背景信息就是王道:从漏洞管理到风险暴露管理
Vulnerability management remains a cornerstone of preventive cybersecurity, but organizations still struggle with vulnerability overload and sophisticated threats. Tenable’s new Exposure Signals gives security teams comprehensive context, so they can shift from vulnerability management to exposure…
The Data-Factor: Why Integrating DSPM Is Key to Your CNAPP Strategy
DSPM solutions provide a comprehensive, up-to-date view into cloud-based data and risk. An integrated CNAPP and DSPM solution elevates this analysis to expose toxic combinations and security gaps across cloud environments.
Secure Your Sprawling Attack Surface With Risk-based Vulnerability Management
The cloud, artificial intelligence (AI), machine learning and other technological breakthroughs are radically changing the modern work environment. New assets and services offer increased flexibility, growth potential and access to more resources. However, they also introduce new security risks…
CISA Finding: 90% of Initial Access to Critical Infrastructure Is Gained Via Identity Compromise. What Can You Do About It?
Conventional wisdom suggests the keys to protect critical infrastructure against cyberattacks are network segmentation and OT security. But continued breaches imply those methods alone fall short. In fact, a CISA probe of 121 critical infrastructure networks found that their weakest link is…
Detecting Risky Third-party Drivers on Windows Assets
Kernel-mode drivers are critical yet risky components of the Windows operating system. Learn about their functionality, the dangers they pose, and how Tenable's new plugins can help identify and mitigate vulnerabilities using community-driven resources like LOLDrivers.
Do You Think You Have No AI Exposures? Think Again
As AI usage becomes more prevalent in organizations globally, security teams must get full visibility into these applications. Building a comprehensive inventory of AI applications in your environment is a first step. Read on to learn what we found about AI application-usage in the real world when…
将数据转化为行动:情报驱动的漏洞管理
使用上下文对漏洞进行优先级分析对漏洞管理团队而言总是困难重重,而且随着已公布 CVE 的持续增加,这项任务也变得越来越艰巨。To remedy this, many enterprises are forced to invest in products and services to protect their environments with various…
Tenable’s Software Update Process Protects Customers’ Business Continuity with a Safe, Do-No-Harm Design
With the unprecedented tech outages experienced by so many of our customers over the last week, we recognize the need for deeper understanding of our software development processes and how they support global business continuity. In this blog post, we’ll outline how Tenable’s comprehensive approach…
使用适用于机密 SaaS 的 JIT Access 改进云安全
Using just-in-time controls to secure access to your SaaS applications will reduce your cloud attack surface by avoiding permanent access and enforcing least privilege.
关于 CrowdStrike 事件的 Tenable 客户更新
Please read this important customer update about CrowdStrike's recent incident.
基于风险的漏洞管理如何提升现代 IT 环境的安全态势
漏洞评估和漏洞管理似乎没什么不同,其实不然。As a new Enterprise Strategy Group white paper explains, it’s key to understand their differences and to shift from ad-hoc vulnerability assessments to continuous, risk-based vulnerability management (RBVM)…
