Tenable 博客
Code-to-Cloud Visibility: Why Fragmented Security Can’t Scale
使用服务定位协议 (SLP) 查找公开的管理接口
Exposed management interfaces are valuable entry points for attackers. CISA Binding Operational Directive 23-02 calls for getting them off the internet. Here’s a novel approach for finding some of these elusive devices using SLP.
揭示云安全的责任共担模型:如何避免覆盖面缺口和混淆
Confusion over the scope of customer responsibility for cloud security causes control gaps and exposes businesses to risks of attack and non-compliance. Secure configuration of customer-managed resources is the most critical factor for reducing cloud risk. However, it can only be achieved by first…
Tenable OT Security 3.16 的新功能: 提升楼宇管理系统的安全性和用户体验
Tenable OT Security 3.16 introduces advanced security for building automation systems, a streamlined interface and simplified upgrade process, empowering users to be at the forefront of securing their IT, OT, BMS and IoT assets with confidence.
Tenable 网络观察:美国政府发布网络安全实施计划,CISA 共享云安全免费工具,等等
This week’s edition of Tenable Cyber Watch unpacks the White House’s National Cybersecurity Strategy Implementation Plan and offers new tips and guidance for C-level executives regarding generative AI adoption. Also covered: CISA shares its factsheet offering free tools to help secure cloud…
FAQ:新的 SEC 网络安全规则对信息安全领导者意味着什么
On July 26, the SEC voted 3-2 to adopt new rules which would require several new cybersecurity disclosures from publicly traded companies. Here’s what cybersecurity leaders need to know.
网络安全快照: SEC 要求上市公司提高网络安全透明度
Find out what’s in the SEC’s new cybersecurity disclosure rules. Plus, CISA analyzes the cyber risks impacting critical infrastructure organizations. Also, check out guidance for shadow IT and tips to boost your security awareness program. And much more!
Tenable 2023 年夺旗比赛:你要测试您的黑客技术了吗?
Tenable is bringing its annual hacking competition to Black Hat 2023 in a hybrid in-person and online experience, giving competitors around the world a chance to have fun and test their skills.
如何为企业购买合适的网络安全保险
Cyber insurance has become a necessity, and the cost and effort to obtain it can be considerable. Still, your organization can boost its odds of landing the coverage it needs at a fair price that’s consistent with its risk profile. Check out the invaluable advice from a panel of experts from the…
CVE-2023-35078:Ivanti Endpoint Manager Mobile (EPMM) / MobileIron Core 未经身份验证的 API 访问漏洞
Critical vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks
