Vuln management often feels like reading 🔮 tarot cards. We use CVSS & EPSS to bring order to chaos — but are we making better decisions?

In this clip, @todb.hugesuccess.org breaks down a "volatile" CVE and why EPSS fluctuations matter most. 📈

📺 Watch the full talk: www.runzero.com/resources/no...

A luxury car in front of the Kremlin and a license plate hidden in shellcode. 🏎️🇷🇺

@hdm.io joins The Abhisek Cast to share stories from the early days of Metasploit and why "business optics" are the enemy of real defense.

Watch the full episode: 📺 www.runzero.com/resources/th...

This year, we aren't just making a resolution; we’re leading a shift in vuln management strategy.

@hdm.io discusses in several interviews why the legacy vuln management model is broken, and how we can collectively forge a better path forward.

📺 Watch here: www.runzero.com/blog/our-new...

🔌 OT wasn’t supposed to be on your network. Yet here we are.

At DEF CON 33, Rob King shows how OT devices hide behind protocol gateways...and how to actually find them.

No magic, no vibes: just real discovery using CIP message forwarding and DNP3.

📺 www.runzero.com/resources/de...

🎧 We collected some of our favorite podcasts of 2025 featuring @hdm.io for you to enjoy.

📺 So go ahead and get yourself some coffee (or hot cocoa!) & watch here: www.runzero.com/blog/fun-pod...

🔮 Every year, the cyber crystal ball gets dusted off.

But by the end of January they're ancient history. So this time @todb.hugesuccess.org put his old forecasts to the test.

Spoiler: there were some misses (nobody can really tell the future), but also a few hits that made us double-take.

#BlackHatEurope2025 we're back & better than ever!

Swing by booth #615 and try our immersive escape room — it’s your chance to flex those exposure management muscles!

Exclusive gear, great convos, and a few surprises await.

🔥 Bring your A-game!

🎉 runZero is now officially a CVE Numbering Authority!

💪 Hear from @todb.hugesuccess.org on how we’re leveling up in the fight to keep networks safe.

Read the blog: www.runzero.com/blog/runzero...

Read the press release: www.runzero.com/newsroom/run...

Exposure is everywhere now — cloud, SaaS, IoT, shadow IT, unmanaged vendors.

Replay the SC Media webcast with @sawaba.bsky.social, @hdm.io & @todb.hugesuccess.org to learn why continuous discovery matters & how attackers exploit what you can’t see.

👉 www.runzero.com/resources/as...

SSH is still one of the strangest attack surfaces online.

Back at DEFCON, @hdm.io shared findings from internet-wide scans with SSHamble:

🔍 Where SSH is exposed
🐞 How quirks became auth bypass & RCE
🛠️ How SSHamble + Nuclei help defenders spot risk

🔗 www.runzero.com/resources/de...

A full year of runZero Hour in the books!

Join us Dec 17 for the ❄️ Holiday Hackstravaganza ❄️ for your chance to win hacker toys for the holidays! We'll cover the best stories, strange vulns, predictions, trivia & more.

👉 www.runzero.com/research/run...

Ready to level up your External Attack Surface Management game?

Don’t settle for “good enough.” Watch below for @todb.hugesuccess.org ’s top picks for what makes an EASM program truly great, and why these features matter more than ever.

👉 Get started here: www.runzero.com/platform/tot...

Curious how runZero data fits into BloodHound OpenGraph to generate visual attack paths?

@hdm.io breaks it down in this runZeroHound walkthrough...

➡️ www.runzero.com/blog/introdu...

🎙️ The Hacker's Cache: Kyser Clark talks with Metasploit creator @hdm.io on why CVEs won’t save you in 2025.

They get into non-CVE vulns, hidden SSH risks, attacker innovation, AI’s impact, and why exposing version numbers can improve security.

👉 www.runzero.com/resources/wh...