🎙️ New runZero Hour: Open Source Meets Exposure Management

Rishiraj Sharma & Sandeep Singh from ProjectDiscovery join @todb and @rk Wednesday to talk Nuclei: how it grew, where it’s headed, and what open source means for security.

💥 Plus: runZero’s Nuclei integration now checks for default creds across IT, OT, IoT & cloud without disruption.

📺 Register: https://www.runzero.com/research/runzero-hour/
🔗 Read: https://www.runzero.com/blog/integrating-nuclei/

🎙️ runZero Hour Recap: CVE chaos, MCPs, and the fight for better vulnerability data! In Episode 19, @todb sat down with @rk and Jerry Gamblin to dissect the state of vulnerability data along with some other hot topics:

👉 Model Context Protocols (MCPs) as APIs for APIs

👉 The human-in-the-loop gap in LLM security tooling

👉 Why CVE inflation is real — and dangerous

👉 What’s missing from CVE publishing workflows

👉 Rapid response rundown on Roundcube, ScreenConnect, and ASUS routers

🧠 Read the recap and watch the full episode here:
https://www.runzero.com/blog/runzero-hour-19-recap/

🎙️ Just dropped! Our own @hdm joins the amazingly entertaining and talented crew on Paul's Security Weekly to discuss finding all the things and why vulnerability management is dead as we know it.

Tune in for hot takes on why we need better ways to find and manage risky things, spicy opinions on AI in security, fun methods for fingerprinting devices, external scanning strategies, and way more.

Plus, hear how the PSW crew uses runZero's free Community Edition to track down random devices everywhere, and how you can now use runZero to discover devices using default credentials (eek!).

Shout out to @paulasadoorian, Mandy Logan, @haxorthematrix, @joshuamarpet, Lee Neely, @sambowne and Bill Swearingen for an awesome episode!

📺 Watch the full show (#880) here or stream it on your favorite service:
https://www.runzero.com/resources/is-vuln-management-dead-psw-880/

👉 Get the much discussed Community Edition here: https://www.runzero.com/platform/community-edition/

💡 Learn more about our new Nuclei integration and finding default creds here: https://www.runzero.com/blog/integrating-nuclei/

🎙️ What happens when you mix CVEs with LLMs, MCP, and a little ingenuity?

Find out today at 1 PM ET/10 AM PT as Jerry Gamblin (Principal Engineer, Cisco TDR) joins @todb and @rk on runZero Hour.

On tap today:
🧠 Jerry’s new MCP server and how it helps you understand vulnerabilities faster
🔍 Trends and changes in the vulnerability landscape
🚨 June’s Rapid Response roundup
🛠 What’s new in the runZero Platform

📺 Tune in for some awesome tech TV:
https://www.youtube.com/watch?v=CjKNPi1FZNA

📌 Subscribe to the series: https://www.runzero.com/research/runzero-hour/

🎙 LLMs, MCP, & the Future of Vulnerability Intelligence: Jerry Gamblin, Principal Engineer at Cisco Threat Detection & Response, joins runZero Hour for a deep dive into today’s vulnerability landscape — from CVE trends and statistics to the launch of his new MCP (Model Context Protocol) server, which uses LLMs to summarize CVEs with more context and clarity.

Tune in as Jerry, @todb and @rk unpack:

👉 What’s changing in the CVE ecosystem and what that means for defenders
👉 How Jerry’s MCP server can help you understand vulnerabilities faster
👉 Key takeaways from our Rapid Response roundup, including our take on what should be at the top of your hot list

This Wednesday, June 18 at 1pm ET / 10am PT. Don't miss it!

📺 Register now: https://www.runzero.com/research/runzero-hour/

Exciting news for open source + vuln nerds alike: runZero now speaks Nuclei!

We 🩵 open source and are beyond excited to announce that we have added initial support for ProjectDiscovery’s open source Nuclei scanner — kicking off with safe, targeted checks for default and weak web credentials across IT, OT, IoT, and cloud environments.

Check out today's post from @todb to see how we:

✅ Curated ~180 safe, non-disruptive templates
✅ Only run checks when services are positively fingerprinted
✅ Keep scans fast, polite, and precise — even in fragile ICS environments

This is just the beginning. More protocols, smarter checks, and community collaboration ahead!

👉 Check it out: https://www.runzero.com/blog/integrating-nuclei/

🎙️ Just dropped: From Vulnerability to Visibility

In this new podcast, @todb shares how runZero takes an attacker’s-eye view of your IT, OT & IoT environments — treating them like a black box to uncover hidden risks.

🎧 Full episode here: https://www.runzero.com/resources/from-vulnerability-to-visibility/

Recorded live at #Infosec2025 with @ITSPmagazine

🏆 Big news: runZero is a 2025 Rising in Cyber winner! It's an honor to be acknowledged by CISOs who are in the trenches every day and know that we are having a meaningful impact for defenders. Thank you @notablecap and NYSE for this awesome recognition.

https://www.runzero.com/newsroom/rising-in-cyber-2025/

runZero is headed to InfoSec Europe! London will never be the same. Join us for:

☕ Free coffee
🧊 Cool Yeti gear
🔍 Instant visibility into IT, OT, IoT, mobile, & cloud
🌐 Total attack surface management
🛠️ No agents. No authentication. No gaps.

Come see us in Stand D108!