Tenable ブログ
ブログ通知を受信する国土安全保障省、運輸保安庁の指令 Pipeline 2021-1 が意味するもの
効果的な脆弱性管理の構築に必要な要素をまとめました
High-performing cybersecurity teams base their actions and investments on actual risk to the business — not theoretical scores or news headlines. If you're like most cybersecurity professionals I tal...
ゼロトラストへの道 :「脆弱性」とは何か考え直してみる時がきている
Reconsidering how we define "vulnerability" is more than a thought exercise. It could represent a sea change in how organizations manage risk. For most of us in cybersecurity, the definition of "vulne...
GitHub のセキュリティコミュニティにおける役割と責任
GitHub's decision to remove the ProxyLogon exploit proof-of-concept from its platform put security researchers at a disadvantage even as attackers continued to exploit the vulnerabilities en masse. Gi...
これからはオープンバンキングの時代: ネットワークのセキュリティを確保する5 つの方法
The sharing of financial data across applications is changing how consumers save, manage and spend their money. Here's how financial institutions can secure the next generation of banking. Open bankin...
アクティブディレクトリとアイデンティティに蔓延する攻撃を阻止する
Active Directory とアイデンティティインフラストラクチャのセキュリティを確保することは、権限昇格、水平移動、持続的な攻撃を防ぐのに不可欠です。最近の目立った侵害の詳細を分析してみると...
攻撃経路の阻止: TenableのAlsid買収が重要な理由
This acquisition allows us to combine Tenable's ability to assess the state of the digital infrastructure with Alsid's ability to assess the state of Active Directory, helping security professionals a...
Office 365 に安全に移行する方法
Looking to extend your Active Directory to the cloud? This guide explores options for securely migrating your on-prem identities and access controls to Office 365. Cloud computing offers lower costs,...
CISO 必見: Active Directory セキュリティに関する最も重要な 10 の質問
Active Directory has become the primary target for advanced cyberattacks and ransomware groups. Here's what you should consider when evaluating security vendors. For more than 20 years, Active Directo...
Active Directory のインサイダー脅威: 特権/非特権ユーザーアカウントを守る方法
In this post, we define privileges related to Active Directory and highlight the key security risks of internal privileged and non-privileged user groups. What do we mean by “privileges”? For the purp...
Active Directory のプライマリグループ ID 攻撃: 関連する脅威をどう防御するか
The Primary Group ID in Active Directory, created to help manage access to sensitive resources, has become a critical vulnerability that attackers can exploit to escalate privileges without leaving a...
Active Directory の Kerberos 認証前攻撃を阻止する方法
Here’s a look at how to safeguard your Active Directory from the known roasting attack on Kerberos Pre-Authentication. As part of the Kerberos authentication process in Active Directory, there is an i...
Active Directory の保護: SDProp と adminSDHolder 攻撃を喰いとめるには
Attackers can get into your Active Directory by leveraging the SDProp process and gaining privileges through the adminSDHolder object. Here's how to stop them. Attackers use every possible trick and p...