Tenable 部落格
Tenable 在首次發行的 Gartner® Magic Quadrant™ for Exposure Assessment Platforms 中獲得領導者殊榮
Understanding Cross-Origin Resource Sharing Vulnerabilities
To avoid exposure to a variety of web application vulnerabilities, specific security considerations must be made when implementing Cross-Origin Resource SharingToday’s modern web applications rely heavily on JavaScript to be dynamic, and ensure the best experience for end-users. Providing content…
Protect Applications and Data with Cloud Infrastructure Entitlements Management (CIEM)
Breaking down the hype around cloud infrastructure entitlements management.
Scams Exploit COVID-19 Giveaways Via Venmo, PayPal and Cash App
The economic impact of COVID-19, which is causing record unemployment, creates a golden opportunity for scammers looking to target vulnerable people desperate for cash to help pay their bills.As Cash App steps up the frequency of its giveaways, and celebrities and other notable figures launch…
何謂 VPR?它與 CVSS 又有何差異?
This blog series will provide an in-depth discussion of vulnerability priority rating (VPR) from a number of different perspectives. Part one will focus on the distinguishing characteristics of VPR that make it a more suitable tool for prioritizing remediation efforts than the Common Vulnerability…
CVE-2020-1938: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (CNVD-2020-10487)
Several proof-of-concept exploit scripts for recently patched flaw in Apache Tomcat are now available.BackgroundOn February 20, China National Vulnerability Database (CNVD) published a security advisory for CNVD-2020-10487, a severe vulnerability in Apache Tomcat’s Apache JServ Protocol (or AJP)…
Am I Smart or Just Lucky? Understanding Your Process Integrity Risk with Tenable Lumin
Business system risk and process integrity risk are two essential metrics for a mature risk-based vulnerability management practice. With new assessment maturity scoring, Tenable Lumin now gives you insights into both. Risk-based vulnerability management requires metrics addressing two types of…
Cash App 詐騙:免費贈品誘騙 Instagram 使用者,而 YouTube 影片則號稱可輕鬆賺錢
Cash App scammers are targeting users on Instagram and YouTube. Here’s what you need to know about their tactics — and how to avoid being conned.In part one of our two-part series on Cash App scammers, I explored how promotional tactics used by the popular person-to-person (P2P) payment…
如何選擇最適當的弱點管理解決方案
As vulnerability management evolves, organizations are seeing increased need for prioritization, benchmarking and flexible reporting. Here are five things to keep in mind when choosing a vulnerability management solution.Vulnerability management is once again rising to the top of the security…
Tenable Lumin:將弱點管理轉換為商業術語
With Tenable Lumin, we’re giving customers a bridge between the language of vulnerability management and the language of business. In our work here at Tenable, we often hear from our CISO customers about the dual challenges they face: How to help business executives and the board…
聯絡我們的銷售團隊