Risky Business

Risky Biz Soap Box: runZero shakes up vulnerability management

Sep 15, 2025
HD Moore, industry legend and CEO of RunZero, discusses the company’s revolutionary approach to vulnerability management. He explains how the new Nuclei integration enables precise identification of vulnerabilities without deploying overly privileged credentials. The conversation highlights the need for agile solutions in vulnerability scanning and the importance of focusing on exploitable risks. Moore also touches on the stagnation of traditional management practices and how RunZero aims to innovate and streamline security operations for organizations of all sizes.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
INSIGHT

Unmanaged Assets Drive Breaches

  • RunZero started as asset discovery because pen tests kept finding unknown devices and subnets.
  • HD Moore says those unmanaged assets are the ones attackers exploit most often.
INSIGHT

Speed Trumps Mass Coverage

  • Traditional vulnerability management is slow: scan, patch, wait cycles leave gaps for exploitation.
  • RunZero aims to immediately surface where exposed devices exist when new threats appear.
INSIGHT

Agent Coverage Isn’t The Whole Picture

  • EDR vendors focus on agent-based, host-centric visibility and neglect network-exposed services.
  • HD warns that agent lists miss exposed services and unreachable-but-exploitable hosts.
Get the Snipd Podcast app to discover more snips from this episode
Get the app