Tenable 部落格
CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild
Tenable Discovers Critical Vulnerabilities in SimpleHelp Tool: CVE-2025-36727 和 CVE-2025-36728
Tenable Research found two flaws in SimpleHelp’s remote-support tool that can be chained together to gain remote code execution on clients' devices. SimpleHelp has patched them: CVE-2025-36728 in version 5.5.11 and CVE-2025-36727 in version 5.5.12.
Frequently Asked Questions About The August 2025 F5 Security Incident
Frequently asked questions about the August 2025 security incident at F5 and the release of multiple BIG-IP product patches.
网络安全风险的人力成本:暴露风险管理如何缓解安全团队倦怠
网络安全风险的真正成本在于人力。孤立的工具和脱节的运营不仅威胁着企业的安全,还对团队造成了切实负担。如今,是时候采用统一、主动的方法,消除网络安全工作中的阻力了。
Microsoft’s October 2025 Patch Tuesday Addresses 167 CVEs (CVE-2025-24990, CVE-2025-59230)
Microsoft addresses 167 CVEs in its largest Patch Tuesday to date, including three zero-day vulnerabilities, two of which were exploited in the wild.
Relying on EDR for Exposure Management? Here’s What You Need to Know
Endpoint detection and response tools may serve you well when it comes to handling incident response. But, when used for exposure management, they can leave you blind to large portions of your attack surface.
網路安全概要: AI Security Skills Drive Up Cyber Salaries, as Cyber Teams Grow Arsenal of AI Tools, Reports Find
Want recruiters to show you the money? A new report says AI skills are your golden ticket. Plus, cyber teams are all in on AI, including agentic AI tools. Oh, and please patch a nasty Oracle zero-day bug ASAP. And get the latest on vulnerability management, IoT security and cyber fraud.
Exposure Management Beyond The Endpoint
Relying on an endpoint-centric approach to exposure management can leave you with blind spots that increase risk. You need to see your environment like an attacker does.
Don’t Let Your Cloud Security Catch a Bad Case of Permission Creep
Cloud security teams are often blind to one of the biggest threats to cloud environments: a web of over-privileged identities that create pathways for attackers. Learn how to regain control of your cloud identities by automating the enforcement of least privilege across your environment.
How Exposure Management Helped Three Companies Transform Their Cybersecurity Program
Part two of our Exposure Management Academy series on exposure management maturity explores how organizations like Drogaria Araujo, Tenable and Verizon have applied exposure management to strengthen their security postures.
