Version 1.3.0 of Rumble Network Discovery is now live with a new Organization API, support for the BACnet protocol, tons of new fingerprints, and improvements across the Rumble Console user interface. If you haven’t had a chance to try Rumble before, or would like to play with the new features, sign up for a free trial and let us know what you think! Organization API Rumble now supports a REST API tied to Organization-specific API keys.

Earlier this week, Gerry Gosselin and Eric Rioux of VertitechIT were investigating a strange result in the Rumble asset inventory; After scanning an external subnet with Rumble, they noticed that the main internet router was responding to SNMP probes on its normal address and HSRP address. The router in question had a strong SNMP v2 community as well an IP ACL on the SNMP service. Rumble still reported the router vendor, manufacturing date, and MAC address via SNMP, all unauthenticated and from the internet.

Version 1.2.0 of Rumble Network Discovery is live with a handful of new features. If you haven’t had a chance to try Rumble before, or would like to play with the new features, sign up for a free trial and let us know what you think! Wireless Network Inventory This release include support for automatic wireless network discovery and access point inventory, leveraging existing agents and scans to keep track of the wireless environment.

After announcing v1.1.5 with the new Switch Topology report, quite a few folks wrote in to ask if this feature was available in SNMPv3 environments. As of this evening, the answer is yes. To leverage SNMP v3 credentials in a Rumble scan, set the following options in the Advanced Options section of the Scan Configuration screen. Depending on your environment, these settings may require some tweaking. The standard security levels of NoAuthNoPriv, AuthNoPriv, and AuthPriv map to these options as follows:

Version 1.1.5 of the Rumble platform is live! This release includes a new Switch Topology report, updates to the Network Bridges report, and improvements to how SNMP data is collected during scans. Combined, these updates can shine a light on misconfigured network segmentation and help identify assets that may not have been scanned at all. This post will walk through these updates and highlight how these reports can be used to identify unknown risks.