Cybersecurity Snapshot: North Korea’s Cyber Spies Hunt for Nuclear Secrets, as Online Criminals Ramp Up AI Use in the EU
July 26, 2024ConfusedFunction: A Privilege Escalation Vulnerability Impacting GCP Cloud Functions
July 24, 2024Organizations that have used Google Cloud Platform’s Cloud Functions – a serverless execution environment – could be impacted by a privilege escalation vulnerability discovered by Tenable and dubbed as “ConfusedFunction.” Read on to learn all about the vulnerability and what your organization needs to do to protect itself.
Tenable’s Software Update Process Protects Customers’ Business Continuity with a Safe, Do-No-Harm Design
July 23, 2024With the unprecedented tech outages experienced by so many of our customers over the last week, we recognize the need for deeper understanding of our software development processes and how they support global business continuity. In this blog post, we’ll outline how Tenable’s comprehensive approach to the software development lifecycle (SDLC) allows us to produce extremely high-quality software and protect our customers’ business operations with a secure, do-no-harm approach.
If You Only Have Five Minutes, Here’s CNAPP in a Snap (But We Have an Ebook, Too)
July 23, 2024If you’re a bit puzzled by all the talk about cloud native application protection platforms (CNAPPs), worry not. Our new eBook “Empower Your Cloud: Mastering CNAPP Security” explains in plain English what CNAPP is, how it works and why it’ll help you secure your cloud environment confidently. Read on to check out the eBook’s main highlights.
Improving Your Cloud Security Using JIT Access for Sensitive SaaS Applications
July 22, 2024Using just-in-time controls to secure access to your SaaS applications will reduce your cloud attack surface by avoiding permanent access and enforcing least privilege.
How To Do a Security Audit of Pimcore Enterprise Platform
July 22, 2024Our new research paper gives you a roadmap for using Pimcore's features while preserving security.
Tenable Customer Update about CrowdStrike Incident
July 19, 2024Please read this important customer update about CrowdStrike's recent incident.
Cybersecurity Snapshot: CISA Breaks Into Agency, Outlines Weak Spots in Report, as Cloud Security Alliance Updates Cloud Sec Guidance
July 19, 2024CISA’s red team acted like a nation-state attacker in its assessment of a federal agency’s cybersecurity. Plus, the Cloud Security Alliance has given its cloud security guidance a major revamping. Meanwhile, a Google report puts a spotlight on insecure credentials. And the latest on open source security, CIS Benchmarks and much more!
Tenable Announces Former Senior Administration Officials to Inaugural Public Sector Advisory Board
July 18, 2024Rob Joyce and Mark Weatherford will help Tenable shape federal cyber and AI policy
Oracle July 2024 Critical Patch Update Addresses 175 CVEs
July 16, 2024Oracle addresses 175 CVEs in its third quarterly update of 2024 with 386 patches, including 26 critical updates.
Cybersecurity Snapshot: CISA Tells Tech Vendors To Squash Command Injection Bugs, as OpenSSF Calls on Developers To Boost Security Skills
July 12, 2024Check out CISA’s call for weeding out preventable OS command injection vulnerabilities. Plus, the Linux Foundation and OpenSSF spotlight the lack of cybersecurity expertise among SW developers. Meanwhile, GenAI deployments have tech leaders worried about data privacy and data security. And get the latest on FedRAMP, APT40 and AI-powered misinformation!
Comment la gestion des vulnérabilités basée sur le risque booste la posture de sécurité de votre environnement IT moderne
July 11, 2024L'évaluation des vulnérabilités et la gestion des vulnérabilités ont l'air identiques, mais c'est faux. Comme l'explique un nouveau livre blanc émanant d'ESG (Enterprise Strategy Group), il est indispensable de comprendre les différences qui les caractérisent et de passer d'une série d'évaluations des vulnérabilités ad-hoc à une gestion des vulnérabilités continue et basée sur le risque (RBVM). Consultez-le pour découvrir les points clés issus de cette étude mandatée par Tenable et comment la RBVM aide les entreprises à atteindre une posture de sécurité et de risque solide au sein d'environnements hybrides, complexes et multicloud.
Microsoft’s July 2024 Patch Tuesday Addresses 138 CVEs (CVE-2024-38080, CVE-2024-38112)
July 9, 2024Microsoft addresses 138 CVEs in its July 2024 Patch Tuesday release, with five critical vulnerabilities and three zero-day vulnerabilities, two of which were exploited in the wild.