Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

AA23-215A: 2022's Top Routinely Exploited Vulnerabilities

August 3, 2023

A joint Cybersecurity Advisory collaborated on by multiple international agencies highlights the top routinely exploited vulnerabilities of 2022.

CNAPPgoat: The Multicloud Open-Source Tool for Deploying Vulnerable-by-Design Cloud Resources

August 2, 2023

Here’s all you need to know about CNAPPgoat, our open-source project designed to modularly provision vulnerable-by-design components in cloud environments.

Using the Service Location Protocol (SLP) to Find Exposed Management Interfaces

August 2, 2023

Exposed management interfaces are valuable entry points for attackers. CISA Binding Operational Directive 23-02 calls for getting them off the internet. Here’s a novel approach for finding some of these elusive devices using SLP.

Unpacking the Shared Responsibility Model for Cloud Security: How To Avoid Coverage Gaps and Confusion

August 2, 2023

Confusion over the scope of customer responsibility for cloud security causes control gaps and exposes businesses to risks of attack and non-compliance. Secure configuration of customer-managed resources is the most critical factor for reducing cloud risk. However, it can only be achieved by first understanding the nuances of responsibility before identifying and applying appropriate controls.

What's New in Tenable OT Security 3.16: Elevating Building Management System Security and User Experience

August 1, 2023

Tenable OT Security 3.16 introduces advanced security for building automation systems, a streamlined interface and simplified upgrade process, empowering users to be at the forefront of securing their IT, OT, BMS and IoT assets with confidence.

Tenable Cyber Watch: U.S. Gov Releases Cybersecurity Implementation Plan, CISA Shares Free Tools for Cloud Security, and more

July 31, 2023

This week’s edition of Tenable Cyber Watch unpacks the White House’s National Cybersecurity Strategy Implementation Plan and offers new tips and guidance for C-level executives regarding generative AI adoption. Also covered: CISA shares its factsheet offering free tools to help secure cloud environments.

FAQ: What the New SEC Cybersecurity Rules Mean for Infosec Leaders

July 28, 2023

On July 26, the SEC voted 3-2 to adopt new rules which would require several new cybersecurity disclosures from publicly traded companies. Here’s what cybersecurity leaders need to know.

Cybersecurity Snapshot: SEC Wants More Cybersecurity Transparency from Public Companies

July 28, 2023

Find out what’s in the SEC’s new cybersecurity disclosure rules. Plus, CISA analyzes the cyber risks impacting critical infrastructure organizations. Also, check out guidance for shadow IT and tips to boost your security awareness program. And much more!

Tenable's 2023 Capture The Flag: Are You Ready to Test Your Hacking Skills?

July 26, 2023

Tenable is bringing its annual hacking competition to Black Hat 2023 in a hybrid in-person and online experience, giving competitors around the world a chance to have fun and test their skills.

How To Obtain the Right Cybersecurity Insurance for Your Business

July 26, 2023

Cyber insurance has become a necessity, and the cost and effort to obtain it can be considerable. Still, your organization can boost its odds of landing the coverage it needs at a fair price that’s consistent with its risk profile. Check out the invaluable advice from a panel of experts from the insurance, legal and cybersecurity fields.

CVE-2023-35078: Ivanti Endpoint Manager Mobile (EPMM) / MobileIron Core Unauthenticated API Access Vulnerability

July 25, 2023

Critical vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks

AI Is About To Take Cybersecurity By Storm: Here's What You Can Expect

July 25, 2023

Generative AI will elevate the practice of successful preventive cybersecurity, but how will it manifest itself across cybersecurity products? Here are a few game-changers to look for.

Apache Log4j Flaw Puts Third-Party Software in the Spotlight

Get the Details >

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.