IAM Role Trust Update – What You Need to Know
October 19, 2022When it comes to assuming roles, AWS is changing an aspect of how trust policy is evaluated; here is a quick digest of what this change may mean to you.
How Tenable Helps Federal Agencies Meet CISA’s Binding Operational Directive 23-01
October 18, 2022Here’s how to leverage Tenable solutions to achieve compliance with BOD 23-01 from the Cybersecurity and Infrastructure Security Agency (CISA).
Cybersecurity Snapshot: 6 Things That Matter Right Now
October 14, 2022Topics that are top of mind for the week ending Oct. 14 | DevOps team culture is key for supply chain security | SecOps gets more challenging as attack surface expands | Weak credentials hurt cloud security | Incident responders grapple with stress | Security spending grows | And much more!
Consolidate and Unify to Accelerate Your Security Efforts
October 13, 2022CISOs want to shrink their cybersecurity tool stack and see improved interoperability among products so that they can draw actionable insights from uniform and normalized data. Here we explain why this is key for understanding your environment’s security posture and empowering you to make better decisions about mitigating risk.
Verizon’s 2022 Data Breach Report – Insights for Cloud Security Professionals
October 12, 2022Wondering which cyberattack trends are putting your organization at risk? Learn about the leading threat vectors — and how cloud security solutions can help.
Microsoft’s October 2022 Patch Tuesday Addresses 84 CVEs (CVE-2022-41033)
October 11, 2022Microsoft addresses 84 CVEs in its October 2022 Patch Tuesday release, including 13 critical flaws.
CISOs Tell All: Everything You’ve Ever Wanted To Know About CISOs in 2022
October 11, 2022You’ve got questions and they’ve got answers. A global survey provides a snapshot of what it’s like to sit in the CISO chair, as these cybersecurity leaders face increasingly sophisticated cyber threa...
Tenable.io: To control or not to control, that is the question
October 10, 2022For large deployments of Tenable, where Tenable.io is shared across geographical or business boundaries, you can leverage role-based access control (RBAC) to logically segment scan data or, where required, restrict access to its scan data. In this blog, we’ll explain the configuration required to implement RBAC successfully.
Top 20 CVEs Exploited by People's Republic of China State-Sponsored Actors (AA22-279A)
October 7, 2022CISA, the NSA and FBI issue a joint advisory detailing the top 20 vulnerabilities exploited by state-sponsored threat actors linked to the People’s Republic of China.
CVE-2022-40684: Critical Authentication Bypass in FortiOS and FortiProxy
October 7, 2022Fortinet has patched a critical authentication bypass in its FortiOS and FortiProxy products that could lead to administrator access.
Cybersecurity Snapshot: 6 Things That Matter Right Now
October 7, 2022Topics that are top of mind for the week ending Oct. 7 | CISA puts spotlight on asset inventory and vulnerability management | Think tank does deep dive on IoT security | What’s the current state of cybersecurity? Not great | New malware cracks monthly top 10 list | And much more!
Public Network Access to Azure Resources Is Too Easy to Configure
October 6, 2022For some types of Microsoft Azure resources and subnets, it’s extremely easy to configure what is essentially public network access. We describe here some examples and how to reduce such risks.