Tracking asset ownership has come up in a ton of customer conversations over the past few months. It's hard to take action on an asset if you don't know who's the current user, business, IT, or security owner. I'm excited that we delievered asset ownership to @runzero@infosec.exchange in the v3.5 release this month. #CAASM #CMDB

More info: https://www.runzero.com/blog/runzero-3.5/

Security Analysis and Response for Cyber Asset Attack Surface Management. SAR-CAASM.

#CAASM

Most CAASM solutions tell you that "you already have all the data, you just need to aggregate it" to get to asset inventory. Great story, except it isn't true.

After having covered vuln management solutions, I look at EDR solutions as a source to get asset inventory from. This is in the context of CISA BOD 23-01 but the same is true for any other asset inventory initiative.

Read the blog post here:

https://www.runzero.com/blog/cisa-bod-2301-part-3/

#CAASM #EDR #infosec

OT engineers are reluctant to scan their ICS networks because they've had bad experiences with vulnerability and other network scanners.

We've researched why these scanners are destabilizing some devices and have created software that's now in use across over a dozen OT industries today.

Read about our research and what we're doing differently:

https://www.runzero.com/blog/how-to-safely-scan-ot-assets/

#infosec #otsecurity #CAASM

Attending the S4 Industrial Cybersecurity conference in Miami this year. Who will be there? DM me so we can have a coffee! #otsecurity #industrialcybersecurity #caasm