Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable-Blog

July 11, 2025

Cybersecurity Snapshot: AI Security Field Gets Boost from New CSA Framework and from SANS - OWASP Partnership

Check out a new Cloud Security Alliance framework for securing AI systems. Plus, SANS Institute and OWASP are joining forces to deliver AI security controls. Meanwhile, Accenture finds orgs unprepared to counter AI-powered cyber attacks. And get the latest on the Iran cyber threat, SMB cyber defenses and CIS Benchmarks!

April 9, 2025

Stronger Cloud Security in Five: The Importance of Cloud Configuration Security

Mismanaging configurations in your multi-cloud environment can put you at an elevated risk for cyber attacks. In the first installment of our “Stronger Cloud Security in Five” blog series, we outline five best practices for boosting your cloud configuration management....


April 8, 2025

Microsoft’s April 2025 Patch Tuesday Addresses 121 CVEs (CVE-2025-29824)

Microsoft addresses 121 CVEs including one zero-day which was exploited in the wild....


April 8, 2025

How To Implement Just-In-Time Access: Best Practices und Erfahrungen

With the just-In-time (JIT) access control method, privileges are granted temporarily on an as-needed basis. This reduces static entitlements, lowering the risk of compromised accounts and preventing privilege creep. In this blog, we’ll share how we implemented JIT access internally at Tenable using...


April 7, 2025

Five Steps to Move to Exposure Management

Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, we explore the five steps to take on your journey to exposure management....


April 4, 2025

Cybersecurity Snapshot: SANS Recommends Six Controls To Secure AI Systems, While NCSC Warns About Outdated API Security Methods

Check out the security controls that SANS Institute says are essential for protecting your AI systems. Plus, the U.K. NCSC urges organizations to adopt newer API security practices. In addition, CISA and other cyber agencies warn that attackers are using “fast flux” techniques to conceal their actio...


April 3, 2025

How To Harden GitLab Permissions with Tenable

If your organization uses GitLab for managing your software development lifecycle, you must ensure you’re not misconfiguring the permissions of this open source DevSecOps platform. Doing so can expose your source code, along with sensitive data, while creating security risks. In this blog, we’ll exp...


April 1, 2025

ImageRunner: A Privilege Escalation Vulnerability Impacting GCP Cloud Run

Tenable Research discovered a privilege escalation vulnerability in Google Cloud Platform (GCP) that is now fixed and which we dubbed ImageRunner. At issue are identities that lack registry permissions but that have edit permissions on Google Cloud Run revisions. The vulnerability could have allowed...


March 31, 2025

Cybersecurity Leaders Share Three Challenges Exposure Management Helps Them Solve

Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this blog, we share three challenges cybersecurity leaders say exposure management helps them solve....


March 28, 2025

Cybersecurity Snapshot: NIST Details Attacks Against AI, Recommends Defenses, While ETSI Issues Quantum-Resistant Crypto Standard

Check out NIST’s comprehensive taxonomy of cyberattacks against AI systems, along with mitigation recommendations. Plus, organizations have another cryptographic algorithm for protecting data against future quantum attacks. And get the latest on the IngressNightmare vulnerabilities, and on cyber ris...


Aktuelles zum Thema Cybersecurity

Geben Sie Ihre E-Mail-Adresse ein, um zeitnahe Warnungen und Sicherheitsempfehlungen von den Experten bei Tenable zu erhalten.

Ein Einblick in das Ransomware-Ökosystem

Bericht herunterladen >