Skip to main content
NC School Connectivity Initiative

runZero


Service Description

runZero is a total attack surface and exposure management platform that combines active scanning, passive discovery, and API integrations to deliver complete visibility into managed and unmanaged assets across internal and external IT, OT, IoT, cloud, mobile, and remote environments.

Security Domain

CIS Control 1 – Inventory and Control of Enterprise Assets
NIST CSF – Identify: Asset Management (ID.AM)
NIST 800-53 – Configuration Management

  • Identifies assets and related risks
  • Identifies outdated hardware and OS versions
  • Helps identify IP space and network maps
  • Accelerates incident response efforts

Security Domain

CIS Control 7 – Continuous Vulnerability Management
NIST CSF – Detect: Continuous Monitoring (DE.CM)
NIST 800-53 – Assessment, Authorization, and Monitoring

Internal scans leverage the internal asset inventory composed of provided and discovered assets and report on new findings, risk, and vulnerabilities including available updates, vulnerable software, unknown devices on internal networks.

Security Domain

CIS Control 7 – Continuous Vulnerability Management
NIST CSF – Detect: Continuous Monitoring (DE.CM)
NIST 800-53 – Assessment, Authorization, and Monitoring

External scans leverage the runZero Hosted Cloud Explorer and scan for all known PSU public IPs and report on new findings, risk, and vulnerabilities across externally accessible environments and assets. Two levels of external scans are performed at the individual PSU organization level and all K-12 organizations.

Security Domain

CIS Control 12 – Network Infrastructure Management
NIST CSF – Protect: Technology Infrastructure Resilience (PR.IR), Detect: Continuous Monitoring (DE.CM)
NIST 800-53 – Program Management

  • Identifies and prevents malicious traffic from reaching the network
  • Prevents hackers and remote access
  • Provides better security and network monitoring features

PSU Time Commitment

Upfront/setup:  1 hour
Ongoing:  2-4 hours per month

How to get this service

Contact runZero POC to register for information/onboarding session

Point of Contact

Name: Friday Institute on behalf of the NCDPI K-12 Cybersecurity Program
Email: runzero_ncdpiadmins@lists.ncsu.edu

Additional Resources

Governance Information

  • The North Carolina Department of Public Instruction (NCDPI) is designated as the formal licensed entity and account owner for the runZero Asset Discovery Platform for North Carolina and thus has the responsibility and authority to manage all contractual matters related to it.
  • As the runZero Account owner, NCDPI has the superuser role that grants it (and/or another party it designates) the privilege to make configuration, policy, and/or other changes to the NC runZero Platform.  In general, NCDPI will not make such changes without appropriate communication to the runZero PSU admins and/or other entities affected in advance. 
  • As the runZero Account owner, NCDPI has the superuser role that grants it (and/or another party it designates) access to view each Organization (i.e. PSU) in the runZero platform and its associated asset data.  NCDPI will utilize the platform to have situational awareness across all PSUs to identify, classify, and categorize devices, reporting on a per-PSU basis, as well as providing a statewide view that shows cybersecurity risks and critical needs.  This data will be able to inform PSU IT staff and state leadership, augmenting and automating some of the DLMI data collection.  Nothing in the asset data inventoried in runZero overtly identifies individual employees or students.
  • The NCDPI Department of School Connectivity and Cybersecurity will be providing periodic reports to the State Board of Education on the rate of utilization of the runZero platform with other evidence of efficacy to assess the value of this cybersecurity resource for future use (i.e. is the platform a good value for the taxpayers of NC AND has it improved the cybersecurity posture / reduced risk of the PSUs).
  • runZero (MSSP) cannot make changes to the NCDPI account and platform without approval from NCDPI (outside of general product/service updates and maintenance).
  • NCDPI can authorize and direct runZero (MSSP) and/or another designated party to make configuration, policy, and/or other changes to the NC runZero Platform.
  • NCDPI has configured a global setting in the runZero console that enables runZero to have support access to the NCDPI account and its associated organizations.  This provides an additional layer of support if NCDPI or PSUs need direct support from runZero.  Under this provision, a PSU can direct runZero support to make changes to the PSU’s organization configuration, but not to NCDPI account-level configurations.  All console impersonation actions are audited by runZero.
  • NCDPI and appropriate agency personnel have reviewed, agreed to, and are satisfied with how runZero collects, stores, and manages asset inventory data for PSUs.  All NCDPI, NCDIT, and applicable state security and privacy policies have been met.  NCDPI is confident in the prevention, detection, and response structures in place to support the purpose of the runZero platform for NCDPI and PSU needs.  The following are runZero privacy, security, and terms of service policies provided for NCDPI and PSU awareness.  In addition, NCDPI has also been provided with the latest version of runZero’s Information Security Policy and Platform Security Assessment.