Tenable 部落格
網路安全概要: Global Agencies Target Criminal “Bulletproof” Hosts, as CSA Unveils Agentic AI Risk Framework
CVE-2023-20864:VMware Aria 作業的記錄檔還原序列化弱點
VMware issues advisory to address two flaws in its VMware Aria Operations for Logs solution, including a critical deserialization flaw assigned a CVSSv3 score of 9.8.
網路安全概要: 供應鏈安全最新消息– SBOM 發布、開放原始碼缺陷及最新的安全架構
Check out what CISA says about the sharing of software bills of materials. Plus, why you should tread carefully with open source components. Also, the SLSA supply chain security framework is ready. In addition, security worries hold back enterprise IoT adoption. And much more!
OOracle 2023 年 4 月重大修補程式更新中解決了 231 個 CVE
Oracle addresses 231 CVEs in its second quarterly update of 2023 with 433 patches, including 74 critical updates.
7 個具有廣泛雲端安全影響力的法規與合規架構
Security teams responsible for enforcing regulatory and compliance mandates in a scalable and consistent way are often challenged to translate general legislative guidelines and controls into specific policies, tools and processes.
Tenable 網路觀察:FBI Warns of Sophisticated BEC Scam, NIST Unveils Its New AI Resource Center, and more
This week’s edition of the Tenable Cyber Watch unpacks the business email compromise scams (BEC) that are targeting vendors and explores NIST’s new AI Resource Center. Also covered: The most in-demand cybersecurity jobs for this year according to COMPTIA’s “State of the Tech Workforce Report” for…
網路安全概要: 由於對 ChatGPT 的疑慮攀升,美國政府正在考量人工智慧法
As ChatGPT security worries rise, the Biden administration looks at crafting AI policy controls. Plus, Samsung reportedly limits ChatGPT use after employees fed it proprietary data. Also, how password mis-management lets ex-staffers access employer accounts. In addition, the top identity and access…
代理程式型與無代理程式型的比較:哪一種解決方案最適合您的公用雲端環境?
You can scan cloud systems for security problems in multiple ways depending on what your instances are running, how long they’re up and whether or not they can run an agent or be accessed with administrative credentials. Network scanning, installed agents, or public cloud APIs can all report…
Microsoft 在 2023 年 4 月份的 Patch Tuesday 中解決了 97 個 CVE (CVE-2023-28252)
Microsoft addresses 97 CVEs, including one that was exploited in the wild as a zero day.
聯絡我們的銷售團隊