Clik here to view.
Tenable Nessus Scanner Capabilities Receive Red Hat Recognition
The Red Hat Vulnerability Scanner Certification for Tenable Nessus represents our commitment to continue providing customers with visibility into their Red Hat Enterprise Linux systems. Read about what...
View ArticleClik here to view.
Cybersecurity Snapshot: Are SBOMs on Your Supply Chain Security Radar Screen?...
The SBOM concept is still half-baked, but CISA and NSA want to help change that with new best practices for software vendors, developers and buyers. Plus, there’s new guidance about the Royal...
View ArticleClik here to view.
Tenable Cyber Watch: November Declared Critical Infrastructure Security and...
This week’s edition of Tenable Cyber Watch unpacks Critical Infrastructure Security and Resilience month and addresses the “Shields Ready” campaign aimed at promoting critical infrastructure security...
View ArticleClik here to view.
Frequently Asked Questions for CitrixBleed (CVE-2023-4966)
Frequently asked questions relating to a critical vulnerability in Citrix NetScaler that has been under active exploitation for over a month, including by ransomware groups.BackgroundThe Tenable...
View ArticleClik here to view.
Decrypting CNAPP: Moving Beyond the Acronyms and Analyst Jargon to a Unified...
CNAPPs provide end-to-end protection of cloud workloads by combining previously siloed tools, such as CSPM and CWPP into a single platform. In this post, we’ll explain what the key benefits of CNAPP...
View ArticleClik here to view.
Cybersecurity Snapshot: U.S. Gov’t Revises, Seeks Input on Security...
Uncle Sam wants your input on the latest version of the “Secure Software Development Attestation Form” that federal agencies will use to assess the security of software vendors. Plus, it’s warning...
View ArticleClik here to view.
Tenable Cyber Watch: NCSC Offers Guidance for Quantum Threat, SBOM Adoption...
Why is the U.K. cyber agency urging cyber teams to prepare for quantum computing attacks? How can SBOM adoption help beef up software supply chain security? Looking for recommendations on how to draft...
View ArticleClik here to view.
Identities: The Connective Tissue for Security in the Cloud
Almost everything in the cloud is one excess privilege or misconfiguration away from exposure. Proper cloud posture and entitlement management can help mitigate risk and eliminate toxic...
View ArticleClik here to view.
AWS Access Analyzer Just Got Better, So Did Tenable Cloud Security
AWS IAM Access Analyzer now has an API allowing you to make custom policy checks. Tenable Cloud Security allows you to easily use this API as part of its code scanning functionality. Find out how and...
View ArticleClik here to view.
Maximize Your Vulnerability Scan Value with Authenticated Scanning
Want to get a lot more value out of your vulnerability scans? Start doing authenticated scanning.Performing authenticated scans of your environment offers essential benefits and is a practice widely...
View ArticleClik here to view.
Cybersecurity Snapshot: U.S., U.K. Governments Offer Advice on How To Build...
Looking for guidance on developing AI systems that are safe and compliant? Check out new best practices from the U.S. and U.K. cyber agencies. Plus, a new survey shows generative AI adoption is...
View ArticleClik here to view.
Tenable Cyber Watch: CSA Launches Zero Trust Certification, CISA Updates...
This week’s edition of Tenable Cyber Watch unpacks CISA’s Security Attestation Form Draft and discusses CSA’s new Zero Trust Certification. Also covered: The FCC’s new pilot program that would help...
View ArticleClik here to view.
CVE-2023-4966 (CitrixBleed): Invalidate Active or Persistent Sessions To...
Patching CitrixBleed isn’t enough; organizations need to invalidate active or persistent session tokens as the these tokens can be used to bypass authentication even with multifactor authentication...
View ArticleClik here to view.
Cybersecurity Snapshot: CISA Calls on Software Makers To Use Memory Safe...
CISA is urging developers to stamp out memory vulnerabilities with memory safe programming languages. Meanwhile, the OpenSSF published 10 key principles for secure software development. Plus, malware...
View ArticleClik here to view.
How to Tackle OT Challenges: Asset Inventory and Vulnerability Assessment
The plurality of devices and protocols found in operational technology (OT) environments makes asset discovery and remediation a challenge. Here’s how Tenable OT Security can help.The Operational...
View ArticleClik here to view.
Tenable Cyber Watch: 2023 Cyber Skills Shortage, the Most Sought-After Cyber...
This week edition of Tenable Cyber Watch unpacks the 2023 cyber skills shortage and addresses the most sought-after cyber skills in 2023. Also covered: The most in-demand cybersecurity jobs from 2023...
View ArticleClik here to view.
Microsoft’s December 2023 Patch Tuesday Addresses 33 CVEs (CVE-2023-36019)
4Critical29Important0Moderate0LowMicrosoft addresses 33 CVEs in its December 2023 Patch Tuesday release, with no zero-day vulnerabilities disclosed this month.Microsoft patched 33 CVEs in its December...
View ArticleClik here to view.
Microsoft Patch Tuesday 2023 Year in Review
Microsoft addressed over 900 CVEs as part of Patch Tuesday releases in 2023, including over 20 zero-day vulnerabilities.BackgroundMicrosoft’s Patch Tuesday, a monthly release of software patches for...
View ArticleClik here to view.
The Kids Aren’t Alright: Vulnerabilities in Edulog Portal Revealed K-12...
Tenable Research discovered security flaws in a popular transportation management app that allowed access to student location data. While these issues have been fixed, the findings again prove the...
View ArticleClik here to view.
Cybersecurity Snapshot: Want to Deploy AI Securely? New Industry Group Will...
A group that includes the Cloud Security Alliance, CISA and Google is working to compile a comprehensive collection of best practices for secure AI use. Meanwhile, check out a draft of secure...
View Article