CVE-2020-1938: Ghostcat - Apache Tomcat AJP における実行ファイル読み込み・インクルージョンに関する脆弱性 (CNVD-2020-10487)
Several proof-of-concept exploit scripts for recently patched flaw in Apache Tomcat are now available.BackgroundOn February 20, China National Vulnerability Database (CNVD) published a security advisory for CNVD-2020-10487, a severe vulnerability in Apache Tomcat’s Apache JServ Protocol (or AJP)…
Tenable Lumin でプロセスの整合性におけるリスクを把握
成熟したリスクベースの脆弱性管理を実践するには、ビジネスシステムのリスクとプロセスの整合性のリスクを評価する 2 つのリスク指標が不可欠です。Tenable Lumin の新しい評価成熟度スコアは、両方に対する知見を提供します。Risk-based vulnerability management requires metrics addressing two types of…
Cash App の詐欺:YouTube 動画が簡単な金儲けを約束し、プレゼントキャンペーンが Instagram ユーザーを罠にハメる
Cash App 詐欺師は、Instagram と YouTube のユーザーをターゲットにしています。Here’s what you need to know about their tactics — and how to avoid being conned.In part one of our two-part series on Cash App scammers, I explored how promotional tactics used by the popular person-to-person (P2P) payment…
適切な脆弱性管理ソリューションを選択するには
As vulnerability management evolves, organizations are seeing increased need for prioritization, benchmarking and flexible reporting. Here are five things to keep in mind when choosing a vulnerability management solution.Vulnerability management is once again rising to the top of the security…
Tenable Lumin: 脆弱性管理をビジネス言語に変換する
With Tenable Lumin, we’re giving customers a bridge between the language of vulnerability management and the language of business. In our work here at Tenable, we often hear from our CISO customers about the dual challenges they face: How to help business executives and the board…
Nessusを使用して脆弱性スキャンを初回実行するにはNessusで最初の脆弱性スキャンを実行しましょう
Get your Nessus vulnerability assessment tool up and running with these five easy steps.With Nessus, you can gain full visibility into your network by conducting a vulnerability assessment. Read on as we guide you through the five steps to run your first Nessus scan. (If you have not yet installed…
セキュリティチーム:脆弱性対応について知っておくべきこと
Tenable’s Predictive Prioritization leverages data science and machine learning to make it easier for cybersecurity teams to find, patch and remediate vulnerabilities. Week after week, critical vulnerabilities in enterprise software are found and published, sending security teams off…
Nessus Home、Nessus Essentialsに改名
We’ve given Nessus Home a refresh, and we’re excited to share with you the new and updated free vulnerability assessment solution, Nessus Essentials. As part of the Nessus family, Nessus Essentials is a free vulnerability assessment solution for up to 16 IPs that provides an entry point into…
スプレッドシートを捨てて脆弱性管理を強化
Nessus ProからTenable.scまたはTenable.ioに移行することにより、脆弱性管理プログラムを簡単に進化させることができます。 大切なポイントをご紹介します。脆弱性管理のワークフローのいずれかの時点にスプレッドシートが含まれていますか?もしそうであれば、その方法は間違っています。Well, maybe not wrong per se, but…
予測に基づいた優先順位付けに関する 16 の質問に対する回答
Earlier this year, Tenable introduced Predictive Prioritization, a groundbreaking, data science-based process that re-prioritizes each vulnerability based on the likelihood it will be leveraged in an attack. Here, we answer your 16 most pressing questions about what this capability …
サイバーセキュリティの専門家たちがOTセキュリティの重大な課題に直面しています。Ponemonレポート(英文)
62% of organizations in industries relying on operational technology experienced two or more business-impacting cyberattacks in the past 24 months, according to a report from Ponemon Institute and Tenable.If you follow cybersecurity news as avidly as we do, you already know that industrial…
営業チームに問い合わせる