Tenable 部落格
CVE-2025-25256: Proof of Concept Released for Critical Fortinet FortiSIEM Command Injection Vulnerability
小心落差:苦苦等待 NVD 何以會置貴公司於險境
This is the first of a four-part series examining the period of time between when a vulnerability is first discovered and when it is fully disclosed on the National Vulnerability Database. We explore the impact of that gap on an organization’s cyber risk and discuss how Tenable can help....
小心落差:既有的弱點架構何以會使企業曝露在風險之中
This is the second of a four-part series examining the period of time between when a vulnerability is first discovered and when it is fully disclosed on the National Vulnerability Database. In this installment, we explore how common industry frameworks leave security teams with blind spots — and dis...
小心落差:A Closer Look at the Vulnerabilities Disclosed in 2022
This is the third of a four-part series examining the period of time between when a vulnerability is first discovered and when it is fully disclosed on the National Vulnerability Database. In this installment, we take a closer look at the vulnerabilities disclosed in 2022 —and discuss how Tenable ca...
小心落差:A Closer Look at Eight Notable CVEs from 2022
This is the last of a four-part series examining the period of time between when a vulnerability is first discovered and when it is fully disclosed on the National Vulnerability Database. In this installment, we examine eight notable CVEs with significant gaps in disclosure timelines and discuss how...
Tenable 網路觀察:Nearly 50% of Workers Have Accessed Ex-Employers’ Accounts, Biden Seeks Your Input on AI Accountability, and more
This week’s edition of the Tenable Cyber Watch unpacks why organizations are looking to consolidate cyber vendors and addresses the White House’s efforts to make sure AI products are safe. Also covered: Businesses must improve password management: a new study reveals nearly 50% of ex-employees have ...
網路安全概要: CSA Offers Guidance on How To Use ChatGPT Securely in Your Org
Check out the Cloud Security Alliance’s white paper on ChatGPT for cyber pros. Plus, the White House’s latest efforts to promote responsible AI. Also, have you thought about vulnerability management for AI systems? In addition, the “godfather of AI” sounds the alarm on AI dangers. And much more! ...
Uncovering 3 Azure API Management Vulnerabilities – When Good APIs Go Bad
Learn how now-patched Azure API Management service vulnerabilities revealed by our research team enabled malicious actions....
針對 Microsoft Azure 全新推出的 Tenable Cloud Security 無代理程式型評估
Tenable Cloud Security 使用者現在可以快速連結他們的 Azure 雲端帳戶,已執行雲端安全態勢管理,包括掃描是否有安全性弱點、錯誤設定以及合規等。Here’s how....
利用全州動員網路安全 (Whole-of-State Cybersecurity) 方法保護當地政府機構
Facing frequent and aggressive cyberattacks, local governments often struggle to defend themselves due to a lack of tools and resources. But it doesn’t have to be this way. With a whole-of-state approach, local governments can pool resources and boost their defenses, reducing cyber risk via improved...
