At Black Hat 2025, CyberRisk TV sits down with HD Moore, CEO & Co-Founder of runZero, for a no-BS conversation on why vulnerability management is still failing enterprises — and what needs to change now. Hosted by Jackie McGuire, this interview dives deep into the real-world challenges facing security teams today: tool overload, missing assets, unauthenticated exposures, and the illusion of visibility.
HD reveals how attackers are exploiting blind spots faster than defenders can react — and why unauthenticated discovery is the secret weapon defenders need. From the evolution of pentesting to the pitfalls of modern tooling, this interview offers a powerful call to rethink how we manage risk.
Topics Covered:
Why vulnerability tools are worse today than 20 years ago
The myth of full visibility in enterprise security
How AI and Shadow IT are accelerating unauthenticated risk
The "garage keypad is 1234" problem in cyber hygiene
runZero’s unique approach: find everything, fast, without credentials
What every CISO needs to hear to justify better investments
If you're tired of dashboards full of false confidence and alerts that don’t matter, this is your wake-up call.
Segment Resources: https://www.runzero.com/resources/is-vuln-management-dead-psw-880/ https://www.runzero.com/blog/new-era-exposure-management/ https://www.runzero.com/resources/your-next-incident-wont-have-a-cve/ https://www.runzero.com/resources/pirates-guide-to-snake-oil-security/
Try runZero free! Get started at https://securityweekly.com/runzerobh
- 0:00 - Intro from BlackHat 2025 with Jackie McGuire
- 0:30 - Meet HD Moore, CEO & Co-Founder of runZero
- 01:15 - Why Vulnerability Management Is Still Broken
- 02:10 - The Problem with Unauthenticated Discovery
- 03:25 - The Tool Overload & Data Volume Crisis
- 04:45 - HD’s Offensive Testing Background & Approach
- 06:00 - How runZero Finds Hidden & Exploitable Assets
- 07:40 - Real-World Risks: Shadow IT & AI Expansion
- 09:10 - Explaining Vulnerability Management to CEOs
- 10:50 - Why Security Tools Are Often the Weak Link
- 13:45 - Final Thoughts & Where to Learn More About runZero
HD Moore is a pioneer of the cybersecurity industry who has dedicated his career to vulnerability research, network discovery, and software development since the 1990s. He is most recognized for creating Metasploit and is a passionate advocate for open-source software and vulnerability disclosure.
HD serves as the CEO and founder of runZero, which provides a single source of truth for exposure management across your total attack surface. Delivering in-depth visibility into every asset and exposure, runZero helps you mitigate risks faster, meet compliance requirements, and ensure you continuously discover critical insights that others miss — including unknown and unmanageable devices and elusive exposures that evade traditional tools.
Prior to founding runZero, HD held leadership positions at Atredis Partners, Rapid7, and BreakingPoint. HD has also been a frequent speaker at industry events such as Black Hat and DEF CON. HD’s professional journey began with exploring telephone networks, developing exploits for the Department of Defense, and hacking into financial institution networks.
