Clik here to view.
Cybersecurity Snapshot: CISA Breaks Into Agency, Outlines Weak Spots in...
CISA’s red team acted like a nation-state attacker in its assessment of a federal agency’s cybersecurity. Plus, the Cloud Security Alliance has given its cloud security guidance a major revamping....
View ArticleClik here to view.
Tenable Customer Update about CrowdStrike Incident
Please read this important customer update about CrowdStrike's recent incident.(Editor's note: This blog has been updated to clarify that only new Identity Exposure data is not available in Tenable...
View ArticleClik here to view.
How To Do a Security Audit of Pimcore Enterprise Platform
Our new research paper gives you a roadmap for using Pimcore's features while preserving security.Enterprises are using Pimcore, an open-source enterprise PHP solution, to streamline data management...
View ArticleClik here to view.
Improving Your Cloud Security Using JIT Access for Sensitive SaaS Applications
Using just-in-time controls to secure access to your SaaS applications will reduce your cloud attack surface by avoiding permanent access and enforcing least privilege.By granting permissions on a...
View ArticleClik here to view.
If You Only Have Five Minutes, Here’s CNAPP in a Snap (But We Have an eBook,...
If you’re a bit puzzled by all the talk about cloud native application protection platforms (CNAPPs), worry not. Our new eBook “Empower Your Cloud: Mastering CNAPP Security” explains in plain English...
View ArticleClik here to view.
Tenable’s Software Update Process Protects Customers’ Business Continuity...
With the unprecedented tech outages experienced by so many of our customers over the last week, we recognize the need for deeper understanding of our software development processes and how they support...
View ArticleClik here to view.
ConfusedFunction: A Privilege Escalation Vulnerability Impacting GCP Cloud...
Organizations that have used Google Cloud Platform’s Cloud Functions – a serverless execution environment – could be impacted by a privilege escalation vulnerability discovered by Tenable and dubbed as...
View ArticleClik here to view.
Cybersecurity Snapshot: North Korea’s Cyber Spies Hunt for Nuclear Secrets,...
Check out a CISA-FBI advisory about North Korean cyber espionage on critical infrastructure orgs. Plus, what Europol found about the use of AI for cybercrime. Meanwhile, the risk concerns that...
View ArticleClik here to view.
EPSS Shows Strong Performance in Predicting Exploits, Says Study from Cyentia...
Tenable sponsored research from Cyentia and FIRST, which finds that while vulnerability exploitation is highly variable, EPSS is getting stronger in its ability to predict exploitation.The number of...
View ArticleClik here to view.
Tenable Cloud Security To Help Fed Agencies Tackle Cloud Challenges as It...
As federal agencies adopt a cloud-first policy, they face unique challenges in securing cloud infrastructure. Learn how Tenable Cloud Security, which is now FedRAMP "In Process," can help.As part of...
View ArticleClik here to view.
Cybersecurity Snapshot: Data Breach Costs Rise, as Ransomware Attacks Fall,...
IBM’s latest “Cost of a Data Breach Report” finds these data-theft incidents getting more expensive. Plus, the IT-ISAC says that ransomware attacks fell in Q2 due to law-enforcement disruptions of...
View ArticleClik here to view.
Turning Data into Action: Intelligence-Driven Vulnerability Management
Prioritizing vulnerabilities with context has always been a challenge for vulnerability management teams – and this task isn’t getting easier as published CVEs continue to grow. To remedy this, many...
View ArticleClik here to view.
Your Exposure Ends Here: Introducing the New Tenable Brand
At Tenable, our mission is to manage and reduce cyber risk, because cyber risk is business risk. Feedback from dozens of top CISOs is reflected in our latest brand evolution. Tenable is the exposure...
View ArticleClik here to view.
Never Trust User Inputs -- And AI Isn't an Exception: A Security-First Approach
As AI transforms industries, security remains critical. Discover the importance of a security-first approach in AI development, the risks of open-source tools, and how Tenable's solutions can help...
View ArticleClik here to view.
Do You Think You Have No AI Exposures? Think Again
As AI usage becomes more prevalent in organizations globally, security teams must get full visibility into these applications. Building a comprehensive inventory of AI applications in your environment...
View ArticleClik here to view.
Securing the AI Attack Surface: Separating the Unknown from the Well Understood
There's a lot of confusion and unknowns regarding AI application risks, and a lot of vendors are trying to offer solutions to problems that aren't clearly defined. In this blog we explain why a smart...
View ArticleClik here to view.
Detecting Risky Third-party Drivers on Windows Assets
Kernel-mode drivers are critical yet risky components of the Windows operating system. Learn about their functionality, the dangers they pose, and how Tenable's new plugins can help identify and...
View ArticleClik here to view.
CVE-2024-20419: Cisco Smart Software Manager On-Prem Password Change...
Critical vulnerability in Cisco Smart Software Manager On-Prem exposes systems to unauthorized password changes, exploit code now available.BackgroundOn July 17, 2024, Cisco published an advisory for a...
View ArticleClik here to view.
Cybersecurity Snapshot: New Report Ranks Top Cloud Threats, while CISA Guide...
The Cloud Security Alliance has released its list of top cloud threats for 2024. Plus, CISA and the FBI published a guide for determining if a software product was built "secure by design." Meanwhile,...
View ArticleClik here to view.
Compromising Microsoft's AI Healthcare Chatbot Service
Tenable Research discovered multiple privilege-escalation issues in the Azure Health Bot Service via a server-side request forgery (SSRF), which allowed researchers access to cross-tenant resources.Key...
View Article