Tenable 博客
網路安全快照: Expert Advice for Securing Critical Infrastructure’s OT and Industrial Control Systems, IoT Devices and Network Infrastructure
有关 MITRE CVE 计划到期和续订的常见问题
Concerns about the future of the MITRE CVE Program continue to circulate. The Tenable Security Response Team has created this FAQ to help provide clarity and context around this developing situation.
Oracle 2025 年重要补丁更新解决了 171 个 CVE
Oracle addresses 171 CVEs in its second quarterly update of 2025 with 378 patches, including 40 critical updates.BackgroundOn April 15, Oracle released its Critical Patch Update (CPU) for April 2025, the second quarterly update of the year. This CPU contains fixes for 171 unique CVEs in 378…
MITRE CVE 计划资金资助延长一年
MITRE’s CVE program has been an important pillar in cybersecurity for over two decades. While CISA secured funding on April 16 to extend the program for the next year, the lack of clarity surrounding its long-term future creates great uncertainty about how newly discovered vulnerabilities will be…
You Have Exposure Management Questions. We’ve Got Answers
每周一,Tenable 风险暴露管理学院都会提供实用、贴合实际的指导,帮助企业从漏洞管理转向风险暴露管理。 In this post, we feature the first Exposure Management Academy FAQ. We’ll run these FAQs from time to time to share some of the…
Geopolitics Just Cranked Up Your Threat Model, Again. Here’s What Cyber Pros Need to Know
If it feels like your entire cybersecurity program is once again operating on a geopolitical fault line, you're not imagining things.
網路安全快照: Beware of Mobile Spyware Attacks, Cyber Agencies Warn, While Corporate Boards Get Cyber Governance Guidance
Check out why a global geopolitical spyware campaign could ensnare mobile users outside of its target groups. Plus, the U.K.’s cyber agency offers cyber governance resources to boards of directors. Also, find out what webinar attendees told Tenable about using port scanning and service discovery to…
Frequently Asked Questions About Model Context Protocol (MCP) and Integrating with AI for Agentic Applications
The emergence of Model Context Protocol for AI is gaining significant interest due to its standardization of connecting external data sources to large language models (LLMs). While these updates are good news for AI developers, they raise some security concerns. In this blog we address FAQs about…
五步加强云安全:云配置安全的重要性
Mismanaging configurations in your multi-cloud environment can put you at an elevated risk for cyber attacks. In the first installment of our “Stronger Cloud Security in Five” blog series, we outline five best practices for boosting your cloud configuration management.
Microsoft 2025 年 4 月补丁星期二解决了 121 个 CVE (CVE-2025-29824)
Microsoft addresses 121 CVEs including one zero-day which was exploited in the wild.