Tenable blog
網路安全概要: SharePoint Attacks Trigger Urgent Patching Calls, While U.S. Gov’t Unveils AI Innovation Plan
Security Defined As Code - Why Tenable has entered into an agreement to acquire Accurics
Tenable has entered into an agreement to acquire Accurics. Learn more....
如何與董事會溝通零信任的議題
Framing zero trust as a cybersecurity strategy for reducing business risk is a surefire way to get your executive leadership to take notice. It's no secret that CISOs and other cybersecurity leaders struggle to communicate with executive management and boards of directors in a language they can und...
How to Establish Cyber Resilience with Policy as Code
When it comes to cloud native architecture, the one constant we can count on is change. Complex systems need a comprehensive, proactive security approach, and that is where Policy as Code (PaC) comes into play. Policy as Code takes the policies that are most important to your organization, codifi...
Access Keys: An Unintended Backdoor-by-Design to Azure Storage Accounts Data
Learn the importance of understanding the assignments of Azure resource roles when giving permissions....
Unpacking the U.S. National Security Memorandum on Improving Cybersecurity for Critical Infrastructure
Recent activity from the Biden Administration represents a watershed moment in the establishment of baseline standards for preparing, mitigating and responding to attacks that impact the critical infrastructure we all rely on. On July 28, the Biden Administration issued the National Security Memora...
The AWS Shared Responsibility Model: Everything You Need to Know
What the shared responsibility model means, its many challenges & how to protect your cloud infrastructure....
How Risk-based Vulnerability Management Can Help Address the Most Commonly Exploited Vulnerabilities Today
Tenable's analysis of the 29 vulnerabilities highlighted in a recent CISA alert reveals key differences between CVSS and our Vulnerability Priority Rating.Attackers continue to exploit known and prevalent vulnerabilities. Last year, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) an...
專注於基本原則:防禦勒索軟體的 6 步驟
勒索軟體會將不良的網路安全機制視為搖錢樹。以下是您可以採取行動改善安全防禦措施的 6 步驟。勒索軟體攻擊幾乎已成為每一家企業董事會中的議題。In 2020 alone, there were more than 300 million ransomware attacks recorded, an increase of more t...
AWS Resource Provisioning with Attribute Based Access Control (ABAC): 須知
ABAC offers highly dynamic control of the actions that principals can perform on resources, however there are some things you need to pay attention to when using ABAC in order to avoid unnecessary security gaps....