Tenable 博客
The developer credential economy: Why exposure data is the new front line in the supply chain war
有关伊朗网络运营的常见问题
Tenable’s Research Special Operations team focuses on some frequently asked questions about Iranian cyber operations, including the tactics, techniques and procedures employed by Iran-based threat actors.
有害云三要素:为何您的工作负载是一颗定时炸弹
Don’t let hidden cloud risks become tomorrow’s headline breach. The time to dismantle the toxic cloud trilogy is now. Here’s how Tenable Cloud Security can help.
From Insight to Action: How Tenable One KPIs Drive Exposure Management Success
Tenable One empowers security teams to go beyond surface-level risk tracking and drive measurable improvements across their security programs. With unified visibility and customizable dashboards, Tenable One makes it easy to monitor the KPIs that matter most, helping teams shift from reactive…
How Exposure Management Helps Communicate Cyber Risk
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. This week, Tenable experts discuss best practices for communicating cyber risk.
網路安全快照: Tenable Report Spotlights Cloud Exposures, as Google Catches Pro-Russia Hackers Impersonating Feds
Check out highlights from Tenable’s “2025 Cloud Security Risk Report,” which delves into the critical risk from insecure cloud configurations. Plus, Google reveals a Russia-sponsored social engineering campaign that targeted prominent academics’ Gmail accounts. And get the latest on AI system…
五步加强云安全:加快云中的响应速度
In this sixth installment of Tenable’s “Stronger Cloud Security in Five” blog series, we offer three recommendations that you can quickly roll out to help you expedite, prioritize and fine-tune how you detect and respond to cloud security issues.
GerriScary:破解常见 Google 产品(ChromiumOS、Chromium、Bazel、Dart 等)的供应链。
Tenable Cloud Research discovered a supply chain compromise vulnerability in Google's Gerrit code-collaboration platform which we dubbed GerriScary. GerriScary allowed unauthorized code submission to at least 18 Google projects including ChromiumOS (CVE-2025-1568), Chromium, Dart and Bazel, which…
暴露风险管理就是主动安全的未来
每周一,Tenable 风险暴露管理学院都会提供实用、贴合实际的指导,帮助企业从漏洞管理转向风险暴露管理。 In this post, Jorge Orchilles, Senior Director of Readiness and Proactive Security at Verizon, offers an up-close glimpse at the…
