The scanner now supports a new syn-reset-sessions option that can be used to reduce session usage in middle boxes. After announcing v1. Default is 4096. You can discover your entire inventory including managed and unmanaged devices, on-premises. Common techniques to validate segmentation, such as reviewing firewall rules and spot testing from individual. Deploy runZero anywhere, on any platform, in minutes. runZero provides asset inventory and network visibility for security and IT teams. Overview # Rumble 1. Configurable max group size that limits the number of targets runZero can scan at once, which correlates to the number of connections stateful devices such as firewalls or routers. runZero provides a. Asset discovery is our bread-and-butter at runZero, allowing us to surface network-connected systems and devices to our users. By default, the file has a name matching censys-*. In most cases, you can deploy an Explorer on an existing system that has connectivity to the network you want to discover. The automated action can be an alert or a modification to an asset field after a scan completes. 3: Scan range limit: Maximum number of IP addresses per scan. 1. Professional Community Platform runZero integrates with Microsoft Active Directory (AD) via LDAP to allow you to sync and enrich your asset inventory, as well as gain visibility into domain users and groups. You can search or filter the tasks using different attributes. Tagging has been updated across the. Explorer downloads are then available by selecting Deploy in the left navigator and choosing the Deploy Explorers sub-menu. Deploy your own scan engines for discovering internal and external attack surfaces. Data transparancy is one of the key drivers of Rumble development. Explorer vs scanner; Full-scale deployment. The best free network scanners for security teams in 2023. There are more than 25 alternatives to runZero Network Discovery for a variety of platforms, including Windows, Mac, Linux, Android and BSD apps. runZero's secret sauce is its proprietary unauthenticated scanner powered by high-fidelity fingerprinting. The default account is a trial of the full runZero Platform. Types of networks; runZero 101 training; runZero 201 training; Organizations; Sites; Self-hosting runZero. Overall: Excellent overall. rumble. Check out the release notes below for a complete list of changes since Beta 3 and drop us a line if you have any questions, suggestions, or feedback. Network discovery tools, like runZero, look at other sources, such as SNMP community strings and ARP caches. Avoid scanning across routed networks (wired and WiFi, multiple VLANs, etc) by deploying additional Explorers. runZero can also find gaps in your vulnerability scan coverage by identifying assets that have been discovered by runZero but. runZero provides asset inventory and network visibility for security and IT teams. v1. In addition to a flexible query. Pros: Flexibility of deployment, the scanners can run on any platform or hardware. 0 report from Nexpose. To install the Rumble macOS Agent, copy the download link from the Agents page, download a local copy, and install it using the command line: For a quick rundown on how to use the command-line scanner, take a look at the scanner documentation. All runZero editions integrate with Sumo Logic to enrich asset visibility and help you visualize your asset data. Deploy runZero anywhere, on any platform, in minutes. 5x what they had insight into before, or a 150% increase. runZero Software Reviews, Pros and Cons - 2023 Software Advice Overview Reviews Comparisons Review Highlights Overall Rating 4. runZero supports multiple concurrent users with a variety of roles. SaaS or self-hosted: choose the deployment model that works for you. vendor:oracle. The Asset and Service exports now include the service. In the runZero Console, go to the Alerts page, located under Global Settings. The default is 4096. No agents, credentials, traffic captures, netflows, span ports, or network taps needed. Breakdown Scanner Explorer Summary runZero’s command-line scanner can perform network discovery without access to the internet. 6+). This format is returned when downloading the task data for an Explorer-run scan and correlates to the scan. Step 1: Configure Azure to allow API access through. This training uses the runZero success outcomes to help you understand the top use cases for runZero and how to achieve them. runZero supports multiple operating systems, making it a versatile solution for organizations with diverse IT environments. Reduce the scan speed. Scanner release notes Starting with version 1. runZero treats assets as unique network entities from the perspective of the system running the Explorer. Activate the Azure integration to sync your data with runZero. The runZero Explorer is a lightweight scan engine that can be easily deployed and scheduled to perform network scans, including recurring scans. Protocol detection has also been. The agentless connector also exposes underlying capabilities of runZero to support integrated workflows that link capabilities across multiple solutions. runZero is the first step in security risk management and the best way for organizations. 7. When viewing saved credentials, you can use the keywords in this section to search and filter. runZero is a comprehensive cyber asset attack surface management solution with the. From the scan configuration page: Choose US – New York as the Hosted zone (this is a runZero-hosted Explorer in the cloud). Get runZero for free. To enable. Run the following. The runZero scanner will reliably detect OpenSSL 3. runZero supports SNMPv1, SNMPv2 (the SNMPv2c variant), and SNMPv3. Step 1: Scan your network with runZero. This integration allows you to sync and enrich your asset inventory, as well as ingesting vulnerability data from Falcon Spotlight and software data from Falcon Discover. You can discover your entire inventory including managed and unmanaged devices, on-premises and cloud assets, IT and OT infrastructure, endpoints at work and at home. runZero integrates with Sumo Logic to make your asset inventory available directly in Sumo Logic. By default, the integration will import all Falcon hosts. gz file created by the command-line. Name The Name field can be searched using the syntax name:<text>. 0. runZero is a cyber asset attack surface management solution that is the easiest way to get full asset inventory with actionable intelligence. Today we released version 0. It packages a ton of HD’s pentesting parlor tricks gleaned from his research and pentesting experience into a user-friendly UI and makes use of the open source recognition fingerprinting database to provide fast,. Explorers. action:agent-reconnected Created timestamp The timestamp fields created_at can be searched using the syntax. Discovery scope. What protocols does runZero scan for? runZero supports the following list of protocols: acpp activemq adb airplay ajp amqp arp backupexec bacnet bedrock bitdefender-app brother-scanner cassandra cdp chargen checkmk chromecast ciscosmi citrix click coap consul couchdb crestron dahua-dhip daytime dcerpc dns docker dotnet-remoting drbd drobo-nasd dtls echo elasticsearch epm epmd erldp etcd2. name}} completed at {{scan. OAuth 2. Test drive the runZero Platform for 21 days, with an option to convert to our free Community Edition at the end of your trial — ideal for personal use or environments with less than 100 devices. The self-hosted runZero platform must be updated prior to first use. CLI update with offline mode. 14. Get runZero for free. runZero scales across all types of environments, and works with cloud, EDR, VM, CMDB, and MDM solutions. Adding your AD data to runZero makes it easier to find. 5 2020-05-14 Asset and. There is a default ownership type, called Asset Owner, which automatically pulls owner data from integrations you have configured. When you run a scan with runZero, you’re given most of the options you need right away. The term supports the standard runZero [time comparison syntax] [time]. Updated Ethernet fingerprints. The Cybersecurity and Infrastructure Security Agency (CISA) has announced the release of a scanner for identifying web services impacted by two Apache Log4j remote code execution. A bug that could lead to stored cross-site scripting in the scan templates view was fixed. A. Raw data from the runZero Scanner can be imported into the Rumble Console. The runZero scan engine was designed from scratch to safely scan fragile devices. io or Tenable Nessus and bring your vulnerability scan results into runZero to achieve better visibility of gaps in your scan coverage. Tasks can now be stopped during data gathering and processing phases. Tons of small UI updates. Scan probes run as part of a scan task. 6. The Rumble user interface and API endpoints now support grouped queries using parenthesis in search terms. We want to share the magic of great network discovery with. 0 # Rumble 2. runZero uses dynamically generated binaries for the runZero Scanner and runZero Explorer downloads. organization:runZero organization:"Temporary Project" organization:f1c3ef6d-cb41-4d55-8887-6ed3cfb3d42dOverview # Version 1. Here you can browse the solutions to some common runZero issues and the answers to some frequently asked questions (FAQs). Start your 21 day free trial today. A memory leak in the runZero Explorer and runZero Scanner has been resolved. 8,192. This option is on by default, and will result in Rumble capturing an image of each web service it encounters if the system it is running on has a working Google Chrome or Chromium installation. Choose whether to configure the integration as a scan probe or connector task. Ports The TCP and UDP services associated with a service can be searched by port number using the syntax port:<number>. 3: 15: Scan range limit: Maximum number of IP addresses per scan. Set the severity levels and minimum risk level to ingest. Step 3: Choose how to configure the SentinelOne integration. Configuring the integration as a scan probe is useful if you are running self-hosted runZero Platform and your console cannot access Google Workspace. Ownership coverage can also be tracked as a goal. Get the visibility you need to maintain good operational and cyber security hygiene. 5? # Identify endpoint protection agents via integrations and unauthenticated scans Fingerprint wireless and mobile Internet on Windows without authentication Better fingerprinting for Windows 10 and 11, desktop/server, secondary IPs Discover AWS EC2 assets across all accounts Report unmapped MACs Keep reading to learn more about some of the new 2. Community Platform runZero integrates with Rapid7 InsightVM by importing data from the InsightVM API. That’s why we welcome and embrace voices of all ages, genders, races, sexual orientations, abilities, cultures, and ethnicities. v1. Select appropriate Conditions for the rule. Cons: There are several options for scan frequency but I would like something between daily weekly like every 8 hours or every three days. Configure an alert rule. comment:"contractor laptop" comment:"imaging server" Tags Use the syntax tag:<term> to search tags added to an asset. Scan missing subnets: From the coverage report, you can launch a scan for any missing subnets in a given RFC1918 block – look for the binocular icon. After deploying runZero, just connect to Rapid7 and bring your vulnerability scan results into runZero to achieve better visibility of gaps in your scan coverage. Self-hosted platform improvements # Scan probes gather data from integrations during scan tasks. runZero scales across all types of environments, and works with EDR, VM, CMDB, MDM, and cloud solutions. In this article, we compare and contrast several free tools and provide our take on why we believe runZero is best suited for corporate security teams. The Organization Overview Report is useful for sharing with teams and leaders who may not have access to runZero. runZero performs active discovery scans, without needing credentials, traffic captures, netflows, span ports, or network taps. Select the Site configured in Step 1. Gain essential visibility and insights for every asset connected to your network in minutes. However, there may be times when the traditional deployment model may not work for you. Really great value, puts. Self-hosted The self-hosted version runZero allows you to run the entire platform on-premises or within your own cloud environment. 6+). runZero provides asset inventory and network visibility for security and IT teams. The scanner output file named scan. This helps teams leverage runZero to the fullest while optimizing the team’s workflows with automation. Customers tell us that they can take action on their vulnerability scan results most effectively when paired with comprehensive asset and network context. 0/8, 172. 19041; this can refer to either the workstation OS (Windows 10) or the server OS (Server 2019), and telling those apart is a challenge on its own. Step 2: Import the Nessus files into runZero. ” “If you’re not familiar with [runZero], well, you should be. The build number on recent releases looks something like 10. runZero is a Cyber Asset Management solution that delivers comprehensive asset inventory–quickly, easily, and safely. Types of networks; runZero 101 training; Organizations; Sites; Self-hosting runZero. Finding Confluence servers (yet, again) with runZero. RUNZERO_STORAGE_MODE=s3 ASSET_BUCKET=company-runzero-assets SCAN_BUCKET=company-runzero-scans If a non-AWS backend is used that is compatible with the S3 API, use the same AWS and bucket variables above but override AWS_REGION and set the AWS_ENDPOINT_URL_S3 or. This article will show you how to export your runZero inventory into Sumo Logic for use within the SIEM. html report and search for nodes with the protocol flagged. runZero uses a combination of unauthenticated, active scanning and integrations with cloud, virtualization, and security infrastructure to provide full visibility into IT, OT, cloud, and remote. To understand the numbers, it’s important to remember that runZero doesn’t just rely on IP addresses. This search term supports numerical comparison operators (>, >=, <, <=, =). 7. Step 3: Identify and onboard unmanaged assets. 0 of Rumble Network Discovery is live with a handful of new features. runZero binary verification; Automated MSI deployments; Installing on a Raspberry Pi;. Deploy Explorers: runZero Explorers are the scanners. Surfacing unowned. 993, which includes a number of bug fixes and performance improvements. This can be useful in adding new fingerprint coverage for very unique or custom assets and services, such as device prototypes or proprietary applications/services. You can turn it off or customize it using the SNMP tab when setting up a scan or a scan template. Community Platform runZero integrates with Tenable Vulnerability Management (previously Tenable. In runZero, ownership types help you classify and assign ownership to assets. We’re still the same company, with the same people and mission; we just have a new name and. runZero provides many ways to query your data. If you are looking for more to test out after finishing these tasks, you can jump to the deployment plan to dive deeper. Platform runZero is able to help users track ownership with the ability to configure different types of owners and assign owners to runZero assets and vulnerability records. These assets can serve as an attack vector for unauthorized users to gain access to a system to steal information or launch a cyber attack. runZero’s. You can run the Nessus Professional integration as a scan probe so that the runZero Explorer will pull your vulnerability data into the runZero Console. Concurrent scans: Conduct concurrent scans on the same Explorer (not available on Windows). The organization settings page provides three ways to control how runZero manages your asset and scan data. Deploy the Explorer in. Scan range limit (8,192) Scan rate limit (5,000). Just deploy the runZero Explorer (a lightweight scan engine) to carry out scan operations and upload data to the console. Site: Specify the site the assets discovered as a result of Traffic Sampling will be added to. Choose Import > Nessus scan (. Network configurations and access Multihomed assets with public and private IP addresses: alive:t AND has_public:t AND has_private:t Multihomed assets connected only to private networks. An asset may have multiple IP addresses, MAC addresses, and hostnames and it may move around the network as these attributes are updated. runZero provides asset inventory and network visibility for security and IT teams. Sites. The runZero console includes a diagnostics collection script inspired by the need to troubleshoot a self-hosted environment. Provide a Name for the new rule. runZero is a cyber asset management solution that is the easiest way to get full asset inventory with actionable intelligence. Requirements Configuring the SecurityGate. If you use a SAML2-compatible single sign-on (SSO) implementation, the SSO Settings page can be used to configure an SSO Identity Provider (IdP) and allow permitted users to login to the runZero console. You will jump straight into deploying an Explorer for discovery, running your first scan, and onboarding users. 2019-10-06. The Rumble scan engine is now better than ever at fingerprinting assets running the Windows operating system. Podcast Description: “This week’s sponsor interview is with HD Moore. API use is rate limited, you can make as many calls per day as you have licensed assets. Deploy the Explorer in your environment to enable network. Best for: users looking for a commercial solution to monitor open. Prerequisites Prior to starting this training, we have two recommendations: Superuser access to a runZero account. To follow along with the hands-on portions, you can either: Use your company’s existing runZero implementation as a reference to see what was done, or Set up a personal runZero account to scan your home network Introduction Asset management challenges A few challenges. Requirements A Tines account runZero Export API and Organization API tokens There. From the Export menu, choose the HP iLO CSV format. You can discover your entire inventory including managed and unmanaged devices, on-premises and cloud assets, IT and OT infrastructure, endpoints at work and at home. 0/8, 172. About HD Moore. Alternatively you can specify an output filename with the --output-raw option, as if performing a runZero scan. After deployment, you can manage your Explorers from the Deploy page in your runZero web console. Quicklydeploy runZero anywhere, on any platform, in minutes. Name The Name field can be searched using the syntax. name asset attribute is now updated to show when a runZero scan no longer detects the EDR. Where Partial alignment is noted, runZero can play a complementary role in helping an organization implement safeguards. Automated cloud scanning and reports across 150+ CIS controls for identifying misconfigurations at a resource and account level. 3. Email Use the syntax email:<address> to search for someone by email address. 7. Navigate to Tasks > Scan > Template scan. When viewing the Users inventory, you can use the following keywords to search and filter users. To find gaps in vulnerability scan coverage, start by scanning your entire network with runZero. Used to scan a fairly large network (/8) and the intel it gathers has become vital to my groups ability to not only identify issues proactively, but also respond quicker to events. 1. They leverage various network protocols to discover and. Before you can set up the Azure integration, make sure you have access to the Microsoft Azure portal. runZero provides three primary APIs as well as integration-specific endpoints: The Export API provides read-only access to a specific organizations. Rumble Network Discovery is now runZero! We rolled out support for automatic web service screenshots this morning in both the Rumble Agent and the runZero Scanner (v0. Professional Community Platform runZero integrates with Azure AD to allow you to sync and enrich your asset inventory, as well as gain visibility into Azure AD users and groups. 0/12, and 192. Set the severity levels and minimum risk level to ingest. These report can also be generated using previous scan. In our case, we’re interested in Credentials and how they work. The SentinelOne integration can be configured as either a scan probe or a connector task. The NTLMSSP response is available through any NTLM-enabled service: SMB, RDP, and MSRPC, and sometimes HTTP servers. Protocol support has been added for Brother’s proprietary scanner protocol, allowing us to identify Brother scanners or Brother multi-function devices that include a. Stay on top of changes in your network. runZero is the first step in security risk management and the best way for organizations to understand their exposure through comprehensive asset inventory. Click Continue to scan configuration. Overall: Excellent overall. runZero scans can be performed with the following SNMP configurations: SNMPv1 and SNMPv2. Learn how real users rate this software's ease-of-use, functionality, overall quality and customer support. 8? Identify and triage risky asset, public preview of goal tracking, protocol improvements, new and improved fingerprints, and passwordless logins!. runZero. Security fixes # Three stored cross-site scripting vulnerabilities were identified and fixed as part of our annual third-party security assessment. Scan probes run as part of a scan task. Reduce the Max group size in your scan configuration. The Explorer now uses the “runZero” brand by default (and matching filesystem/registry locations). Angry IP Scanner is an open-source network scanner designed to be fast and simple to use. It scales from home use to Fortune 50 companies. You can use the Mustache syntax for the subject. The new Python SDK supports runZero’s custom integration API functions for ease of automation and use for those familiar with Python. 6 2020-05-14 Corrects inconsistent use of the new service attributes when processing the dynamic MAC address filter. Since you will be running multiple scans to cover all of the RFC 1918 private address ranges, creating a scan template will simplify the scheduling of scans and help ensure a consistent configuration across each scan. 0, MFA via WebAuthn, and access to a limited version of the command-line runZero Scanner. The Simple Network Management Protocol (SNMP) is an open standard network protocol for collecting information about devices on a network. 0/16 ranges. To find gaps in vulnerability scan coverage, start by scanning your entire network with runZero. Active scanning The runZero Explorer and scanner perform unauthenticated active scanning of your specified networks based on the configurations you set. 9 Ratings Breakdown 5 ( 34) 4 ( 3) 3 (. 0/12, and 192. When viewing all tasks, you can use the keywords in this section to search and filter them. Overview # Rumble 1. With this add-on, you’ll be able to pull new or updated hosts into a Splunk index, where you’ll be able to analyze, visualize, and monitor them there. Data about assets which are VMware VMs will be imported into runZero automatically, and merged with the other information runZero finds by scanning. In this case, a rule will run a query after a scan completes and tag any assets that match the search criteria in the site associated with that scan. Some locations, like retail stores or customer sites, may not have staff or hardware available to install the Explorer, making remote. Step 4: Starting an external scan using hosted zones . Step 2: Create an RFC 1918 scan template. 7. We strive to provide a fast, low-impact scan by default, but also try to include as many services and protocols as possible. Rumble is cloud-based, but also includes a command-line scanner that runs on Windows, macOS, and multiple architectures of Linux, including servers, Raspberry Pis. runZero users that have a self-hosted platform or standalone scanner now have the ability to add custom asset and service fingerprints. With scan templates, it is possible to break up larger scans that are run ad hoc into smaller, recurring scans that don’t require the manual effort of having. Fresh on the heels on Beta 3, we are excited to announce support for the Apple macOS platform. In either case, you’re given a. rumble. email:john@example. This is newline-delimited JSON – JSONL – that represents the unprocessed output of the scan engine. 2. How runZero helps Discover assets and services – everywhere. runZero is a cyber asset attack surface management solution. The runZero Explorer enables discovery scanning. This approach typically requires one runZero scanner to be set up per routable network. On the import data page: Choose the site you want to add your assets to, and. UDP service probes can be enabled or disabled individually. rumble. runZero includes a standalone command-line scanner that can be used to perform network discovery without access to the internet. Start your 21 day free trial today. Want a free trial that’s fully functional for up to 100,000 assets, no holds barred? We got you. There are a number of possible causes of apparent duplicate assets in your runZero inventory. Dynamic binaries make it easy to deploy Explorers that connect back to the right organization, but present a challenge for. A video demo is available to show the final outcome of these instructions. Start trial Contact sales. We are ridiculously excited to announce the beta program for Rumble Network Discovery, a platform designed to make network asset discovery quick and painless. Creating a scan template. Add the Microsoft 365 Defender credential in runZero. Their free version might be enough for your needsLansweeper is OG, RunZero seems to be like newer more modern product, but competing in same space. runZero Enterprise customers can now sync assets from Microsoft Intune. 0 is now live with alert and asset automation via the Rules Engine, ridiculously fast scans with subnet discovery, cross-organization management via the Account API, support for ServiceNow CMDB integration, an automated query dashboard, self-hosting support, and much more! Read on for the. The differences between the Explorer and scanner are highlighted below. OAuth 2. This add-on uses the Splunk API from the runZero Network. Just don't crash any OT devices! Play OT Minesweeper! Promotion ends: August 11th 2023 at 11:59 pm CST. runZero treats assets as unique network entities from the perspective of the system running the Explorer. Completion of the runZero 101 training is also recommended so that you understand the context behind all of the administrative. Step 3: Query your asset inventory to find endpoints missing CrowdStrike agents. Go to the Inventory page in runZero. This option is on by default, and will result in Rumble capturing an image of each web service it encounters if the system it is running on has a working Google. Fingerprint updates. 0. November 9, 2023. runZero-hosted Explorers: Scan all your external assets with a runZero-managed Explorer. Go to Alerts > Rules and select Create Rule. Most scanning. This means the task will list the values used for the scan, even if the template is modified after the scan completes. v1. runZero’s SSO implementation is designed to work with common SAML providers with minimal configuration, but there are a few requirements:. The runZero Scanner # The command-line runZero Scanner now generates the Network Bridges and Switch Topology reports. address, service. Lastly, you will query asset data to find assets that are not being vulnerability scanned. Credit: Getty Images. You can discover your entire inventory including managed and unmanaged devices, on-premises and cloud assets, IT and OT infrastructure, endpoints at work and at home. Version 1. io), Tenable Nessus, and Tenable Security Center to enrich your asset inventory and gain visibility into vulnerabilities detected in your environment. In your runZero Console, go to your inventory. 2. Connector tasks run independently from either the cloud or one of your Explorers, only performing the integration sync. Updated Ethernet fingerprints. After deploying runZero, just connect to Tenable. With runZero goals, users are able to create and monitor progress toward achieving security initiatives. Step 1: Adding a custom schema Go to Configure > Schemas and select Create New. Source The source reporting the users can be searched or filtered by name using the syntax source:<name>. 0. The current fingerprints handle protocols that expose TLS directly. These fields can be used to set the scan scope for scans of the site. IP Scanner is described as 'for Macintosh scans your local area network to determine the identity of all machines and internet devices on the LAN. runZero provides asset inventory and network visibility for security and IT teams. runZero provides asset inventory and network visibility for security and IT teams. We were able to update the scan engine quick and this feature is now included as of release 1. Step 2: Configure the runZero Service Graph Connector in ServiceNow. Scan Grace Periods # Starting with the 1. The following illustrates how runZero aligns with the CIS Critical Security Controls v8. 8. 0 of Rumble Network Discovery is live! This release includes support for Single Sign On (SSO), improved scan management, updates to the Export API, additional Inventory search terms, improvements to the Network Bridges report, enhancements to the scan engine, and a multitude of small bug fixes and performance. From the Registered Explorers page, select the Explorer you wish to configure to perform traffic sampling. Version 1. runZero Scanner # The scanner now reports the estimated time remaining, writes out a CSV file as a default artifact, and includes all the same fingerprint improvements and bug fixes as the agent. Step 2: Configure traffic sampling on Explorer (s) The Explorer details page is also where users can configure traffic sampling. 0 work, including major updates to the command-line runZero Scanner and support for asset syncing in Splunk. The most common cause of duplicate assets in the runZero inventory is scanning the same devices from multiple sites. The MAC fingerprint database has been updated using the latest data from the mac-ages project. Beyond a lack of detail, vulnerability scanners sometimes simply get it wrong. The proprietary, unauthenticated scanner safely elicits information as a security researcher would, extracting asset details and accurately fingerprinting operating systems, services, and hardware. Type OT Full Scan Template into the search box and select the radio button for the template. Installation To install the runZero Explorer, log in to the runZero Console and switch to the Organization that should be associated with the Explorer. The first, Users, shows all users in the current client account. When the scan runs, the Explorer will use the credentials to authenticate with any VMware ESXi or vCenter hosts it finds that the credentials are configured to trust. This version increases the default port coverage from 100. In smaller environments, a single Explorer is usually sufficient. Step 3: Activate the Google Cloud Platform integration. The data across your runZero account can be queried and filtered using the search syntax in conjunction with the available component keywords. source:runzero Vendor The vendor associated with a software can be searched by name using the syntax vendor:<name>. Step 2. runZero supports multiple concurrent users with a variety of roles. Creating an account; Installing an Explorer. Scan templates can be created in a few ways in runZero: By going to Tasks > Task library Prerequisites Prior to starting this training, we have two recommendations: Superuser access to a runZero account. To use a hosted scanner, set your Explorer to None and select a hosted zone during the scan. This will give failed connections more time to expire before new ones are attempted.