{"id":61077,"date":"2023-01-12T17:19:12","date_gmt":"2023-01-12T09:19:12","guid":{"rendered":"https:\/\/version-2.com\/?p=61077"},"modified":"2024-09-13T16:31:50","modified_gmt":"2024-09-13T08:31:50","slug":"why-runzero-is-the-best-way-to-fulfill-cisa-bod-23-01-requirements-for-asset-visibility-part-1","status":"publish","type":"post","link":"https:\/\/version-2.com\/en\/2023\/01\/why-runzero-is-the-best-way-to-fulfill-cisa-bod-23-01-requirements-for-asset-visibility-part-1\/","title":{"rendered":"Why runZero is the best way to fulfill CISA BOD 23-01 requirements for asset visibility – Part 1"},"content":{"rendered":"
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently published the Binding Operational Directive 23-01<\/a> for Improving Asset Visibility and Vulnerability Detection on Federal Networks. CISA\u2019s asset visibility requirements are doing a big part in moving the industry forward and evolving our approach to asset inventory while also highlighting the importance of asset inventory in relation to national or organizational security.<\/p>\n

The directive covers both vulnerability management and asset inventory. This blog post only focuses on the relevant parts for asset inventory. However, there are some important areas where the two disciplines interact and asset inventory is better suited to fulfill the requirements.<\/p>\n

CISA recommends unauthenticated scanning for asset discovery <\/i><\/a><\/h2>\n

Many organizations are using data sourced from authenticated vulnerability scans and installed EDR agents to derive asset inventory. CISA\u2019s directive demonstrates that while this is a viable way to augment the data set, it is no longer sufficient:<\/p>\n

\n
\n
\n
\n

\u201cAsset discovery is non-intrusive and usually does not require special logical access privileges.\u201d<\/p>\n \n <\/div>\n <\/div>\n <\/div>\n<\/section>\n\n

\u201cNo special logical access privileges\u201d translates to either unauthenticated active discovery or passive collection, which is confirmed in the following statement:<\/p>\n

\n
\n
\n
\n

\u201cDiscovery of assets and vulnerabilities can be achieved through a variety of means, including active scanning, passive flow monitoring, querying logs, or in the case of software defined infrastructure, API query.\u201d<\/p>\n \n <\/div>\n <\/div>\n <\/div>\n<\/section>\n\n

API queries are only recommended for software defined infrastructure, such as cloud-hosting other virtualized environments, but not for your physical network.<\/p>\n

Log files can be a helpful way to augment breadth of asset inventory but they do not yield depth. DHCP and DNS logs don\u2019t yield much more information than IP addresses, hostname, and MAC addresses. This misses the essence of what a device is: you know it\u2019s there but you don\u2019t know what hardware and operating system it\u2019s running or what ports and services are active.<\/p>\n

CISA directive solves for unmanaged devices <\/i><\/a><\/h2>\n

When talking to security teams about challenges with their asset inventory, they frequently cite unmanaged devices as the biggest headache. The CISA directive seems to optimize for unmanaged devices since these are the hardest to cover.<\/p>\n

Many asset inventory vendors, particularly those in the CAASM (Cyber Asset Attack Surface Management) space, claim that you can magically solve for unmanaged devices via integrations with existing tooling. That is a great pitch, but it ignores the fact that security teams have tried to use the data from vulnerability scanners and EDR agents for asset inventory for a long time and failed. They do not provide the right data\u2013we\u2019ll get to why in part two of this series.<\/p>\n

CISA is well aware of this fact and recently published a binding directive that requires more than just integrations for solving asset inventory.<\/p>\n

We\u2019ll take a deeper look into why that is throughout this blog series. Stay tuned for more details and subscribe to our blog so you don\u2019t miss out.<\/p>\n

Follow the story <\/i><\/a><\/h2>\n

Part two of this story was published on Tuesday, January 18, so be sure to follow the story. Also, don\u2019t forget to subscribe<\/a> for regular blog notifications.<\/p>\n

\n
\n
\n
\n

Try runZero for free<\/h2>\n

See how you can comply with CISA BOD 23-01 using runZero.<\/p>\n \n Get started<\/a>\n \n <\/div>\n

\n \"Learn\n <\/div>\n <\/div>\n <\/div>\n<\/section>\n\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t
\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

About Version 2 Digital<\/h3>

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n

\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

About runZero<\/strong>
runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network\u2013without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"

The U.S. Cybersecurity and Infrastructure Security Agen […]<\/p>","protected":false},"author":148637484,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[976,1075,61],"tags":[977,1076],"class_list":["post-61077","post","type-post","status-publish","format-standard","hentry","category-runzero","category-year2023","category-press-release","tag-runzero","tag-1076"],"acf":[],"yoast_head":"\nWhy runZero is the best way to fulfill CISA BOD 23-01 requirements for asset visibility - Part 1 - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.runzero.com\/blog\/cisa-bod-2301-part-1\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Why runZero is the best way to fulfill CISA BOD 23-01 requirements for asset visibility - Part 1 - Version 2\" \/>\n<meta property=\"og:description\" content=\"The U.S. Cybersecurity and Infrastructure Security Agen […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.runzero.com\/blog\/cisa-bod-2301-part-1\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2023-01-12T09:19:12+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-09-13T08:31:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/version-2.com\/wp-content\/uploads\/2020\/04\/blog-v2-logo.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"250\" \/>\n\t<meta property=\"og:image:height\" content=\"70\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"versionpan\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"versionpan\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/cisa-bod-2301-part-1\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/01\\\/why-runzero-is-the-best-way-to-fulfill-cisa-bod-23-01-requirements-for-asset-visibility-part-1\\\/\"},\"author\":{\"name\":\"versionpan\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/103ffe36f7fd34a1cc126a30431b94d8\"},\"headline\":\"Why runZero is the best way to fulfill CISA BOD 23-01 requirements for asset visibility – Part 1\",\"datePublished\":\"2023-01-12T09:19:12+00:00\",\"dateModified\":\"2024-09-13T08:31:50+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/01\\\/why-runzero-is-the-best-way-to-fulfill-cisa-bod-23-01-requirements-for-asset-visibility-part-1\\\/\"},\"wordCount\":551,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"keywords\":[\"runZero\",\"2023\"],\"articleSection\":[\"runZero\",\"2023\",\"Press Release\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/01\\\/why-runzero-is-the-best-way-to-fulfill-cisa-bod-23-01-requirements-for-asset-visibility-part-1\\\/\",\"url\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/cisa-bod-2301-part-1\\\/\",\"name\":\"Why runZero is the best way to fulfill CISA BOD 23-01 requirements for asset visibility - Part 1 - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"datePublished\":\"2023-01-12T09:19:12+00:00\",\"dateModified\":\"2024-09-13T08:31:50+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/cisa-bod-2301-part-1\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.runzero.com\\\/blog\\\/cisa-bod-2301-part-1\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/cisa-bod-2301-part-1\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Why runZero is the best way to fulfill CISA BOD 23-01 requirements for asset visibility – Part 1\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/103ffe36f7fd34a1cc126a30431b94d8\",\"name\":\"versionpan\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g\",\"caption\":\"versionpan\"},\"url\":\"https:\\\/\\\/version-2.com\\\/en\\\/author\\\/versionpan\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Why runZero is the best way to fulfill CISA BOD 23-01 requirements for asset visibility - Part 1 - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.runzero.com\/blog\/cisa-bod-2301-part-1\/","og_locale":"en_US","og_type":"article","og_title":"Why runZero is the best way to fulfill CISA BOD 23-01 requirements for asset visibility - Part 1 - Version 2","og_description":"The U.S. Cybersecurity and Infrastructure Security Agen […]","og_url":"https:\/\/www.runzero.com\/blog\/cisa-bod-2301-part-1\/","og_site_name":"Version 2","article_published_time":"2023-01-12T09:19:12+00:00","article_modified_time":"2024-09-13T08:31:50+00:00","og_image":[{"width":250,"height":70,"url":"https:\/\/version-2.com\/wp-content\/uploads\/2020\/04\/blog-v2-logo.jpg","type":"image\/jpeg"}],"author":"versionpan","twitter_card":"summary_large_image","twitter_misc":{"Written by":"versionpan","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.runzero.com\/blog\/cisa-bod-2301-part-1\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2023\/01\/why-runzero-is-the-best-way-to-fulfill-cisa-bod-23-01-requirements-for-asset-visibility-part-1\/"},"author":{"name":"versionpan","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/103ffe36f7fd34a1cc126a30431b94d8"},"headline":"Why runZero is the best way to fulfill CISA BOD 23-01 requirements for asset visibility – Part 1","datePublished":"2023-01-12T09:19:12+00:00","dateModified":"2024-09-13T08:31:50+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2023\/01\/why-runzero-is-the-best-way-to-fulfill-cisa-bod-23-01-requirements-for-asset-visibility-part-1\/"},"wordCount":551,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"keywords":["runZero","2023"],"articleSection":["runZero","2023","Press Release"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2023\/01\/why-runzero-is-the-best-way-to-fulfill-cisa-bod-23-01-requirements-for-asset-visibility-part-1\/","url":"https:\/\/www.runzero.com\/blog\/cisa-bod-2301-part-1\/","name":"Why runZero is the best way to fulfill CISA BOD 23-01 requirements for asset visibility - Part 1 - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"datePublished":"2023-01-12T09:19:12+00:00","dateModified":"2024-09-13T08:31:50+00:00","breadcrumb":{"@id":"https:\/\/www.runzero.com\/blog\/cisa-bod-2301-part-1\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.runzero.com\/blog\/cisa-bod-2301-part-1\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.runzero.com\/blog\/cisa-bod-2301-part-1\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"Why runZero is the best way to fulfill CISA BOD 23-01 requirements for asset visibility – Part 1"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/103ffe36f7fd34a1cc126a30431b94d8","name":"versionpan","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/72541e15024f6716236decb252e7488d4a7359d4df6f8506b01f447174f92c7c?s=96&d=identicon&r=g","caption":"versionpan"},"url":"https:\/\/version-2.com\/en\/author\/versionpan\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-fT7","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/61077","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/users\/148637484"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/comments?post=61077"}],"version-history":[{"count":4,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/61077\/revisions"}],"predecessor-version":[{"id":61081,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/61077\/revisions\/61081"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/media?parent=61077"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/categories?post=61077"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/tags?post=61077"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}