🎙️ What happens when you mix CVEs with LLMs, MCP, and a little ingenuity?

Find out today at 1 PM ET/10 AM PT as Jerry Gamblin (Principal Engineer, Cisco TDR) joins @todb and @rk on runZero Hour.

On tap today:
🧠 Jerry’s new MCP server and how it helps you understand vulnerabilities faster
🔍 Trends and changes in the vulnerability landscape
🚨 June’s Rapid Response roundup
🛠 What’s new in the runZero Platform

📺 Tune in for some awesome tech TV:
https://www.youtube.com/watch?v=CjKNPi1FZNA

📌 Subscribe to the series: https://www.runzero.com/research/runzero-hour/

🎙 LLMs, MCP, & the Future of Vulnerability Intelligence: Jerry Gamblin, Principal Engineer at Cisco Threat Detection & Response, joins runZero Hour for a deep dive into today’s vulnerability landscape — from CVE trends and statistics to the launch of his new MCP (Model Context Protocol) server, which uses LLMs to summarize CVEs with more context and clarity.

Tune in as Jerry, @todb and @rk unpack:

👉 What’s changing in the CVE ecosystem and what that means for defenders
👉 How Jerry’s MCP server can help you understand vulnerabilities faster
👉 Key takeaways from our Rapid Response roundup, including our take on what should be at the top of your hot list

This Wednesday, June 18 at 1pm ET / 10am PT. Don't miss it!

📺 Register now: https://www.runzero.com/research/runzero-hour/

Exciting news for open source + vuln nerds alike: runZero now speaks Nuclei!

We 🩵 open source and are beyond excited to announce that we have added initial support for ProjectDiscovery’s open source Nuclei scanner — kicking off with safe, targeted checks for default and weak web credentials across IT, OT, IoT, and cloud environments.

Check out today's post from @todb to see how we:

✅ Curated ~180 safe, non-disruptive templates
✅ Only run checks when services are positively fingerprinted
✅ Keep scans fast, polite, and precise — even in fragile ICS environments

This is just the beginning. More protocols, smarter checks, and community collaboration ahead!

👉 Check it out: https://www.runzero.com/blog/integrating-nuclei/

🎙️ Just dropped: From Vulnerability to Visibility

In this new podcast, @todb shares how runZero takes an attacker’s-eye view of your IT, OT & IoT environments — treating them like a black box to uncover hidden risks.

🎧 Full episode here: https://www.runzero.com/resources/from-vulnerability-to-visibility/

Recorded live at #Infosec2025 with @ITSPmagazine

🏆 Big news: runZero is a 2025 Rising in Cyber winner! It's an honor to be acknowledged by CISOs who are in the trenches every day and know that we are having a meaningful impact for defenders. Thank you @notablecap and NYSE for this awesome recognition.

https://www.runzero.com/newsroom/rising-in-cyber-2025/

runZero is headed to InfoSec Europe! London will never be the same. Join us for:

☕ Free coffee
🧊 Cool Yeti gear
🔍 Instant visibility into IT, OT, IoT, mobile, & cloud
🌐 Total attack surface management
🛠️ No agents. No authentication. No gaps.

Come see us in Stand D108!

🔴 We’re going live at 1pm ET today! Join vulnerability expert Jay Jacobs, along with @todb and @rk for a special episode of runZero Hour. We’re debating all things CVSS, EPSS, and SSVC — where these scoring systems excel, where they falter, and how to use those insights for more strategic triage.

📺 Stream on YouTube:
https://www.youtube.com/watch?v=348LcypOPI0

🎥 Register to watch via Zoom: https://www.runzero.com/research/runzero-hour/

🎙️ We have an awesome runZero Hour teed up for you this week! Tune in LIVE as we welcome special guest Jay Jacobs on Wednesday, May 21st @ 1PM ET.

Jay joins @todb and @rk to debate the findings in our new research report: Divining Risk: Deciphering Signals From Vulnerability Scores. They'll be unpacking what CVSS, EPSS, and SSVC really measure, what they get right, where they fall short, and how defenders can turn that insight into smarter prioritization.

If you're looking for a spicy debate on vulnerability scoring methodologies, this session is right up your alley!

📺 Register for the webcast:
https://www.runzero.com/research/runzero-hour/
📘 Read the report: https://www.runzero.com/resources/deciphering-signals-from-vulnerability-scores/

It's almost time! @todb takes the stage at 11:30 ET at NorthSec to dissect the three most-used vulnerability scoring systems — CVSS, EPSS & SSVC. He'll be unpacking what they reveal, where they mislead, and how to read between the scores.

Tune in here for the live stream:

https://www.youtube.com/watch?v=9IT659uUXfs

What do ghosts, squids, and scoring systems have in common? Find out at 9:15 ET! Join us live at NorthSec or tune in virtually on YouTube for @hdm's keynote: A Pirate’s Guide to Snake Oil and Security.

HD will take you on a voyage through the crowded world of vulnerability management. From clashing tribes to competing frameworks, HD will examine how defenders can navigate vendor claims and hype to uncover what actually works.

https://www.youtube.com/watch?v=J4rGZBxUzYo