Service Location Protocol (SLP) を使用して公開された管理インターフェイスを検索
Exposed management interfaces are valuable entry points for attackers. CISA による拘束力のある運用指令 23-02 では、インターネットからそれらを排除することを求めています。Here’s a novel approach for finding some of these elusive devices using SLP....
クラウドセキュリティの責任共有モデルで適用範囲のギャップと混乱を避ける
Confusion over the scope of customer responsibility for cloud security causes control gaps and exposes businesses to risks of attack and non-compliance. Secure configuration of customer-managed resources is the most critical factor for reducing cloud risk. However, it can only be achieved by first u...
Tenable OT セキュリティ 3.16 の新機能: ビル管理システムのセキュリティとユーザー エクスペリエンスを向上
Tenable OT Security 3.16 introduces advanced security for building automation systems, a streamlined interface and simplified upgrade process, empowering users to be at the forefront of securing their IT, OT, BMS and IoT assets with confidence....
Tenable サイバーウォッチ: 米国政府がサイバーセキュリティ導入計画を発表、CISA が無料のクラウド用セキュリティツールを公開
This week’s edition of Tenable Cyber Watch unpacks the White House’s National Cybersecurity Strategy Implementation Plan and offers new tips and guidance for C-level executives regarding generative AI adoption. また、 CISA shares its factsheet offering free tools to help secure cloud environm...
FAQ: 米証券取引委員会(SEC)によるサイバーセキュリティーに関する新しい規則が情報セキュリティリーダーにとって何を意味するか
On July 26, the SEC voted 3-2 to adopt new rules which would require several new cybersecurity disclosures from publicly traded companies. Here’s what cybersecurity leaders need to know....
サイバーセキュリティニュース: 米証券取引委員会(SEC)、公開会社に対してイバーセキュリティの透明性向上を求める
Find out what’s in the SEC’s new cybersecurity disclosure rules. CISA が、重要インフラ組織に影響を与えるサイバーリスクも分析しています。また、シャドー IT に関するガイダンスと、セキュリティ意識向上プログラムを強化するためのヒントもあります。And much more!...
Tenable の 2023 年キャプチャザフラッグでハッキング技術を競う
Tenable is bringing its annual hacking competition to Black Hat 2023 in a hybrid in-person and online experience, giving competitors around the world a chance to have fun and test their skills....
ビジネスに適切なサイバーセキュリティ保険に加入する
Cyber insurance has become a necessity, and the cost and effort to obtain it can be considerable. Still, your organization can boost its odds of landing the coverage it needs at a fair price that’s consistent with its risk profile. Check out the invaluable advice from a panel of experts from the ins...
CVE-2023-35078: Ivanti Endpoint Manager Mobile (EPMM) / MobileIron Core における API へ認証なしにアクセスできる脆弱性
Critical vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks...
生成系 AI を活用した革新的なサイバーセキュリティの未来
Generative AI will elevate the practice of successful preventive cybersecurity, but how will it manifest itself across cybersecurity products? Here are a few game-changers to look for....
Tenable サイバーウォッチ: 米国米国政府がサイバーセキュリティ投資の優先事項を概説、サイバーチームが自信過剰であることが調査で判明
This week’s edition of Tenable Cyber Watch unpacks CISA and the NSA’s CI/CD defense guidance and explores the White House’s cybersecurity investment priorities. Also covered: why one study says cyber teams are too confident. ...
サイバーセキュリティニュース: CISO によるとサイバーインシデントは減少傾向、だが人員配置は依然として困難
Find out what’s working well for CISOs – and what could be better. Plus, why you should pay attention to the FTC’s investigation into ChatGPT-maker OpenAI. Also, check out a primer for C-level execs on adopting generative AI. Plus, the free cloud security tools CISA recommends you use. And much more...