Clik here to view.
The OPM Breach Two Years Later: Why We Need a Marathon
The White House called for a 30-day sprint in response to the devastating data breach at the Office of Personnel Management (OPM), discovered in April 2015. The immediate goal was to bring agencies’...
View ArticleClik here to view.
Master Your Security Foundation: Harden Your Systems
According to a survey conducted by Tenable in late 2016, only 50% of our customers use our configuration auditing capabilities. That’s the bad news. The good news is that those who do use it really...
View ArticleClik here to view.
A Personal Perspective on Closing the Cyber Diversity Gap
I’ve been in IT for the last 16 years, nearly two of which have been in cybersecurity. I was recently given public platforms to discuss my views on diversity in the industry. The crazy part is how...
View ArticleClik here to view.
Tracking Down Privilege Escalation Failures
Tenable.io Vulnerability Management ReportsCredentialed scanning is a key aspect of any vulnerability management program, but how can you be sure the scans are successful? Changes to infrastructure or...
View ArticleClik here to view.
Master Your Security Foundation: CIS Vulnerability Management Controls
Most of us are likely very familiar with vulnerability management. Unfortunately, familiarity with vulnerability management doesn’t necessarily equate to mastery. According to a survey sponsored by...
View ArticleClik here to view.
Rooting a Printer: From Security Bulletin to Remote Code Execution
Printers. They are everywhere. In big businesses. In small businesses. In our homes. In our schools. Wherever you go, there they are. But where are they in your threat model? When was the last time you...
View ArticleClik here to view.
Are Your Containers At Risk?
Containers have transformed the way organizations are deploying applications and services within their environments. While containers are lightweight and more efficient alternatives to virtual...
View ArticleClik here to view.
The OPM Breach Two Years Later: Four Best Practices for Cyber Operational...
Socrates is alleged to have said, “the secret of change is to focus all of your energy, not on fighting the old, but on building the new.”1 The saying certainly applies to cybersecurity, where change...
View ArticleClik here to view.
Securing Industrial Control Systems Against Vulnerabilities and Malware
Recently, a new threat dubbed Industroyer or CrashOverride was identified as the malware that was used in the 2016 attack on the Ukraine electric grid. Many pros are calling Industroyer the biggest...
View ArticleClik here to view.
Petya/NotPetya Ransomware Detection for the Modern Enterprise
A new version of the Petya malware is spreading globally, including the European Union, Ukraine and Russia. It has already impacted many organizations, both large and small, and has compromised systems...
View ArticleClik here to view.
Staying Ahead of the Curve
Tenable.io Malicious Code Prevention ReportAs malware attacks continue to make headlines, many organizations struggle to stay ahead of the complex, evolving threat landscape. Attackers use both old and...
View ArticleClik here to view.
Master Your Security Foundation: Control the Use of Administrative Privileges
What did the Sony and Anthem breaches have in common with an estimated 60-80% of all breaches? They all involve the use of compromised privileged (administrative) accounts.Attackers using...
View ArticleClik here to view.
Is the Devil’s Ivy in your Network?
Over the past several years, Tenable has discussed the growing concerns around Internet of Things (IoT) security. With the static nature of IoT devices such as cameras, door sensors, and many more, the...
View ArticleClik here to view.
Auditing Patch Management Solutions with Tenable.io
We receive many questions from customers on how to configure scans to audit their patch management solutions. Whether you have a few hundred or several thousand systems, patch management solutions...
View ArticleClik here to view.
Black Hat Sneak Preview: New Vulnerabilities Exposed in Docker Hub
Community ecosystems with vibrant member support have been the catalyst for faster innovation and shorter software development lifecycles in DevOps. Whether it is downloading code or contributing back...
View ArticleClik here to view.
Cyber Exposure: The Next Frontier for Security
The stakes have never been higher when it comes to cybersecurity. Global cyber attacks such as the recent WannaCry ransomware attack is a sobering reminder that cybersecurity is the existential threat...
View ArticleClik here to view.
Happy SysAdmin Day 2017
Having a background as a system administrator, I know first-hand many of the challenges you face. As every organization has a unique set of business requirements, system administrators work hard behind...
View ArticleClik here to view.
Tenable Internship Takeaways: Understanding Different Port Scanning Techniques
As a summer intern for the research and development department at Tenable, I was surprised when my manager gave me a relatively straightforward first task: find every machine in the lab. I knew that...
View ArticleClik here to view.
Cybersecurity’s role in U.S. trade agreements, starting with NAFTA
We must modernize our trade agreements to incorporate cybersecurity cooperation, and cooperation with our closest neighbors through NAFTA is a good place to start. Cybersecurity is a major global...
View ArticleClik here to view.
Secure Configuration Baselines for Network Devices
In a recent blog post, Ted Gary discussed results from a Tenable survey about configuration hardening at the system level. In short, organizations are making progress on enforcing and auditing their...
View Article