Tenable 部落格
網路安全概要: Security Lags Cloud and AI Adoption, Tenable Report Finds, as CISA Lays Out Vision for CVE Program's Future
最新網路安全行政命令:須知
A new cybersecurity Executive Order aims to modernize federal cybersecurity with key provisions for post-quantum encryption, AI risk and secure software development.
Microsoft 的 2025 年 6 月份 Patch Tuesday 解決了 65 個 CVE (CVE-2025-33053)
Microsoft addresses 65 CVEs, including two zero-day vulnerabilities, with one being exploited in the wild.
如何在曝險管理方案中使用以風險為基礎的指標
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, Tenable security engineers Arnie Cabral and Jason Schavel share how you can use risk-based metrics.
網路安全概要: Experts Issue Best Practices for Migrating to Post-Quantum Cryptography and for Improving Orgs’ Cyber Culture
Check out a new roadmap for adopting quantum-resistant cryptography. Plus, find out how your company can create a better cybersecurity environment. In addition, MITRE warns about protecting critical infrastructure from cyber war. And get the latest on exposure response strategies and on CISO…
5 分鐘內加強雲端安全:在 GCP 中改善 Kubernetes 安全性的 3 個快速方法
In this fifth installment of Tenable’s “Stronger Cloud Security in Five” blog series, we offer three best practices for quickly hardening your Kubernetes environment’s security in GCP: remove wide inbound access to cluster APIs; remove root permissions from containers; and remove privileged…
濫用用戶端延伸模組 (CSE):進入您 AD 環境的後門
Crucial for applying Active Directory Group Policy Objects, client-side extensions (CSEs) are powerful but also present a significant, often overlooked, attack vector for persistent backdoors. Rather than cover well-documented common abuses of built-in CSEs, this article demonstrates how to create…
關於 BadSuccessor 的常見問答集
Frequently asked questions about “BadSuccessor,” a zero-day privilege escalation vulnerability in Active Directory domains with at least one Windows Server 2025 domain controller.
利用曝險管理突破各自為政的藩籬
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, Tenable’s chief security officer Robert Huber looks at how exposure management can help you move beyond silos.
網路安全概要: New Standard for AI System Security Published, While Study Finds Cyber Teams Boost Value of Business Projects
Check out ETSI’s new global standard for securing AI systems and models. Plus, learn how CISOs and their teams add significant value to orgs’ major initiatives. In addition, discover what webinar attendees told Tenable about their cloud security challenges. And get the latest on properly…
Contact our sales team