Zero Days Do Not Wait for CVEs
June 3, 2021Learn why an attack surface map can provide invaluable and unique help in detecting zero day vulnerabilities.
The Right Way to do Attack Surface Mapping
May 21, 2021The key to mapping out your attack surface accurately is to scan all of your organization's assets, develop an asset inventory list and find shadow IT.
Passive DNS Is the Wrong Way To Do Attack Surface Mapping
May 13, 2021When identifying a corporate attack surface, passive DNS can be useful but it won’t be comprehensive by itself, so it should be part of a more holistic program.
Primary Group ID Attack in Active Directory: How to Defend Against Related Threats
April 27, 2021The Primary Group ID in Active Directory, created to help manage access to sensitive resources, has become a critical vulnerability that attackers can exploit to escalate privileges without leaving a ...
How to Stop the Kerberos Pre-Authentication Attack in Active Directory
April 27, 2021Here’s a look at how to safeguard your Active Directory from the known roasting attack on Kerberos Pre-Authentication.As part of the Kerberos authentication process in Active Directory, there is an in...
Crawling Is the Wrong Way To Do Attack Surface Mapping
March 23, 2021When analyzing methods to identify assets, crawling should be one tool in the toolbox, but not the only one. If you use crawling exclusively, you’ll likely miss a lot of assets.
Infrastructure as Code Security Requires Programmatic Controls
March 9, 2021Empower develops with a programmatic approach to security. Here's what you need to know. The concept of shifting security as far left into development as possible is not new, and it is fairly easy ...
Cash App Scams: Giveaway Offers Ensnare Instagram Users, While YouTube Videos Promise Easy Money
October 24, 2019Cash App scammers are targeting users on Instagram and YouTube. Here’s what you need to know about their tactics — and how to avoid being conned.In part one of our two-part series on Cash App sca...
Tenable Lumin: Translating Vulnerability Management Into the Language of Business
October 1, 2019With Tenable Lumin, we’re giving customers a bridge between the language of vulnerability management and the language of business. In our work here at Tenable, we often hear from our CISO cus...
How To: Run Your First Vulnerability Scan with Nessus
August 22, 2019Get your Nessus vulnerability assessment tool up and running with these five easy steps.With Nessus, you can gain full visibility into your network by conducting a vulnerability assessment. Read on as...
Security Teams: What You Need to Know About Vulnerability Response
July 3, 2019Tenable’s Predictive Prioritization leverages data science and machine learning to make it easier for cybersecurity teams to find, patch and remediate vulnerabilities. Week after week, ...
Ditch the Spreadsheet and Step Up Your Vulnerability Management Game
April 29, 2019Moving from Nessus Pro to Tenable.sc or Tenable.io can easily help you mature your vulnerability management program. Here's what you need to know. Does your vulnerability management workflow involv...