如何建置 Just-In-Time 存取:最佳做法以及經驗教訓
With the just-In-time (JIT) access control method, privileges are granted temporarily on an as-needed basis. This reduces static entitlements, lowering the risk of compromised accounts and preventing privilege creep. In this blog, we’ll share how we implemented JIT access internally at Tenable…
如何利用 Tenable 解決方案強化 GitLab 權限
If your organization uses GitLab for managing your software development lifecycle, you must ensure you’re not misconfiguring the permissions of this open source DevSecOps platform. Doing so can expose your source code, along with sensitive data, while creating security risks. In this blog, we’ll…
建立巧妙的 Azure 自訂角色:將毫無作為轉化為付諸行動!
Creating custom Roles in Azure can be a complex process that may yield long and unwieldy Role definitions that are difficult to manage. However, it doesn’t have to be that way. Read on to learn how you can simplify this process using the Azure “NotActions” and “NotDataActions” attributes, and…
身分安全是對抗進階 OT 威脅時遺漏的環節
Sophisticated OT threats, like living-off-the-land (LotL) attacks, exploit identity vulnerabilities to infiltrate critical infrastructure. Find out how robust identity security and unified exposure management can help you detect, prioritize and mitigate risks across IT and OT environments.
身分管理是一個全新戰場:何以主動式安全是前進未來之路?
Protecting identities has become a top priority for security teams. However, many organizations remain exposed due to blind spots caused by identity sprawl and misplaced trust in identity providers. This blog explores why traditional security measures fall short, how AI-driven attackers are…
CISA Releases FOCAL Plan to Help Federal Agencies Reduce Cyber Risk
CISA’s FOCAL Plan, which aims to standardize the cybersecurity operations of federal civilian agencies, marks an important step in the federal government's efforts to strengthen cyber defenses and reduce agency risk. Learn how Tenable One for Government, which recently achieved FedRAMP…
What Makes This “Data Privacy Day” Different?
As we celebrate Data Privacy Day, Bernard Montel, Tenable’s EMEA Technical Director and Security Strategist, wants to remind us that we live in a digital world and that we need to protect it. With data breaches a daily occurrence, and AI changing the playing field, he urges everyone to “do better.”
最新的 CISA 強化指南為網路安全工程師提供了寶貴的見解
Recent guidance from CISA and the FBI highlights best practices to monitor and harden network infrastructure. The guidance, published in response to high-profile attacks on telecom infrastructure, is applicable to a wider audience. This blog unpacks important points and explains how Tenable…
Data Security in Healthcare: How Tenable Cloud Security Can Help
Healthcare is one of the most highly regulated industry sectors in the world. Adhering to compliance standards while also ensuring optimal patient experiences is a challenge. DSPM capabilities in Tenable Cloud Security can ease the burden on cybersecurity teams.
如果您只有一分鐘:有效曝險應變的快速秘訣
Comprehensive, action-oriented workflows and key metrics are the cornerstones of a successful exposure response program. 以下是幾點須知。
如果您只有兩分鐘:設定曝險應變 SLA 的最佳做法
Keeping vulnerability management efforts focused on achievable goals is key to avoiding cybersecurity team burnout. Here’s how exposure response workflows and SLAs can help.
如果您只有三分鐘:有效曝險應變的關鍵要素
Learned helplessness and lack of prioritization are two vulnerability management pitfalls cybersecurity teams face. Here’s how an exposure response program can help.