{"id":60646,"date":"2022-12-13T15:45:08","date_gmt":"2022-12-13T07:45:08","guid":{"rendered":"https:\/\/version-2.com\/?p=60646"},"modified":"2023-02-22T14:31:36","modified_gmt":"2023-02-22T06:31:36","slug":"runzero-3-4-vulnerability-import-from-crowdstrike-spotlight-plus-something-for-everyone","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2022\/12\/runzero-3-4-vulnerability-import-from-crowdstrike-spotlight-plus-something-for-everyone\/","title":{"rendered":"runZero 3.4: Vulnerability import from CrowdStrike Spotlight (plus something for everyone)"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"60646\" class=\"elementor elementor-60646\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4da8c5f9 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"4da8c5f9\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;decf9c3&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-133ba185\" data-id=\"133ba185\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-fc2da8d post-content elementor-widget elementor-widget-text-editor\" data-id=\"fc2da8d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div>\n<h2 id=\"whats-new-with-runzero-34\">What\u2019s new with runZero 3.4? <i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/h2>\n<ul>\n \t<li>Vulnerability import from CrowdStrike Spotlight<\/li>\n \t<li>Integration performance improvements and enhancements\n<ul>\n \t<li>Automatic expiration of ephemeral AWS assets<\/li>\n \t<li>Processing performance improvements<\/li>\n \t<li>Enrichment-only integration support<\/li>\n<\/ul>\n<\/li>\n \t<li>OAuth Client Secret authentication<\/li>\n \t<li>Simplified site import and export format<\/li>\n \t<li>Rapid Response queries for MegaRAC and Cisco<\/li>\n \t<li>User interface improvements<\/li>\n<\/ul>\n<h3 id=\"vulnerability-inventory-from-crowdstrike\">Vulnerability inventory from CrowdStrike <i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/h3>\nrunZero Enterprise customers can now import vulnerabilities from <a href=\"\/docs\/crowdstrike\">CrowdStrike Spotlight<\/a>. runZero 3.4 automatically imports vulnerabilities when a credential is supplied that has access to the \u201cSpotlight\u201d OAuth scope.\n\nCrowdStrike Spotlight vulnerability data can be viewed from the asset detail page as well as in the vulnerability inventory. CrowdStrike vulnerability attributes include the relevant CVE identifier, severity, exploitability status, vulnerability detail, and any recommended actions to remediate the issue. Use the filter <code>source:crowdstrike<\/code> in the <a href=\"https:\/\/console.runzero.com\/inventory?search=source%3Acrowdstrike\" target=\"_blank\" rel=\"noopener\">asset<\/a> or <a href=\"https:\/\/console.runzero.com\/inventory\/vulnerability?search=source%3Acrowdstrike\" target=\"_blank\" rel=\"noopener\">vulnerability<\/a> inventory to see CrowdStrike-sourced data. Use the following queries to track down common concerns:\n<ul>\n \t<li><strong><a href=\"https:\/\/console.runzero.com\/inventory\/vulnerability?search=source%3Acrowdstrike%20AND%20has_public%3At\" target=\"_blank\" rel=\"noopener\">Find vulnerabilities on assets with public IP addresses<\/a><\/strong>: <code>source:crowdstrike AND has_public:t<\/code><\/li>\n \t<li><strong><a href=\"https:\/\/console.runzero.com\/inventory\/vulnerability?search=source%3Acrowdstrike%20AND%20os_eol%3A%3Cnow%20AND%20severity%3Acritical\" target=\"_blank\" rel=\"noopener\">Find critical vulnerabilities on end-of-life assets<\/a><\/strong>: <code>source:crowdstrike AND os_eol:&lt;now AND severity:critical<\/code><\/li>\n \t<li><strong>Find vulnerabilities that match a specific exploit status<\/strong>:\n<ul>\n \t<li><a href=\"https:\/\/console.runzero.com\/inventory\/vulnerability?search=source%3Acrowdstrike%20AND%20exploit_status%3A%3D0\" target=\"_blank\" rel=\"noopener\">Exploit unproven<\/a>: <code>exploit_status:=0<\/code><\/li>\n \t<li><a href=\"https:\/\/console.runzero.com\/inventory\/vulnerability?search=source%3Acrowdstrike%20AND%20exploit_status%3A%3D30\" target=\"_blank\" rel=\"noopener\">Exploit available<\/a>: <code>exploit_status:=30<\/code><\/li>\n \t<li><a href=\"https:\/\/console.runzero.com\/inventory\/vulnerability?search=source%3Acrowdstrike%20AND%20exploit_status%3A%3D60\" target=\"_blank\" rel=\"noopener\">Exploit easily accessible<\/a>: `exploit_status:=60<\/li>\n \t<li><a href=\"https:\/\/console.runzero.com\/inventory\/vulnerability?search=source%3Acrowdstrike%20AND%20exploit_status%3A%3D90\" target=\"_blank\" rel=\"noopener\">Exploit actively used<\/a>: <code>exploit_status:=90<\/code><\/li>\n<\/ul>\n<\/li>\n<\/ul>\nReady to complement your runZero inventory with vulnerability data from CrowdStrike? To get started, set up a connection to <a href=\"https:\/\/console.runzero.com\/ingest\/crowdstrike\" target=\"_blank\" rel=\"noopener\">CrowdStrike<\/a> using a credential with access to <a href=\"\/docs\/crowdstrike\/#step-1-configure-crowdstrike-to-allow-api-access-to-runzero\">Spotlight vulnerabilities<\/a>.\n\n<img decoding=\"async\" class=\"img-fluid\" style=\"border-style: solid; border-width: 1px;\" title=\"Vulnerabilities from CrowdStrike Spotlight\" src=\"\/img\/posts\/3.4\/crowdstrike-vulns.gif\" alt=\"Vulnerabilities from CrowdStrike Spotlight\" \/>\n<h3 id=\"integration-performance-improvements-and-enhancements\">Integration performance improvements and enhancements <i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/h3>\nThe 3.4 release delivers new features and performance improvements to runZero integrations.\n<h4 id=\"automatic-expiration-of-ephemeral-aws-assets\">Automatic expiration of ephemeral AWS assets <i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/h4>\nYou can now have your <a href=\"docs\/aws\">AWS integration<\/a> automatically remove AWS assets from your inventory that weren\u2019t seen in the latest sync. Many AWS resources are ephemeral, only being in use for a short period of time, and these temporary assets can lead to a slow increase of offline assets over time. If you don\u2019t want to keep those decommissioned AWS assets in your runZero inventory, this feature can be used to automatically delete them. An alternative to this feature is to place your cloud assets in a separate Organization and configure a low stale asset expiration.\n<h4 id=\"processing-performance-improvements\">Processing performance improvements <i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/h4>\nThe performance of all integration tasks has been improved and processing now completes much faster, with better use of resources, especially for self-hosted customers. This improvement is the most significant for processing data from vulnerability management products.\n<h4 id=\"enrichment-only-integration-support\">Enrichment-only integration support <i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/h4>\nYou can now choose to exclude unknown assets from your integration imports. If enabled, runZero won\u2019t import assets from an integration unless they can be merged with an existing asset in your inventory. This places the integration into an enrichment-only mode. This option is helpful when overlaying data from directory providers (Azure AD and Windows AD) as well as MDM and EDR systems that often include off-network assets that may be outside of your runZero scope.\n<h3 id=\"oauth-client-secret-authentication\">OAuth Client Secret authentication <i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/h3>\nIn addition to being able to access the runZero APIs using bearer tokens, you can now configure the use of OAuth2 client credentials. Simply <a href=\"https:\/\/console.runzero.com\/account\/api\/clients\" target=\"_blank\" rel=\"noopener\">register an API client<\/a> and <a href=\"docs\/leveraging-the-api\">use the client ID and secret<\/a> to obtain a temporary session token, which can then be using with the existing APIs as a bearer token.\n<h3 id=\"simplified-site-import-and-export-format\">Simplified site import and export format <i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/h3>\nThe process and format for <a href=\"https:\/\/console.runzero.com\/sites\/import\" target=\"_blank\" rel=\"noopener\">importing sites<\/a> has been simplified so that you can more quickly add multiple sites based on subnets. The format of the imported CSV has been updated so that each registered subnet can be provided as a separate row, with the results merged automatically during import. Need to add a ton of new subnets to your sites? Export the current CSV, append the new subnets to the end with the same site name, and re-import the list to update your site configuration.\n<h3 id=\"rapid-response-queries-for-megarac-and-cisco\">Rapid Response queries for MegaRAC and Cisco <i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/h3>\nIn addition to letting you create queries to fit your needs, runZero includes pre-built queries for recent threats. During the 3.4 release, new queries were added to quickly track down assets running <a href=\"blog\/finding-megarac-bmc-assets\">MegaRAC BMC firmware<\/a> and to locate <a href=\"blog\/finding-cisco-phones\">Cisco 7800\/8800 series IP phone assets<\/a>.\n<h3 id=\"user-interface-improvements\">User interface improvements <i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/h3>\nThe 3.4 release includes several changes to the user interface to improve the performance of the runZero console. The tables on the analysis reports, site comparison reports, and SSO groups pages now perform and load faster. This will let users query and sort the results in tables more efficiently, getting to the answers they need faster.\n<h2 id=\"release-notes\">Release notes <i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/h2>\nThe <a href=\"\/docs\/release-notes\/#v340\">runZero 3.4 release<\/a> includes a rollup of all the 3.3.x updates, which includes all of the following features, improvements, and updates.\n<h3 id=\"new-features\">New features <i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/h3>\n<ul>\n \t<li>The AWS integration now includes an option to automatically remove assets no longer reported by AWS.<\/li>\n \t<li>OAuth 2.0 client credentials can now be used to authenticate with runZero APIs.<\/li>\n \t<li>The <code>edr.name<\/code> asset attribute is now updated to show when a runZero scan no longer detects the EDR.<\/li>\n \t<li>Tasks can now be stopped during data gathering and processing phases.<\/li>\n \t<li>The site import and export CSV format has been simplified.<\/li>\n \t<li>The performance of connector task processing has been improved.<\/li>\n \t<li>Tables for the Site comparison report, analysis report results, and SSO group mappings have been redesigned for improved performance.<\/li>\n \t<li>Added a new canned query for finding Cisco 7800\/8800 series IP phone assets.<\/li>\n \t<li>Improved fingerprinting coverage of Google Workspace assets.<\/li>\n \t<li>Additional fingerprint updates.<\/li>\n<\/ul>\n<h3 id=\"security-improvements\">Security improvements <i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/h3>\n<ul>\n \t<li>A bug that could show cross-tenant \u201cno access\u201d role users in the Your team &gt; Current organization view was resolved. This issue only applied to the cloud-hosted version of the runZero platform. The affected build was live for slightly more than two hours. Any customers affected by this issue will receive a detailed notice to the email addresses associated with their superuser accounts.<\/li>\n<\/ul>\n<h3 id=\"product-improvements\">Product improvements <i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/h3>\n<ul>\n \t<li>The consistency in asset terminology has been improved.<\/li>\n \t<li>The site import CSV format has been improved.<\/li>\n \t<li>The CLI Scanner <code>--api-url<\/code> parameter handling has been improved.<\/li>\n \t<li>The DELETE API method for bulk asset deletion has been deprecated.<\/li>\n \t<li>A public API endpoint to check the platform health has been added.<\/li>\n \t<li>OS EOL dates are now reported for Windows 11.<\/li>\n \t<li>A new canned query for MegaRAC BMC firmware has been added.<\/li>\n \t<li>Self-hosted customers can configure concurrent task processing with the RUNZERO_CRUNCHER_INSTANCES option.<\/li>\n \t<li>VMware ESXi instances now display OS end-of-life dates based on version.<\/li>\n \t<li>The scanner now supports a configurable ToS\/Traffic Class field in the advanced configuration.<\/li>\n \t<li>Additional operating system and hardware icons are available in the inventory view.<\/li>\n \t<li>Explorer and CLI Scanner binaries are now approximately 5MB smaller.<\/li>\n \t<li>The All Organizations view now more accurately handles limited user permissions.<\/li>\n<\/ul>\n<h3 id=\"performance-improvements\">Performance improvements <i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/h3>\n<ul>\n \t<li>The performance of the task overview page load time has been improved.<\/li>\n \t<li>The import time for third-party data sources was improved.<\/li>\n \t<li>The scheduler will now delay recurring tasks if the previously completed task has not yet started processing.<\/li>\n \t<li>The backend now processes concurrent tasks for separate sites within the same organization when possible.<\/li>\n \t<li>Searching and sorting is faster when using the asset first seen and last seen columns.<\/li>\n<\/ul>\n<h3 id=\"fingerprinting-changes\">Fingerprinting changes <i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/h3>\n<ul>\n \t<li>Improved fingerprinting coverage of Apple HomeKit and HomeKit-connected devices.<\/li>\n \t<li>Improved fingerprinting coverage of Google Workspace assets.<\/li>\n \t<li>Improved fingerprinting coverage of Microsoft Intune and Azure Active Directory assets.<\/li>\n \t<li>Additional support added-or-improved for products by by Advidia, APC, Apple, Ascom, Avaya, Cisco, Citrix, D-Link, Dahua, ecobee, Eve, Fortinet, First Peer, Google, Green Electronics, ICP DAS, ifm electronic, iXsystems, LG, Microsoft, Motorola, Nintendo, OnePlus, OpenWRT, Poly, QNAP, Raspberry Pi, Red Hat, Riverbed, Roku, Sagemcom, Samsung, Shelly, Schneider Electric, SolidCP, Sony, SUSE, SwitchBot, TCL, Technicolor, Twinkly, UPS Manufacturing, Vizio, and VMware.<\/li>\n<\/ul>\n<h3 id=\"integration-improvements\">Integration improvements <i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/h3>\n<ul>\n \t<li>The CrowdStrike integration now imports vulnerabilities when CrowdStrike Spotlight is enabled for the API key.<\/li>\n \t<li>An option to disable the creation of new assets from third-party integrations has been added.<\/li>\n \t<li>Third-party integrations merge assets more consistently.<\/li>\n \t<li>Third-party integrations now merge more accurately when using IP addresses as the match key.<\/li>\n \t<li>Microsoft Intune and Azure Active Directory assets are now fingerprinted more accurately.<\/li>\n \t<li>New LDAP credentials now auto-populate the discovered port.<\/li>\n \t<li>The Microsoft Defender integration now merges assets more comprehensively.<\/li>\n \t<li>The AWS EC2 integration now provides an option to include Stopped instances.<\/li>\n<\/ul>\n<h3 id=\"bug-fixes\">Bug fixes <i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/h3>\n<ul>\n \t<li>A bug that could prevent an Explorer from running scans with specific network configurations has been resolved.<\/li>\n \t<li>A bug that could cause recurring tasks to backup has been resolved.<\/li>\n \t<li>A bug in the Organization asset export API has been resolved.<\/li>\n \t<li>A bug that caused the License information page to display an incorrect project asset count was resolved.<\/li>\n \t<li>A bug that could delay concurrent task processing has been resolved.<\/li>\n \t<li>An issue that could cause the command-line scanner to skip LDAP enumeration has been resolved with the <code>--ldap-thumbprints<\/code> flag.<\/li>\n \t<li>A bug that could prevent tag searches from completing when thousands of tags are in use has been resolved.<\/li>\n \t<li>A bug that could result in partial import of GCP CloudSQL assets was resolved.<\/li>\n \t<li>A bug that could lead to duplicate vulnerabilities when an import was restarted has been resolved.<\/li>\n<\/ul>\n<\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8085a61 post-content elementor-widget elementor-widget-shortcode\" data-id=\"8085a61\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"55060\" class=\"elementor elementor-55060\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-6b25dc0d elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"6b25dc0d\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-3cc1b37d\" data-id=\"3cc1b37d\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-52c4a230 elementor-widget elementor-widget-text-editor\" data-id=\"52c4a230\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>About runZero<\/strong><br \/>runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network\u2013without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>What\u2019s new with runZero 3.4? Vulnerability import from  [&hellip;]<\/p>\n","protected":false},"author":143524195,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[488,976,61],"tags":[489,977],"class_list":["post-60646","post","type-post","status-publish","format-standard","hentry","category-488","category-runzero","category-press-release","tag-489","tag-runzero"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>runZero 3.4: Vulnerability import from CrowdStrike Spotlight (plus something for everyone) - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.runzero.com\/blog\/runzero-3.4\/\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"runZero 3.4: Vulnerability import from CrowdStrike Spotlight (plus something for everyone) - Version 2\" \/>\n<meta property=\"og:description\" content=\"What\u2019s new with runZero 3.4? Vulnerability import from [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.runzero.com\/blog\/runzero-3.4\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2022-12-13T07:45:08+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-02-22T06:31:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/version-2.com\/wp-content\/uploads\/2020\/04\/blog-v2-logo.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"250\" \/>\n\t<meta property=\"og:image:height\" content=\"70\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"version2hk\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"version2hk\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/runzero-3.4\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/12\\\/runzero-3-4-vulnerability-import-from-crowdstrike-spotlight-plus-something-for-everyone\\\/\"},\"author\":{\"name\":\"version2hk\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\"},\"headline\":\"runZero 3.4: Vulnerability import from CrowdStrike Spotlight (plus something for everyone)\",\"datePublished\":\"2022-12-13T07:45:08+00:00\",\"dateModified\":\"2023-02-22T06:31:36+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/12\\\/runzero-3-4-vulnerability-import-from-crowdstrike-spotlight-plus-something-for-everyone\\\/\"},\"wordCount\":1447,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"keywords\":[\"2022\",\"runZero\"],\"articleSection\":[\"2022\",\"runZero\",\"Press Release\"],\"inLanguage\":\"zh-HK\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/12\\\/runzero-3-4-vulnerability-import-from-crowdstrike-spotlight-plus-something-for-everyone\\\/\",\"url\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/runzero-3.4\\\/\",\"name\":\"runZero 3.4: Vulnerability import from CrowdStrike Spotlight (plus something for everyone) - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"datePublished\":\"2022-12-13T07:45:08+00:00\",\"dateModified\":\"2023-02-22T06:31:36+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/runzero-3.4\\\/#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.runzero.com\\\/blog\\\/runzero-3.4\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/runzero-3.4\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"runZero 3.4: Vulnerability import from CrowdStrike Spotlight (plus something for everyone)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\",\"name\":\"version2hk\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"caption\":\"version2hk\"},\"sameAs\":[\"http:\\\/\\\/version2xfortcom.wordpress.com\"],\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/version2hk\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"runZero 3.4: Vulnerability import from CrowdStrike Spotlight (plus something for everyone) - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.runzero.com\/blog\/runzero-3.4\/","og_locale":"zh_HK","og_type":"article","og_title":"runZero 3.4: Vulnerability import from CrowdStrike Spotlight (plus something for everyone) - Version 2","og_description":"What\u2019s new with runZero 3.4? Vulnerability import from [&hellip;]","og_url":"https:\/\/www.runzero.com\/blog\/runzero-3.4\/","og_site_name":"Version 2","article_published_time":"2022-12-13T07:45:08+00:00","article_modified_time":"2023-02-22T06:31:36+00:00","og_image":[{"width":250,"height":70,"url":"https:\/\/version-2.com\/wp-content\/uploads\/2020\/04\/blog-v2-logo.jpg","type":"image\/jpeg"}],"author":"version2hk","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"version2hk","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"4 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.runzero.com\/blog\/runzero-3.4\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2022\/12\/runzero-3-4-vulnerability-import-from-crowdstrike-spotlight-plus-something-for-everyone\/"},"author":{"name":"version2hk","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db"},"headline":"runZero 3.4: Vulnerability import from CrowdStrike Spotlight (plus something for everyone)","datePublished":"2022-12-13T07:45:08+00:00","dateModified":"2023-02-22T06:31:36+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2022\/12\/runzero-3-4-vulnerability-import-from-crowdstrike-spotlight-plus-something-for-everyone\/"},"wordCount":1447,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"keywords":["2022","runZero"],"articleSection":["2022","runZero","Press Release"],"inLanguage":"zh-HK"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2022\/12\/runzero-3-4-vulnerability-import-from-crowdstrike-spotlight-plus-something-for-everyone\/","url":"https:\/\/www.runzero.com\/blog\/runzero-3.4\/","name":"runZero 3.4: Vulnerability import from CrowdStrike Spotlight (plus something for everyone) - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"datePublished":"2022-12-13T07:45:08+00:00","dateModified":"2023-02-22T06:31:36+00:00","breadcrumb":{"@id":"https:\/\/www.runzero.com\/blog\/runzero-3.4\/#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.runzero.com\/blog\/runzero-3.4\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.runzero.com\/blog\/runzero-3.4\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/zh\/"},{"@type":"ListItem","position":2,"name":"runZero 3.4: Vulnerability import from CrowdStrike Spotlight (plus something for everyone)"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db","name":"version2hk","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","caption":"version2hk"},"sameAs":["http:\/\/version2xfortcom.wordpress.com"],"url":"https:\/\/version-2.com\/zh\/author\/version2hk\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-fMa","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/60646","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/143524195"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=60646"}],"version-history":[{"count":4,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/60646\/revisions"}],"predecessor-version":[{"id":60650,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/60646\/revisions\/60650"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=60646"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=60646"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=60646"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}