Blogs Tenable
CVE-2026-20127: Cisco Catalyst SD-WAN Controller/Manager Zero-Day Authentication Bypass Vulnerability Exploited in the Wild
Les identités : le tissu conjonctif de la sécurité dans le cloud
Presque tout dans le cloud est potentiellement exposé à cause d'un privilège excessif ou d'une mauvaise configuration. Une gestion adéquate de la posture cloud et des droits d'accès permet d'atténuer le risque et d'éliminer les combinaisons toxiques.
Tenable Cyber Watch: NCSC Offers Guidance for Quantum Threat, SBOM Adoption for Securing the Software Supply Chain, and more
This week’s edition of Tenable Cyber Watch unpacks what organizations need to do to prepare for quantum computing attacks and addresses SBOM adoption to help organizations beef up the security of the software supply chain. Also covered: LeOffice of Management and Budget drafts guidance for…
Cybersecurity Snapshot: U.S. Gov’t Revises, Seeks Input on Security Assessment Questionnaire for Software Vendors
Uncle Sam wants your input on the latest version of the “Secure Software Development Attestation Form” that federal agencies will use to assess the security of software vendors. Plus, it’s warning cyber teams about the threats from the Rhysida and Scattered Spider cybercrime groups. In addition,…
Decrypting CNAPP: Moving Beyond the Acronyms and Analyst Jargon to a Unified Approach to Cloud Security
CNAPPs provide end-to-end protection of cloud workloads by combining previously siloed tools, such as CSPM and CWPP into a single platform. In this post, we’ll explain what the key benefits of CNAPP are and how organizations can use these tools to protect their cloud workloads.
Frequently Asked Questions for CitrixBleed (CVE-2023-4966)
Frequently asked questions relating to a critical vulnerability in Citrix NetScaler that has been under active exploitation for over a month, including by ransomware groups.
Tenable Cyber Watch: November Declared Critical Infrastructure Security and Resilience Month, and more
This week’s edition of Tenable Cyber Watch unpacks Critical Infrastructure Security and Resilience month and addresses the “Shields Ready” campaign aimed at promoting critical infrastructure security and resilience. Also covered: Do most organizations need a generative AI policy? What one poll…
Cybersecurity Snapshot: Are SBOMs on Your Supply Chain Security Radar Screen? Check Out New Recommendations from CISA and NSA
The SBOM concept is still half-baked, but CISA and NSA want to help change that with new best practices for software vendors, developers and buyers. Plus, there’s new guidance about the Royal ransomware gang – as ransomware attacks grow. In addition, Google highlights a new typosquatting trend…
Tenable Nessus Scanner Capabilities Receive Red Hat Recognition
La certification Red Hat Vulnerability Scanner Certification pour Tenable Nessus incarne notre engagement de continuer à offrir à nos clients toute la visibilité nécessaire dans leurs systèmes Red Hat Enterprise Linux.Découvrez ce que cela signifie vraiment et comment nos clients vont en bénéficier.
Microsoft’s November 2023 Patch Tuesday Addresses 57 CVEs (CVE-2023-36025)
Microsoft addresses 57 CVEs, including three zero-day vulnerabilities that were exploited in the wild.
