Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Blogs Tenable

July 20, 2025

CVE-2025-53770: Frequently Asked Questions About Zero-Day SharePoint Vulnerability Exploitation

Successful exploitation of CVE-2025-53770 could expose MachineKey configuration details from a vulnerable SharePoint Server, ultimately enabling unauthenticated remote code execution.

Avril 27, 2021

Primary Group ID Attack in Active Directory: How to Defend Against Related Threats

The Primary Group ID in Active Directory, created to help manage access to sensitive resources, has become a critical vulnerability that attackers can exploit to escalate privileges without leaving a trace.The Primary Group ID in Active Directory was originally developed to support the UNIX POSIX mo...


Avril 27, 2021

How to Stop the Kerberos Pre-Authentication Attack in Active Directory

Here’s a look at how to safeguard your Active Directory from the known roasting attack on Kerberos Pre-Authentication.As part of the Kerberos authentication process in Active Directory, there is an initial request to authenticate without a password. This is an artifact left over from Kerberos versio...


12, 2021 avril

High-Fidelity Attack Surface Mapping

Eliminate blind spots and hinder attackers using these three tips to create a high-fidelity map of your organization’s entire attack surface....


12, 2021 avril

The ABCs of Azure Identity Governance Tools

Discover the main Azure mechanisms for governing identities and providing access permissions....


Mars 26, 2021

NetFlow is the Wrong Way to Do Attack Surface Mapping

If your organization relies on NetFlow data for asset management, you're likely overlooking vital information to map your attack surface....


Mars 23, 2021

Crawling Is the Wrong Way To Do Attack Surface Mapping

When analyzing methods to identify assets, crawling should be one tool in the toolbox, but not the only one. If you use crawling exclusively, you’ll likely miss a lot of assets....


March 16, 2021

AWS’s Access Analyzer Preview Access is Great — But Is It Enough?

Learn the ins and outs of the preview access capability in Access Analyzer....


Mars 10, 2021

Deconstructing Azure Access Management using RBAC

Take a focused look at the basics of Azure RBAC (role based access control) -- the main mechanism in Azure for granting permissions to resources. Familiarize you with Azure AD identities and find out how to grant them access to your organization’s resources....


Mars 9, 2021

Infrastructure as Code Security Requires Programmatic Controls

Empower develops with a programmatic approach to security. Voici ce qu'il faut savoir.The concept of shifting security as far left into development as possible is not new, and it is fairly easy to see the benefits: when you catch issues earlier in the software development lifecycle (SDLC) you ...


Des actualités utiles sur la cyber-sécurité

Saisissez votre adresse e-mail et ne manquez plus aucune alerte ni aucun conseil en matière de sécurité de la part de nos experts Tenable.

Coup d’œil sur l'écosystème des ransomwares

Téléchargez le rapport >