, the Log4 vulnerability affected up to 3 billion devices, highlighting the importance of maintaining an up-to-date inventory for efficient vulnerability response.

Issue 4: Lack of asset ownership

Asset ownership is a critical component of asset inventory, as it defines who is responsible for managing and securing each asset. The Equifax breach serves as a prime example of the consequences of not having proper asset ownership in place–without clear ownership over a legacy internet-facing system, no one took responsibility for ensuring that it was scanned and patched regularly. To avoid similar incidents, organizations must prioritize establishing clear lines of asset ownership and incorporating them into their overall security program.

Build the foundation for your security program

Given the modern threat landscape and the fluid nature of IT environments, organizations must regard an accurate and up-to-date asset inventory as a basic tenet of an effective security program. Given the challenges and risks involved, it’s time to move on from manual processes that provide point-in-time static snapshots that often don’t resemble the true state of your network.

Take the first step towards improving your security posture by moving to cyber asset management solutions that can keep pace with the assets connected to your network. A truly effective cyber asset management solution offers advanced fingerprinting techniques and leverages asset data from multiple sources to provide a comprehensive view of your asset inventory–from IT to OT devices, on-premise to cloud to remote environments.

How runZero can help

runZero can help you to gain visibility into all the assets connected to your network, so you can proactively defend against cyber threats. First, you can identify all the assets connected to your network, including those that may have been forgotten or overlooked. Second, you can track changes made to these assets over time. Third, you can assess the risk associated with each asset and prioritize remediation efforts accordingly. As a result, you can improve your organization’s overall security posture by having a complete understanding of your asset inventory.

Ready to take the next step? runZero is the fastest and easiest way to get to full asset inventory across IT, OT, on-premise, cloud, and remote environments.

runZero partners with Abira Security, a full service cybersecurity advisor 
and managed services provider.

runZero is excited to announce our partnership with Abira Security, a market-leading provider of comprehensive cybersecurity solutions. As part of this partnership, Abira will be offering runZero as a solution to solve the challenges of cyber asset management. runZero’s asset inventory and discovery capabilities are the key to delivering a complete security package.

At runZero, we believe network visibility and asset inventory is a foundational part of maintaining a strong security posture. Abira offers a complete portfolio of cybersecurity solutions, paired with exceptional strategy expertise and real-world experience. Partnering with Abira Security allows runZero to expand and reach more organizations that are searching for a complete security strategy that includes deep network visibility and comprehensive asset inventory.

Eric Goldstein, Director of Channel at runZero, says, “We’re thrilled to be partnering with Abira Security to deliver cyber asset management to our joint customers. A comprehensive asset inventory is essential for any security program and is often the very first step in a security assessment. Together with runZero, Abira will help customers achieve their security goals and maximize their security tech stack value.”

“Abira is a pure play cybersecurity services firm and a true VAR. Our quality, flexibility, and cost structure is hard to beat,” says Ray Harrison, Sales Director at Abira Security.

Organizations today face ever-increasing cyber threats that can compromise their sensitive data and operations. The first step in securing any network is developing a complete asset inventory that accounts for all devices: managed or unmanaged; IT, OT, or IoT; cloud, on-prem, or remote. Combining runZero’s asset inventory capabilities and Abira’s cybersecurity expertise, customers have the benefit of an end-to-end solution that helps them identify, secure, and manage all of their assets, no matter where they exist, safely and effectively.

For more information, visit https://abirasecurity.com/.