Tenable 博客
網路安全快照: Fending Off BRICKSTORM Malware Data-Theft Attacks and Integrating AI into OT Securely
What You Can't See Can Hurt You: Are Your Security Tools Hiding the Real Risks?
With disconnected tools creating critical blind spots, your security stack is likely hiding more risk than it exposes. Discover how unifying your security data into a single view uncovers the full risk picture and lets you focus on what matters most.
FAQ About Sha1-Hulud 2.0: The "Second Coming" of the npm Supply-Chain Campaign
Sha1-Hulud malware is an aggressive npm supply-chain attack compromising CI/CD and developer environments. This blog addresses frequently asked questions and advises cloud security teams to immediately audit for at least 800 compromised packages.
網路安全快照: Global Agencies Target Criminal “Bulletproof” Hosts, as CSA Unveils Agentic AI Risk Framework
Cyber agencies call on ISPs to help combat "bulletproof" internet hosts that shield cybercriminals. Meanwhile, the CSA introduced a new methodology to assess the risks of autonomous AI. Plus, get the latest on the CIS Benchmarks, drone-detection systems, and malware infections.
Protecting Your Cloud Data: How Tenable Cloud Security Guards Your Most Valuable Assets in the Cloud
Context is key for protecting data in the cloud. Learn how an integrated CNAPP approach moves beyond basic DSPM and takes into account identities, misconfigurations, and AI workloads to pinpoint the greatest risks to your cloud data.
Stop Patching Panic: Ditch Slow Manual Patching and Embrace Intelligent Automation
Fear of a bad patch causing downtime is justified, but manual patching leaves your organization exposed. See how Tenable Patch Management provides autonomy with customizable rules and guardrails, allowing you to rapidly remediate critical vulnerabilities without risking business disruption.
Active Directory Trust Misclassification: Why Old Trusts Look Like Insecure External Trusts
Tenable Research reveals an Active Directory anomaly: intra-forest trusts created under Windows 2000 lack a key identifying flag, even after domain and forest upgrades. Learn how to find this legacy behavior persisting to this day, and use crossRef objects to correctly distinguish these trust types.
Tenable Cloud Vulnerability Management:降低云时代的漏洞风险
Tenable 已推出 Tenable Cloud Vulnerability Management 解决方案,这是 Tenable One 平台内的一款功能强大的全新产品,旨在帮助漏洞管理负责人识别和修复多云及混合环境中的暴露风险问题,并对其进行优先级分析。
CVE-2025-64446: Fortinet FortiWeb Zero-Day Path Traversal Vulnerability Exploited in the Wild
Fortinet has released an advisory for a recently disclosed zero-day path traversal vulnerability which has been exploited in the wild. 强烈建议企业立即进行修补。
網路安全快照: Refresh Your Akira Defenses Now, CISA Says, as OWASP Revamps Its App Sec Top 10 Risks
Learn why you should revise your Akira ransomware safeguards and see what’s new in OWASP’s revamped Top 10 Web Application Risks. We also cover agentic AI’s cognitive degradation risk, hackers' abuse of Anthropic's agentic AI, the latest AI security trends, and new data on CISO compensation.
联系我们的销售团队