🎙️ Just dropped! Our own @hdm joins the amazingly entertaining and talented crew on Paul's Security Weekly to discuss finding all the things and why vulnerability management is dead as we know it.

Tune in for hot takes on why we need better ways to find and manage risky things, spicy opinions on AI in security, fun methods for fingerprinting devices, external scanning strategies, and way more.

Plus, hear how the PSW crew uses runZero's free Community Edition to track down random devices everywhere, and how you can now use runZero to discover devices using default credentials (eek!).

Shout out to @paulasadoorian, Mandy Logan, @haxorthematrix, @joshuamarpet, Lee Neely, @sambowne and Bill Swearingen for an awesome episode!

📺 Watch the full show (#880) here or stream it on your favorite service:
https://www.runzero.com/resources/is-vuln-management-dead-psw-880/

👉 Get the much discussed Community Edition here: https://www.runzero.com/platform/community-edition/

💡 Learn more about our new Nuclei integration and finding default creds here: https://www.runzero.com/blog/integrating-nuclei/

🎙️ What happens when you mix CVEs with LLMs, MCP, and a little ingenuity?

Find out today at 1 PM ET/10 AM PT as Jerry Gamblin (Principal Engineer, Cisco TDR) joins @todb and @rk on runZero Hour.

On tap today:
🧠 Jerry’s new MCP server and how it helps you understand vulnerabilities faster
🔍 Trends and changes in the vulnerability landscape
🚨 June’s Rapid Response roundup
🛠 What’s new in the runZero Platform

📺 Tune in for some awesome tech TV:
https://www.youtube.com/watch?v=CjKNPi1FZNA

📌 Subscribe to the series: https://www.runzero.com/research/runzero-hour/

🎙 LLMs, MCP, & the Future of Vulnerability Intelligence: Jerry Gamblin, Principal Engineer at Cisco Threat Detection & Response, joins runZero Hour for a deep dive into today’s vulnerability landscape — from CVE trends and statistics to the launch of his new MCP (Model Context Protocol) server, which uses LLMs to summarize CVEs with more context and clarity.

Tune in as Jerry, @todb and @rk unpack:

👉 What’s changing in the CVE ecosystem and what that means for defenders
👉 How Jerry’s MCP server can help you understand vulnerabilities faster
👉 Key takeaways from our Rapid Response roundup, including our take on what should be at the top of your hot list

This Wednesday, June 18 at 1pm ET / 10am PT. Don't miss it!

📺 Register now: https://www.runzero.com/research/runzero-hour/

Exciting news for open source + vuln nerds alike: runZero now speaks Nuclei!

We 🩵 open source and are beyond excited to announce that we have added initial support for ProjectDiscovery’s open source Nuclei scanner — kicking off with safe, targeted checks for default and weak web credentials across IT, OT, IoT, and cloud environments.

Check out today's post from @todb to see how we:

✅ Curated ~180 safe, non-disruptive templates
✅ Only run checks when services are positively fingerprinted
✅ Keep scans fast, polite, and precise — even in fragile ICS environments

This is just the beginning. More protocols, smarter checks, and community collaboration ahead!

👉 Check it out: https://www.runzero.com/blog/integrating-nuclei/

🎙️ Just dropped: From Vulnerability to Visibility

In this new podcast, @todb shares how runZero takes an attacker’s-eye view of your IT, OT & IoT environments — treating them like a black box to uncover hidden risks.

🎧 Full episode here: https://www.runzero.com/resources/from-vulnerability-to-visibility/

Recorded live at #Infosec2025 with @ITSPmagazine

🏆 Big news: runZero is a 2025 Rising in Cyber winner! It's an honor to be acknowledged by CISOs who are in the trenches every day and know that we are having a meaningful impact for defenders. Thank you @notablecap and NYSE for this awesome recognition.

https://www.runzero.com/newsroom/rising-in-cyber-2025/

runZero is headed to InfoSec Europe! London will never be the same. Join us for:

☕ Free coffee
🧊 Cool Yeti gear
🔍 Instant visibility into IT, OT, IoT, mobile, & cloud
🌐 Total attack surface management
🛠️ No agents. No authentication. No gaps.

Come see us in Stand D108!

🔴 We’re going live at 1pm ET today! Join vulnerability expert Jay Jacobs, along with @todb and @rk for a special episode of runZero Hour. We’re debating all things CVSS, EPSS, and SSVC — where these scoring systems excel, where they falter, and how to use those insights for more strategic triage.

📺 Stream on YouTube:
https://www.youtube.com/watch?v=348LcypOPI0

🎥 Register to watch via Zoom: https://www.runzero.com/research/runzero-hour/

🎙️ We have an awesome runZero Hour teed up for you this week! Tune in LIVE as we welcome special guest Jay Jacobs on Wednesday, May 21st @ 1PM ET.

Jay joins @todb and @rk to debate the findings in our new research report: Divining Risk: Deciphering Signals From Vulnerability Scores. They'll be unpacking what CVSS, EPSS, and SSVC really measure, what they get right, where they fall short, and how defenders can turn that insight into smarter prioritization.

If you're looking for a spicy debate on vulnerability scoring methodologies, this session is right up your alley!

📺 Register for the webcast:
https://www.runzero.com/research/runzero-hour/
📘 Read the report: https://www.runzero.com/resources/deciphering-signals-from-vulnerability-scores/