ConfusedFunction:影响 GCP 云功能的权限提升漏洞
Organizations that have used Google Cloud Platform’s Cloud Functions – a serverless execution environment – could be impacted by a privilege escalation vulnerability discovered by Tenable and dubbed as “ConfusedFunction.” Read on to learn all about the vulnerability and what your organization needs…
如果您只有五分钟时间,可以在此一窥 CNAPP(但我们也有电子书)
如果您对云原生应用保护平台(CNAPP)的种种说法感到困惑,请不要担心。Our new eBook “Empower Your Cloud: Mastering CNAPP Security” explains in plain English what CNAPP is, how it works and why it’ll help you secure your cloud environment confidently. Read…
使用适用于机密 SaaS 的 JIT Access 改进云安全
Using just-in-time controls to secure access to your SaaS applications will reduce your cloud attack surface by avoiding permanent access and enforcing least privilege.
regreSSHion 漏洞如何影响您的云环境
With growing concern over the recently disclosed regreSSHion vulnerability, we’re explaining here what it is, why it’s so significant, what it could mean for your cloud environment and how Tenable Cloud Security can help.
Tag, You’re IT! Tagging Your Way to Cloud Security Excellence
To manage your cloud resources effectively and securely, you need to consistently tag assets across all your cloud platforms. Here we explain tagging’s main benefits, as well as proven strategies and best practices for tagging success.
Understanding Customer Managed Encryption Keys (CMKs) in AWS, Azure and GCP: A Comparative Insight
Explore critical differences in handling customer-managed encryption keys (CMKs) across AWS, Azure and GCP to avoid security misconfigurations and protect your data effectively.
Cloud Workload Protection: The Key to Decreasing Cloud Security Risks
More than 80% of all breaches involve data stored in the cloud, and security teams that don’t use cloud workload protection (CWP) may never get ahead of attackers who want to access as much data as possible with the least effort. A single cloud breach is often the most straightforward way into…
These Services Shall Not Pass: Abusing Service Tags to Bypass Azure Firewall Rules (Customer Action Required)
Azure customers whose firewall rules rely on Azure Service Tags, pay attention: You could be at risk due to a vulnerability detected by Tenable Research. Here’s what you need to know to determine if you’re affected, and if so, what you should do right away to protect your Azure environment from…
How A CNAPP Can Take You From Cloud Security Novice To Native In 10 Steps
Context is critical in cloud security. In a recent RSA presentation, Tenable's Shai Morag offered ten tips for end-to-end cloud infrastructure security.
保护 Securing Kubernetes 持久卷时应注意的事项
To many, Kubernetes is a black box that’s difficult to understand, manage and secure. If you’re using stateful persistent volumes – cloud resources that live and manage data outside the scope of your pods – it can be even darker.
Kinsing Malware Hides Itself as a Manual Page and Targets Cloud Servers
Tenable Cloud Security Research Team has recently discovered that Kinsing malware, known for targeting Linux-based cloud infrastructures, exploits Apache Tomcat servers with new advanced stealth techniques. Explore our analysis and the indicators of compromise in this report.
Tenable 云安全研究显示,95% 的受访企业在过去 18 个月的时间里遭受过与云相关的外泄
Tenable 2024 年云安全展望研究中的发现清楚地表明了市场对主动且强大的云安全的需求。 Read on to learn more about the study’s findings, including the main challenges cloud security teams face, their strategies for better protecting their cloud…
联系我们的销售团队