CNAPPgoat:The Multicloud Open-Source Tool for Deploying Vulnerable-by-Design Cloud Resources
Here’s all you need to know about CNAPPgoat, our open-source project designed to modularly provision vulnerable-by-design components in cloud environments....
Using the Service Location Protocol (SLP) to Find Exposed Management Interfaces
Exposed management interfaces are valuable entry points for attackers. CISA Binding Operational Directive 23-02 calls for getting them off the internet. Here’s a novel approach for finding some of these elusive devices using SLP....
Unpacking the Shared Responsibility Model for Cloud Security: How To Avoid Coverage Gaps and Confusion
Confusion over the scope of customer responsibility for cloud security causes control gaps and exposes businesses to risks of attack and non-compliance. Secure configuration of customer-managed resources is the most critical factor for reducing cloud risk. However, it can only be achieved by first u...
What's New in Tenable OT Security 3.16: Elevating Building Management System Security and User Experience
Tenable OT Security 3.16 introduces advanced security for building automation systems, a streamlined interface and simplified upgrade process, empowering users to be at the forefront of securing their IT, OT, BMS and IoT assets with confidence....
Tenable 網路觀察:美國政府發布網路安全建置計畫、CISA 分享雲端安全免費工具等等
This week’s edition of Tenable Cyber Watch unpacks the White House’s National Cybersecurity Strategy Implementation Plan and offers new tips and guidance for C-level executives regarding generative AI adoption. Also covered: CISA shares its factsheet offering free tools to help secure cloud environm...
常見問答集:新的 SEC 網路安全規則對資訊安全主管意味著什麼?
On July 26, the SEC voted 3-2 to adopt new rules which would require several new cybersecurity disclosures from publicly traded companies. Here’s what cybersecurity leaders need to know....
網路安全概要: SEC 要求上市公司提高網路安全透明度
Find out what’s in the SEC’s new cybersecurity disclosure rules. 此外,CISA 也分析了影響重大基礎設施企業的網路風險。同時也歡迎查看有關影子 IT 的指引以及大幅提升資安認知方案的訣竅。And much more!...
Tenable's 2023 Capture The Flag: Are You Ready to Test Your Hacking Skills?
Tenable is bringing its annual hacking competition to Black Hat 2023 in a hybrid in-person and online experience, giving competitors around the world a chance to have fun and test their skills....
How To Obtain the Right Cybersecurity Insurance for Your Business
Cyber insurance has become a necessity, and the cost and effort to obtain it can be considerable. Still, your organization can boost its odds of landing the coverage it needs at a fair price that’s consistent with its risk profile. Check out the invaluable advice from a panel of experts from the ins...
CVE-2023-35078: Ivanti Endpoint Manager Mobile (EPMM) / MobileIron Core Unauthenticated API Access Vulnerability
Critical vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks...
AI Is About To Take Cybersecurity By Storm: Here's What You Can Expect
Generative AI will elevate the practice of successful preventive cybersecurity, but how will it manifest itself across cybersecurity products? Here are a few game-changers to look for....
Tenable 網路觀察:美國Gov Outlines Cybersecurity Investment Priorities, Study Shows Cyber Teams Are Too Confident, and more
This week’s edition of Tenable Cyber Watch unpacks CISA and the NSA’s CI/CD defense guidance and explores the White House’s cybersecurity investment priorities. Also covered: why one study says cyber teams are too confident. ...