Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

訂閱

網路安全概要: CISA Calls on Software Makers To Use Memory Safe Languages, as OpenSSF Issues Secure Software Principles

December 8, 2023
CISA is urging developers to stamp out memory vulnerabilities with memory safe programming languages. Meanwhile, the OpenSSF published 10 key principles for secure software development. Plus, malware used in fake browser-update attacks ballooned in Q3. In addition, a new program aims to boost the cyber defenses of critical infrastructure orgs. 還有更多內容等您探索!

CVE-2023-4966 (CitrixBleed): Invalidate Active or Persistent Sessions To Prevent Further Compromise

December 6, 2023

Patching CitrixBleed isn’t enough; organizations need to invalidate active or persistent session tokens as the these tokens can be used to compromise networks and bypass authentication measures including multifactor authentication

Tenable 網路觀察:CSA 發表零信任認證、CISA 更新了安全證明表單等等

December 4, 2023

This week’s edition of Tenable Cyber Watch unpacks CISA’s Security Attestation Form Draft and discusses CSA’s new Zero Trust Certification. Also covered: The FCC’s new pilot program that would help U.S. schools and libraries boost their cybersecurity.

網路安全概要: 美國、英國政府對建立安全的 AI 系統提出建言

December 1, 2023

Looking for guidance on developing AI systems that are safe and compliant? Check out new best practices from the U.S. and U.K. cyber agencies. Plus, a new survey shows generative AI adoption is booming, but security and privacy concerns remain. In addition, CISA is warning municipal water plants about an active threat involving Unitronics PLCs. 還有更多內容等您探索!

利用身分驗證掃描發揮您弱點掃描的最高價值

November 30, 2023

Want to get a lot more value out of your vulnerability scans? Start doing authenticated scanning

AWS Access Analyzer 愈來愈強大,Tenable Cloud Security 也是

November 27, 2023

AWS IAM Access Analyzer now has an API allowing you to make custom policy checks. Tenable Cloud Security allows you to easily use this API as part of its code scanning functionality. Find out how and ...

身分:雲端中安全性的結締組織

November 27, 2023

Almost everything in the cloud is one excess privilege or misconfiguration away from exposure. Proper cloud posture and entitlement management can help mitigate risk and eliminate toxic combinations.

Tenable 網路觀察:NCSC 針對量子威脅提出指引、為保護軟體供應鏈所採用的 SBOM 以及更多內容

November 27, 2023

This week’s edition of Tenable Cyber Watch unpacks what organizations need to do to prepare for quantum computing attacks and addresses SBOM adoption to help organizations beef up the security of the software supply chain. Also covered: 美國Office of Management and Budget drafts guidance for fed agencies’ AI use.

網路安全概要: U.S. 政府修法,對軟體廠商進行問卷調查尋求有關安全評估的意見

November 24, 2023

Uncle Sam wants your input on the latest version of the “Secure Software Development Attestation Form” that federal agencies will use to assess the security of software vendors. Plus, it’s warning cyber teams about the threats from the Rhysida and Scattered Spider cybercrime groups. In addition, there’s a new zero trust certification. 還有更多內容等您探索!

Decrypting CNAPP: Moving Beyond the Acronyms and Analyst Jargon to a Unified Approach to Cloud Security

November 21, 2023

CNAPPs provide end-to-end protection of cloud workloads by combining previously siloed tools, such as CSPM and CWPP into a single platform. In this post, we’ll explain what the key benefits of CNAPP are and how organizations can use these tools to protect their cloud workloads.

CitrixBleed 常見問答集 (CVE-2023-4966)

November 20, 2023

Frequently asked questions relating to a critical vulnerability in Citrix NetScaler that has been under active exploitation for over a month, including by ransomware groups.

Tenable 網路觀察:11 月被定為重大基礎設施安全與穩定月,以及更多內容

November 20, 2023

This week’s edition of Tenable Cyber Watch unpacks Critical Infrastructure Security and Resilience month and addresses the “Shields Ready” campaign aimed at promoting critical infrastructure security and resilience. Also covered: Do most organizations need a generative AI policy? What one poll shows.

網路安全概要: Are SBOMs on Your Supply Chain Security Radar Screen? Check Out New Recommendations from CISA and NSA

November 17, 2023

The SBOM concept is still half-baked, but CISA and NSA want to help change that with new best practices for software vendors, developers and buyers. Plus, there’s new guidance about the Royal ransomware gang – as ransomware attacks grow. In addition, Google highlights a new typosquatting trend impacting cloud storage. 還有更多內容等您探索!

一窺勒索軟體生態系統究竟

下載報告 >

您可以使用的網路安全最新消息

輸入您的電子郵件,就不會錯過來自 Tenable 專家提供的及時警示與安全指引。

Tenable Vulnerability Management

前稱 Tenable.io

享受現代、雲端型的弱點管理平台,能夠以無與倫比的準確性查看和追蹤所有資產。

您的 Tenable Vulnerability Management 試用版軟體也包含 Tenable Lumin 和 Tenable Web App Scanning。

Tenable Vulnerability Management

前稱 Tenable.io

享受現代、雲端型的弱點管理平台,使您能夠以無與倫比的準確性查看和追蹤所有資產。 立即訂閱一年。

100 項資產

選取您的訂閱選項:

立即購買

Tenable Vulnerability Management

前稱 Tenable.io

享受現代、雲端型的弱點管理平台,能夠以無與倫比的準確性查看和追蹤所有資產。

您的 Tenable Vulnerability Management 試用版軟體也包含 Tenable Lumin 和 Tenable Web App Scanning。

Tenable Vulnerability Management

前稱 Tenable.io

享受現代、雲端型的弱點管理平台,使您能夠以無與倫比的準確性查看和追蹤所有資產。 立即訂閱一年。

100 項資產

選取您的訂閱選項:

立即購買

Tenable Vulnerability Management

前稱 Tenable.io

享受現代、雲端型的弱點管理平台,能夠以無與倫比的準確性查看和追蹤所有資產。

您的 Tenable Vulnerability Management 試用版軟體也包含 Tenable Lumin 和 Tenable Web App Scanning。

Tenable Vulnerability Management

前稱 Tenable.io

享受現代、雲端型的弱點管理平台,使您能夠以無與倫比的準確性查看和追蹤所有資產。 立即訂閱一年。

100 項資產

選取您的訂閱選項:

立即購買

免費試用 Tenable Nessus Professional

免費試用 7 天

Tenable Nessus 是目前市場上最全方位的弱點掃描器。

最新 - Tenable Nessus Expert
現已上市

Nessus Expert 新增了更多功能,包括外部攻擊破綻掃描和新增網域及掃描雲端基礎架構的能力。按這裡試用 Nessus Expert。

請填妥以下表單以繼續 Nessus Pro 試用。

購買 Tenable Nessus Professional

Tenable Nessus 是目前市場上最全方位的弱點掃描器。Tenable Nessus Professional 可協助將弱點掃描流程自動化,節省您執行合規工作的時間並讓您與 IT 團隊合作。

購買多年期授權,節省更多。新增 365 天全年無休 24 小時全天候可使用電話、社群及對談的進階支援。

選擇您的授權

購買多年期授權,節省更多。

增加支援與訓練

試用 Tenable Web App Scanning

前稱 Tenable.io Web Application Scanning

享受完整存取我們專為新型應用程式所設計、屬於 Tenable One 曝險管理平台一部分的最新 Web 應用程式掃描產品。不需耗費大量人力或中斷重要 Web 應用程式,即可高度準確且安全地掃描您整個線上產品系列中是否含有任何弱點。 立即註冊。

您的 Tenable Web App Scanning 試用版軟體也包含 Tenable Vulnerability Management 和 Tenable Lumin。

購買 Tenable Web App Scanning

前稱 Tenable.io Web Application Scanning

享受現代、雲端型的弱點管理平台,使您能夠以無與倫比的準確性查看和追蹤所有資產。 立即訂閱一年。

5 個 FQDN

$3,578

立即購買

試用 Tenable Lumin

利用 Tenable Lumin 視覺化並探索您的曝險管理、追蹤經過一段時間後風險降低的情形以及與同業進行指標分析。

您的 Tenable Lumin 試用版軟體也包含 Tenable Vulnerability Management 和 Tenable Web App Scanning。

購買 Tenable Lumin

聯絡業務代表,瞭解 Tenable Lumin 如何協助您取得您整個環境的深入解析和管理網路風險。

免費試用 Tenable Nessus Expert

免費試用 7 天

Nessus Expert 是專為現代攻擊破綻所打造,它能讓您從 IT 到雲端洞察更多資訊,並保護貴公司免於弱點危害。

您已經有 Tenable Nessus Professional 了嗎?
升級至 Nessus Expert,免費試用 7 天。

購買 Tenable Nessus Expert

Nessus Expert 是專為現代攻擊破綻所打造,它能讓您從 IT 到雲端洞察更多資訊,並保護貴公司免於弱點危害。

選擇您的授權

購買多年期授權省更多!

增加支援與訓練

免費試用 Nessus Expert

免費試用 7 天

Nessus Expert 是專為現代攻擊破綻所打造,它能讓您從 IT 到雲端洞察更多資訊,並保護貴公司免於弱點危害。

您已擁有 Nessus Professional 嗎?
升級至 Nessus Expert,免費試用 7 天。

購買 Tenable Nessus Expert

Nessus Expert 是專為現代攻擊破綻所打造,它能讓您從 IT 到雲端洞察更多資訊,並保護貴公司免於弱點危害。

選擇您的授權

購買多年期授權省更多!

增加支援與訓練