Proactive Issue Resolution, Continuous Compliance and Vulnerability Management

For your VMware™, Hybrid Cloud and Containers.

Results in 15 minutes
Deploy Where You Need
Enjoy our SaaS offering or run Runecast on-premises, where you can choose either pre-packaged OVA or Kubernetes deployment via direct download, AWS, Azure, VMware Market places or Runecast's Helm chart repository with no data ever leaving your environment.
Connect Your VMware, Public & Private Cloud or Tanzu Environments
A single platform for your Hybrid Cloud. Fully agentless scanning does not introduce any additional burden on your teams. No agents to manage, deploy or troubleshoot.
VMware Cloud Director
Kubernetes logo
Run Your First Analysis
Choose from over a dozen compliance standards to continuously audit your environment. Automatically detect vulnerabilities. Get configuration change recommendations based on vendor best practices and discover if and where your VMware environment is misconfigured and potentially increases your risk.
Prioritize Detected Vulnerabilities
Get a prioritized list of detected vulnerabilities with their full description and remediation steps, all correlated with CISA’s Known Exploited Vulnerabilities (KEVs) Catalog and checked for an exploit availability in the most comon exploit catalogs.
Close Gaps for Continuous Compliance
No more need to prepare for many weeks for an audit with overwhelming documents. All applicable compliance requirements are mapped to the automated checks against the configuration of your environment, with results stored and available throughout the full history of all your scans – serving as proof of compliance over time.
Continuous compliance monitoring FOR
BSI IT-Grundschutz
CIS Benchmarks
Essential 8
ISO 27001
Cyber Essentials
VMware Security Configuration Guide
Browse History and Compare Points in Time
Get full data of historical scans of your environment. Was this vulnerability present for a long time? Since when is this KB article applicable? When did we stop meeting these compliance criterias and why?

Each history point reveals the exact configuration of your inventory assets that contribute to the revealed risk for your infrastructure.
See Configuration Changes – and WHO Made Them
Configuration properties of your whole infrastructure in a single place, with powerful features on top of that.

Historical Compare: Observe any configuration changes in you environment over time.

Desired State Alignment: Select a single asset, pick which of its properties should define a baseline configuration and reveal any configuration inconsistencies among the assets of the type.

Who made the change: Automated correlation with vCenter tasks reveals the source of a configuration change.
Simulate Upgrades and Review HW Compatibility
Automated verification of every single asset in your VMware infrastructure against the VMware HCL. 

VMware teams no longer need to perform the tedious manual process of verifying against the HCL. Automating this whole procedure brings peace of mind from running compatible configuration while not putting any extra load on your team.

Runecast also offers ESXi upgrade simulations to verify future compatibility.
Get Tailored Remediation Scripts
Generate tailored remediation scripts for your environment in two clicks.  

Whether you have VMware (Ansible or PowerCLI), AWS (AWS CLI, AWS Tools for PowerShell) or GCP (GCP CLI), we always provide the the best native option for you.
Take a Proactive Approach to Known Issues
Our team actively collects and decodes information from all known online sources of knowledge. We transform this valuable data into automated checks that can identify risky configurations or patterns that may lead to problems.

Results of these checks are surfaced in our user-friendly interface, allowing you to address and manage any potential challenges before they cause downtime or a security breach.
Works With Your Tech Stack
Discuss and prioritize Runecast findings in your day-to-day tools such as ServiceNow, Jira, or vSphere Client with our out-of-the-box integrations.

Use our powerful REST API to send the data over to any data management and analysis platforms like Splunk or Dynatrace.
14-day free trial
Get Started Today
Be up and running in about 15 minutes and see how Runecast empowers you and your team. Get your first report now.
Start Your Free Trial

“The best in its league”

Run it... you will be amazed by the findings. We always think that a lot of applications are secure by nature and by how they’ve been designed, but after deploying Runecast you really understand the gaps that you might have in your environment and it’s definitely an eye-opener.


Vice President - Infrastructure & Security at Oman Airports