“K”表示“Komplex”:安全团队的关键 Kubernetes 考虑事项
The use of Kubernetes introduces complexity to the modern attack surface and requires a different approach to security than traditional IT infrastructure. Security teams need a base understanding of Kubernetes architecture, configurations and deployment processes to effectively manage risk. Here’s w...
Cloud Workload Protection (CWP) Best Practice – Focus on Impact, Not Volume
How to do CWP right to prepare your organization and protect it from the next widespread vulnerability. ...
Tenable 网络观察:Dark Web Marketplace Genesis Market Shut Down, How Using ChatGPT Can Breach Data Privacy Rules, and more
This week’s edition of the Tenable Cyber Watch unpacks the international sting operation that successfully shut down notorious cybercrime marketplace Genesis Market and explores how using ChatGPT can breach data privacy rules. Also covered: Why the cybersecurity term “BISO” is getting all the buzz. ...
ETHOS:融合 OT 安全社区,共享威胁信息
Tenable participates in a first-of-its-kind initiative that will aggregate information from several operational technology (OT) security vendors to share emerging threat intelligence with critical infrastructure service providers....
CVE-2023-20864:VMware Aria Operations for Logs 反序列化漏洞
VMware issues advisory to address two flaws in its VMware Aria Operations for Logs solution, including a critical deserialization flaw assigned a CVSSv3 score of 9.8....
網路安全快照: 有关供应链安全的最新信息 – SBOM 分发、开源缺陷和新安全框架
Check out what CISA says about the sharing of software bills of materials. Plus, why you should tread carefully with open source components. Also, the SLSA supply chain security framework is ready. In addition, security worries hold back enterprise IoT adoption. And much more!...
Oracle 2023 年 4 月补丁更新解决了 231 个 CVE
Oracle addresses 231 CVEs in its second quarterly update of 2023 with 433 patches, including 74 critical updates....
广泛影响云安全的 7 个监管和合规性框架
Security teams responsible for enforcing regulatory and compliance mandates in a scalable and consistent way are often challenged to translate general legislative guidelines and controls into specific policies, tools and processes....
Announcing the 2023 Tenable Assure Partner Award Winners
Celebrating the elite defenders who are helping organizations around the world reduce their cyber risk....
Tenable 网络观察:FBI Warns of Sophisticated BEC Scam, NIST Unveils Its New AI Resource Center, and more
This week’s edition of the Tenable Cyber Watch unpacks the business email compromise scams (BEC) that are targeting vendors and explores NIST’s new AI Resource Center. Also covered: The most in-demand cybersecurity jobs for this year according to COMPTIA’s “State of the Tech Workforce Report” for 20...
网络安全快照: 随着对 ChatGPT 关注度的增加,美国政府考虑制定人工智能法规
As ChatGPT security worries rise, the Biden administration looks at crafting AI policy controls. Plus, Samsung reportedly limits ChatGPT use after employees fed it proprietary data. Also, how password mis-management lets ex-staffers access employer accounts. In addition, the top identity and access ...
有代理和 无代理: 哪个解决方案适合您的公有云环境?
You can scan cloud systems for security problems in multiple ways depending on what your instances are running, how long they’re up and whether or not they can run an agent or be accessed with administrative credentials. Network scanning, installed agents, or public cloud APIs can all report finding...
