CNAPPgoat:The Multicloud Open-Source Tool for Deploying Vulnerable-by-Design Cloud Resources
Here’s all you need to know about CNAPPgoat, our open-source project designed to modularly provision vulnerable-by-design components in cloud environments....
使用服务定位协议 (SLP) 查找公开的管理接口
Exposed management interfaces are valuable entry points for attackers. CISA Binding Operational Directive 23-02 calls for getting them off the internet. Here’s a novel approach for finding some of these elusive devices using SLP....
揭示云安全的责任共担模型:如何避免覆盖面缺口和混淆
Confusion over the scope of customer responsibility for cloud security causes control gaps and exposes businesses to risks of attack and non-compliance. Secure configuration of customer-managed resources is the most critical factor for reducing cloud risk. However, it can only be achieved by first u...
Tenable OT Security 3.16 的新功能: 提升楼宇管理系统的安全性和用户体验
Tenable OT Security 3.16 introduces advanced security for building automation systems, a streamlined interface and simplified upgrade process, empowering users to be at the forefront of securing their IT, OT, BMS and IoT assets with confidence....
Tenable 网络观察:美国政府发布网络安全实施计划,CISA 共享云安全免费工具,等等
This week’s edition of Tenable Cyber Watch unpacks the White House’s National Cybersecurity Strategy Implementation Plan and offers new tips and guidance for C-level executives regarding generative AI adoption. Also covered: CISA shares its factsheet offering free tools to help secure cloud environm...
FAQ:新的 SEC 网络安全规则对信息安全领导者意味着什么
On July 26, the SEC voted 3-2 to adopt new rules which would require several new cybersecurity disclosures from publicly traded companies. Here’s what cybersecurity leaders need to know....
网络安全快照: SEC 要求上市公司提高网络安全透明度
Find out what’s in the SEC’s new cybersecurity disclosure rules. 此外,CISA 还分析了影响重要基础设施企业的网络安全风险。同时,欢迎查看影子 IT 的指导以及大幅提升安全意识计划的诀窍。And much more!...
Tenable 2023 年夺旗比赛:你要测试您的黑客技术了吗?
Tenable is bringing its annual hacking competition to Black Hat 2023 in a hybrid in-person and online experience, giving competitors around the world a chance to have fun and test their skills....
如何为企业购买合适的网络安全保险
Cyber insurance has become a necessity, and the cost and effort to obtain it can be considerable. Still, your organization can boost its odds of landing the coverage it needs at a fair price that’s consistent with its risk profile. Check out the invaluable advice from a panel of experts from the ins...
CVE-2023-35078:Ivanti Endpoint Manager Mobile (EPMM) / MobileIron Core 未经身份验证的 API 访问漏洞
Critical vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks...
AI 将控制网络安全:下面是您所需的内容
Generative AI will elevate the practice of successful preventive cybersecurity, but how will it manifest itself across cybersecurity products? Here are a few game-changers to look for....
Tenable 网络观察:美国政府简要介绍了网络安全投资优先顺序,研究显示网络团队过于自信,等等
This week’s edition of Tenable Cyber Watch unpacks CISA and the NSA’s CI/CD defense guidance and explores the White House’s cybersecurity investment priorities. Also covered: why one study says cyber teams are too confident. ...