Tenable 博客
Gartner® 在 2025 年发布的报告中,将 Tenable 评为当前 AI 驱动的暴露风险评估领域的“Company to Beat”(最具挑战性的领军公司)
推出 Tenable One AI Exposure: 打造大规模 AI 使用安全新标准
借助 Tenable One AI Exposure,可持续发现并监控企业内部所有 AI 使用场景,包括影子 AI、代理、浏览器插件等各类应用。通过映射复杂的 AI 工作流,精准识别高影响暴露风险,并确保 AI 使用符合安全和可接受使用策略。
Oracle January 2026 Critical Patch Update Addresses 158 CVEs
Oracle addresses 158 CVEs in its first quarterly update of 2026 with 337 patches, including 27 critical updates.
Tenable Discovers SSRF Vulnerability in Java TLS Handshakes That Creates DoS Risk
Tenable Research has discovered a server-side request forgery (SSRF) vulnerability in Java’s handling of client certificates during a TLS handshake. In certain configurations, this can be abused to cause a denial-of-service (DoS) condition.Key takeawaysTenable Research identified a vulnerability in…
CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Command Injection Vulnerability
Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM devices.Key takeaways:CVE-2025-64155 is a critical operating system (OS) command injection vulnerability affecting Fortinet FortiSIEM. Fortinet vulnerabilities have…
Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)
Microsoft addresses 113 CVEs in the first Patch Tuesday of 2026, with two zero-days, including one that was exploited in the wild.
Tenable Is a Gartner® Peer Insights™ Customers’ Choice for Cloud-Native Application Protection Platforms
This recognition — based entirely on feedback from the people who use our products every day — to us is a testament to the unmatched value Tenable Cloud Security CNAPP offers organizations worldwide.
網路安全快照: Predictions for 2026: AI Attack Acceleration, Automated Remediation, Custom-Made AI Security Tools, Machine Identity Threats, and More
In this special edition, Tenable leaders forecast key 2026 trends, including: AI will make attacks more plentiful and less costly; machine identities will become the top cloud risk; preemptive cloud and exposure management will dethrone runtime detection; and automated remediation gets the go-ahead.
CVE-2025-14847 (MongoBleed): MongoDB Memory Leak Vulnerability Exploited in the Wild
A recently disclosed vulnerability affecting MongoDB instances has been reportedly exploited in the wild. Exploit code has been released for this flaw dubbed MongoBleed.
網路安全快照: 2025 Rewind: Essential Cyber Insights, Strategies and Tactics
In this special year-end edition, we revisit critical advice from our cybersecurity experts on AI, exposure management, cloud, vulnerability management, OT, and critical infrastructure.