The release of runZero 4.9 shatters this illusion, delivering the high-fidelity security intelligence required to find lateral traversal vectors, harden critical choke points, and secure converged infrastructure before exposures are exploited.
1. Map the Unmappable: Sub-Asset Discovery
Most industrial security tools stop at the protocol gateway. runZero goes further, utilizing safe, protocol-native queries to peer behind gateways (including Modbus, BACnet, KNXnet, and EtherNet/IP) to unmask downstream PLCs and field-level devices sitting on serial or fieldbus networks.
- Granular Field Topology: If a gateway masks 20 downstream PLCs, runZero enumerates the entire downstream infrastructure safely, without requiring endpoint agents or credentials.
- Purpose-Built Safety: Validated by the U.S. Department of Energy’s National Renewable Energy Laboratory, our scan engine uses protocol-specific throttling to safely extract firmware versions, screenshots, and secondary interfaces.
2. Interactive Attack Path Mapping & Scalable Topology
Defenders can now visualize trajectories from initial corporate breach to core physical impact using dynamic 2D and 3D maps that comfortably scale to hundreds of thousands of active nodes.
Trace the Trajectory
Set explicit sources and targets to visualize the precise pivot points and bridging devices an adversary would use to traverse segmented zones.
Multi-Homed Detection
Automatically isolate and flag dual-nic systems, rogue laptops, or unmanaged assets bridging IT and production networks simultaneously.
Spot the Anomalies
Instantly flag out-of-place assets—like a standard corporate Windows machine sitting inside a highly segmented industrial production zone.
3. Deep Protocol Fingerprinting & Asset Classification
This release introduces an expanded library analyzing over 220 distinct protocols, providing comprehensive analysis across “insecure by design” industrial networks such as Siemens S7comm, Modbus, BACnet, and EtherNet/IP.
- Geolocate Assets Instantly: Pinpoint hardware locations using public and egress IP data, adding adjacent environment context to remote facilities.
- Real-World Prioritization: Focus engineering resources on true architectural exposures rather than non-critical vulnerabilities.
- Sleek UI/UX Enhancements: Features a fully overhauled interface optimized for massive environments, complete with native dark and light modes to reduce strain during late-night SOC operations.
Technical Case Study: IT-Origin with OT Blast Radius
The greatest threat to industrial operations is rarely a highly customized exploit; it is a forgotten, multi-homed asset that shatters the segmentation illusion.
- Initial Foothold: An attacker exploits an internet-facing security camera running out-of-the-box port forwarding rules.
- The Pivot: The attacker discovers a technician’s laptop on that same wireless segment. The laptop is physically connected to the factory LAN for maintenance but leaves Wi-Fi and RDP enabled for external internet access.
- Lateral Traversal: Bypassing the core firewall completely through this active bridge, the attacker reaches the production subnet and enumerates a Rockwell Automation controller via EtherNet/IP (CIP).
- Operational Impact: The attacker sends an unauthorized “Stop” command through the gateway, halting a $100M production line.
The runZero Defensive Edge: runZero 4.9 maps this entire trajectory before it happens—flagging the multi-homed laptop as a critical choke point, identifying the active RDP vulnerability, and peering behind the protocol gateway to reveal the downstream field devices at risk.
Unified Truth for Converged Operations
Whether you manage a utility grid, a global manufacturing footprint, or a telecom network, runZero bridges the visibility gap between IT and OT security operations. We don’t just log nodes; we map reachability and clarify risk.
About runZero
runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.
About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.