Cyber Tool Stack
All tools

runZero

By runZero

An asset discovery and exposure management platform co-created by Metasploit author HD Moore, using unusually careful unauthenticated scanning plus passive discovery to find the unmanaged, OT, and IoT devices agent-based tools can't see — inside the network as well as on its internet edge. Accenture announced an agreement to acquire the company in 2026.

Verified Source: 1

Product type
Software
Deployment
SaaSAgent
Organization size
SMBMid-marketEnterprise
Pricing tier
Freemium

Capability checklist

ASM/BAS

How runZero measures up against the full Attack Surface Management & Breach/Attack Simulation taxonomy.

External attack surface discovery — supported
Continuously finds internet-facing assets, domains, and shadow IT before attackers do.
Exposure prioritization — supported
Ranks discovered exposures using adversary and exploitability context.
Breach and attack simulation — not supported
Safely simulates real attack techniques against live defenses to test control effectiveness.
Security control validation — not supported
Measures whether existing tools actually detect or block the simulated attacks.
Attack path mapping — not supported
Shows the chained steps an attacker could take from an exposure to real impact.
Continuous testing — not supported
Re-runs simulations on a schedule to catch drift and regressions over time.

Alternatives

Other Attack Surface Management & Breach/Attack Simulation tools with overlapping capabilities, sized for similar teams.

Search Cyber Tool Stack

Jump to any tool, vendor, category, or glossary term.