CloudImposer: Executing Code on Millions of Google Servers with a Single Malicious Package
Tenable Research discovered a remote code execution (RCE) vulnerability in Google Cloud Platform (GCP) that is now fixed and that we dubbed CloudImposer. The vulnerability could have allowed an attacker to hijack an internal software dependency that Google pre-installs on each Google Cloud Composer…
The Data-Factor: Why Integrating DSPM Is Key to Your CNAPP Strategy
DSPM solutions provide a comprehensive, up-to-date view into cloud-based data and risk. An integrated CNAPP and DSPM solution elevates this analysis to expose toxic combinations and security gaps across cloud environments.
通过 FCC Cybersecurity Pilot Program(FCC 网络安全试点计划为)K-12 学校和图书馆提供 2 亿美元网络安全资金
Empowering K-12 schools and libraries to strengthen their cybersecurity posture with new funding opportunities and best practices.
Never Trust User Inputs -- And AI Isn't an Exception: A Security-First Approach
As AI transforms industries, security remains critical. Discover the importance of a security-first approach in AI development, the risks of open-source tools, and how Tenable's solutions can help protect your systems.
Tenable Cloud Security To Help Fed Agencies Tackle Cloud Challenges as It Nears FedRAMP Authorization
As federal agencies adopt a cloud-first policy, they face unique challenges in securing cloud infrastructure. Learn how Tenable Cloud Security, which is now FedRAMP "In Process," can help.
ConfusedFunction:影响 GCP 云功能的权限提升漏洞
Organizations that have used Google Cloud Platform’s Cloud Functions – a serverless execution environment – could be impacted by a privilege escalation vulnerability discovered by Tenable and dubbed as “ConfusedFunction.” Read on to learn all about the vulnerability and what your organization needs…
如果您只有五分钟时间,可以在此一窥 CNAPP(但我们也有电子书)
如果您对云原生应用保护平台(CNAPP)的种种说法感到困惑,请不要担心。Our new eBook “Empower Your Cloud: Mastering CNAPP Security” explains in plain English what CNAPP is, how it works and why it’ll help you secure your cloud environment confidently. Read…
使用适用于机密 SaaS 的 JIT Access 改进云安全
Using just-in-time controls to secure access to your SaaS applications will reduce your cloud attack surface by avoiding permanent access and enforcing least privilege.
regreSSHion 漏洞如何影响您的云环境
With growing concern over the recently disclosed regreSSHion vulnerability, we’re explaining here what it is, why it’s so significant, what it could mean for your cloud environment and how Tenable Cloud Security can help.
Tag, You’re IT! Tagging Your Way to Cloud Security Excellence
To manage your cloud resources effectively and securely, you need to consistently tag assets across all your cloud platforms. Here we explain tagging’s main benefits, as well as proven strategies and best practices for tagging success.
Understanding Customer Managed Encryption Keys (CMKs) in AWS, Azure and GCP: A Comparative Insight
Explore critical differences in handling customer-managed encryption keys (CMKs) across AWS, Azure and GCP to avoid security misconfigurations and protect your data effectively.
Cloud Workload Protection: The Key to Decreasing Cloud Security Risks
More than 80% of all breaches involve data stored in the cloud, and security teams that don’t use cloud workload protection (CWP) may never get ahead of attackers who want to access as much data as possible with the least effort. A single cloud breach is often the most straightforward way into…
联系我们的销售团队