Tenable 博客
Code-to-Cloud Visibility: Why Fragmented Security Can’t Scale
Microsoft 2023 年 7 月补丁星期二解决了 130 个 CVE (CVE-2023-36884)
Microsoft addresses 130 CVEs including five that were exploited in the wild as zero-day vulnerabilities and guidance on the malicious use of Microsoft signed drivers.
Tenable 网络观察:研究发现,许多 CISO 都欠缺在董事会任职的资格,网络安全如何促进业务拓展,等等
This week’s edition of Tenable Cyber Watch unpacks the new comprehensive guide on LockBit, the world’s most deployed ransomware variant, and explores how cybersecurity can boost business. Also covered: a new study finds many CISOs to be unqualified to serve on boards.
网络安全快照: ChatGPT-like Tools Will Boost Developers’ Speed – and Amplify Cyber Risk
Learn about the promise and peril of generative AI for software development – and how it makes business execs both happy and fearful. Plus, do cyber teams underestimate risk? Also, NIST has a new AI working group – care to join? And much more!
An Unexpected Implication of Lambda Privileges
Learn how a combination of AWS service usage and permissions discovered by Tenable Cloud Security may increase risk upon a certain non-compliance.
Tenable 网络观察:联邦政府悬赏 1000 万美元征集 CL0P 线索、应对勒索病毒事件的最佳实践等等
This week’s edition of Tenable Cyber Watch unpacks the $10 million bounty issued by the U.S. State Department’s Rewards for Justice program for information on the CL0P gang and shares four best practices for ransomware incident response. Also covered: a new study finds U.S. critical infrastructure…
网络安全快照: As AI Worries Spike, Experts Send Secure AI Advice to the White House, Capitol Hill
Learn all about the recommendations the NAIAC made to the U.S. government for responsible AI. Plus, employees go gaga over ChatGPT, while cyber teams get tasked with securing it. Also, we look at cloud IAM challenges and how to tackle them. And much more!
The Default Toxic Combination of GCP Compute Engine Instances
By default, compute instances in GCP are prone to a toxic combination that you should be aware of, and can avoid and fix.
OT 海上安全:惊涛骇浪还是一帆风顺?
在网络安全方面,海事行业就像是在一片不断变化的海洋中遨游。 互联船舶和新技术使航运界变得更加高效,但也带来了网络安全风险。 Here's what you need to know about the challenges and risks these floating cities face …
风险暴露管理如何让渗透测试更有效
Pen testing needs to be supplemented with a routine vulnerability scanning schedule to pick up changes that may introduce vulnerabilities over time, to improve efficiencies in the overall process and to reduce the overhead costs in the penetration testing process.
