Taking Control of Kubernetes: Enforcing Least Privilege to Secure Your Kubernetes Environment
Kubernetes has become the de facto standard for managing containerized workloads in private and public clouds. However, security standards have failed to keep pace, leading to increased risk of cyberattacks and data breaches for insecure or misconfigured platforms. Here we examine the challenges inv...
Managed Kubernetes: Is It Right for My Organization?
As an organization grows its usage of containers, managing them becomes more complex. A common response is to adopt Kubernetes for container orchestration. But how do you properly secure your Kubernetes clusters? And should your organization host its Kubernetes deployments or instead choose a manage...
How a Serverless Architecture Can Help You Secure Cloud-Native Applications
Cybersecurity teams often struggle with securing cloud-native applications, which are becoming increasingly popular with developers. The good news is that deploying these applications on a serverless architecture can make it easier to protect them. Here’s why....
Cloud-Verantwortliche äußern sich zu wichtigen Herausforderungen
Too many identities, systems and cooks in the kitchen cloud an already complex mandate....
Level Up Your Cloud Security Strategy
Learn how to better your cloud security program with these ten security resolutions. ...
Tenable Cloud Security Now Supports the Generation of Pull Requests for Remediation Suggestions
The new capability is designed to make it more efficient for security teams to pass remediation recommendations on to the infrastructure team to implement. Here’s how it works....
Blick über den Tellerrand: Top 5 Cloud-Sicherheitstrends, die Sie 2024 im Auge behalten sollten
Generative KI wird die Cybersecurity-Funktionen von Unternehmen zweifellos verbessern. Allerdings wird generative KI Cybersecurity-Abteilungen nur wenige Vorteile einbringen, wenn diese nicht zuvor solide Grundprinzipien der Cloud-Sicherheit durchsetzen. In this blog, we explain the top cloud security trends that organizations must track – an...
Exfiltrated, Signed, Delivered – What Can Go Wrong When an Amazon Elastic Compute Cloud (EC2) Instance is Exposed to SSRF
Using CNAPPgoat, you can now experiment with a technique that leverages exposure to SSRF to trigger calls to AWS services from within an Amazon EC2 instance. ...
Building Custom Scenarios with CNAPPgoat
You can now construct and import your own vulnerability scenarios into CNAPPgoat, enhancing your cloud security skills....
What’s New with CNAPPgoat?
Read about the newest, expanded features in the Tenable Cloud Security open source vulnerable-by-design tool for enhancing your security skills....
The MGM Breach and the Role of IdP in Modern Cyber Attacks
A deep dive into the recent MGM breach and our insights into the actor behind the attack and possible mitigations....
The Azure Metadata Protection You Didn’t Know Was There
Some Azure services have an additional, not widely known, protection mechanism against session token exfiltration....