Explore more publications!
Montserrat Tech Update
Got News to Share?

runZero Shatters the "Segmentation Illusion" with High-Fidelity OT Intelligence and Attack Path Mapping

New capabilities empower organizations to map the unmappable, visualize cross-environment attack paths, and validate segmentation across IT, OT, and IoT

AUSTIN, Texas, April 30, 2026 (GLOBE NEWSWIRE) -- runZero, the leader in exposure management, today launched new capabilities designed to shatter the "segmentation illusion" by revealing hidden attack paths across IT and OT environments. Defenders can now quickly identify segmentation failures, visualize lateral movement across network boundaries, and prioritize the exposures that pose the greatest risk to industrial uptime and business operations.

By delivering high-fidelity asset, network, and security intelligence at scale — without requiring credentials, span ports, or endpoint agents — runZero uniquely equips organizations to move from assumption-based security to validated infrastructure insights across their entire attack surface.

Addressing the "Segmentation Illusion"

Operational technology (OT) security is top of mind for global organizations. The World Economic Forum recently reported that 64% of organizations cited the disruption of critical infrastructure and espionage as top cybersecurity concerns amidst heightened geopolitical tensions. Despite this, many organizations operate under a "segmentation illusion," wrongly assuming OT environments are isolated or air-gapped. In reality, industry research consistently finds that more than a third of organizations have at least one OT asset exposed to the public internet.

In a recent analysis of sample manufacturing environments runZero found that roughly 30% of OT assets were only one hop away from an internet-exposed device, and 90% were within two hops. The risk was even more pronounced for financial services organizations, where 50% of OT assets sat just one hop away from the internet edge. These findings highlight how even a single incidental network bridge or firewall misconfiguration can lead to a costly operational shutdown.

"Segmentation is something you verify, not something you assume," said HD Moore, founder and CEO of runZero. "This release lets defenders trace the actual paths from an exposed IT asset to a PLC, including the ones that run through protocol gateways and devices nobody documented. That's the gap between knowing you have OT and knowing it's defensible."

Unmatched Discovery and High-Fidelity Intelligence

The foundation of these new capabilities is the runZero active scan engine, which provides industry-leading discovery and fingerprinting for all types of assets. This unique technology has been proven safe even in fragile OT environments in numerous customer deployments, as well as in an evaluation conducted by the U.S. Department of Energy’s National Renewable Energy Laboratory. The report concluded that runZero’s active scanning methods did not negatively impact system performance, challenging widely held industry beliefs that active scanning inherently disrupts operations.

Unlike passive-first tools that only detect "chatty" devices, runZero’s proprietary approach combines safe active scanning and passive monitoring to identify both managed and unmanaged devices with unmatched depth and accuracy, including those that cannot support agents or credential-based logins.

This release introduces major enhancements in deep OT visibility and topology, allowing runZero to identify sub-assets behind industrial protocol gateways, such as Modbus, BACnet, EtherNet/IP, and KNXnet. These downstream assets are often not directly addressable on the network, making them invisible to traditional tools. By enumerating and mapping these devices, runZero provides advanced visibility into the OT attack surface, including hard-to-detect areas and field-level devices.

Visualizing Risk Across the Modern Enterprise

Today’s release is designed to help defenders overcome challenges in increasingly converged IT/OT environments. Beyond discovery, runZero now offers advanced visualization tools that pinpoint risks like multi-homed devices and network segmentation gaps and provide interactive attack path mapping. Together, these capabilities enable security teams to understand the relationship between assets and identify how an attacker could move through the network, so they can identify and focus remediation on exposures that materially increase risk.

New features include:

  • Topology maps: Gain immediate, worldwide visibility with interactive maps that scale from a global overview down to individual sites and subnets. Available in 2D and 3D, as well as hybrid Layer 2 and Layer 3 views, runZero’s new network maps enable teams to quickly spot exposures even in highly complex environments with hundreds of thousands of assets. Capabilities include:
    • Geolocation and context: Leveraging public and egress IP data, runZero automatically pinpoints the physical location of assets across worldwide operations and enables teams to search for nearby devices to gain critical environmental context.
    • Search and filter: Visually isolate high-risk assets, pivot points, end-of-life systems, specific device types, and exposures directly within the map view to quickly gain insights.
    • Anomaly detection: Flag “misplaced” items like a Windows laptop in a production zone that likely violates security policies, as well as outliers that deviate from expected parameters — and frequently pose risk.
  • Interactive attack path mapping: Visualize trajectories from initial compromise to operational impact, including capabilities for:
    • Path tracing: Set a specific source and target to see exactly how an attacker could move through the network, highlighting every pivot point and bridge along the way.
    • Choke point identification: Easily surface a prioritized set of assets that, if compromised, could grant attackers access to high-value network zones.
  • Multi-homed and bridge detection: Automatically surface devices connected to multiple networks, instantly pinpointing risky assets that bypass segmentation and firewall strategies.
  • Map the unmappable: Safely enumerate OT assets across gateways and non-IP boundaries that are frequently missed by other tools. By peering behind protocol gateways, runZero unmasks the field-level devices that were previously invisible, without risking downtime.
  • Identify protocol exposures: Detect critical devices accessible from the IT domain with support for an expanded library of more than 220 protocols. This includes dozens of "insecure by design" industrial protocols — such as Modbus, BACnet, EtherNet/IP, KNXnet, Siemens S7comm, and Triconex TriStation — that are commonly targeted by attackers attempting to gain control of physical operations.
  • Risk prioritization: Highlight the exposures and segmentation gaps that matter most, helping teams focus remediation efforts on the assets and connections that introduce the greatest operational risk.
  • Advanced fingerprinting and device classification: Precisely identify asset categories and functions, leveraging deep fingerprinting that analyzes thousands of distinct device attributes to provide definitive intelligence into each asset’s role and risk profile.

Availability

The new capabilities, as well as UI/UX enhancements — including new dark and light modes — are immediately available to all runZero customers and Community Edition users.

About runZero

runZero provides a single source of truth for exposure management across your total attack surface. Without requiring agents, authentication, or appliances, runZero delivers the most complete and accurate visibility into every asset and exposure across internal, external, IT, OT, IoT, mobile, and cloud environments — including uncovering unknown and unmanageable devices and broad classes of exposures that evade traditional tools. Founded in 2018 by HD Moore, runZero is trusted by more than 500 companies and 30,000 users worldwide to mitigate risks faster, meet compliance requirements, and improve overall security.

Contact:
Jennifer Wood
jennifer.wood@runZero.com

A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/9e792511-f55d-40b2-84a5-4fff85bc1037


Primary Logo

runZero 4.9

Unmask Attack Paths & Segmentation Gaps with High-Fidelity OT Intelligence

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.

Share us

on your social networks:
Facebook Facebook LinkedIn LinkedIn
AGPs

Get the latest news on this topic.

SIGN UP FOR FREE TODAY

No Thanks

By signing to this email alert, you
agree to our Terms & Conditions