Tenable ブログ
Tenable、2025 年 Gartner®レポートの「AI 駆動型エクスポージャー評価のリーダー企業」でリーダーの 1 社に位置付けられる
Microsoft Copilot Studio のセキュリティリスク: シンプルなプロンプトインジェクションでクレジットカード情報流出し、0 ドルで旅行が予約される
The no-code power of Microsoft Copilot Studio introduces a new attack surface. Tenable AI Research demonstrates how a simple prompt injection attack of an AI agent bypasses security controls, leading to data leakage and financial fraud. We provide five best practices to secure your AI agents.
2025 年マイクロソフト月例セキュリティ更新プログラム、一年の振り返り
Microsoft addressed over 1,100 CVEs as part of Patch Tuesday releases in 2025, including 40 zero-day vulnerabilities.
Preparing for Cisco Vulnerability Management (formerly Kenna Security) End-of-Life: Tenable がお手伝いできること
Cisco Vulnerability Management (formerly Kenna Security) has long been a valuable partner for security teams. With its end-of-life now underway, Tenable One offers a clear path forward, delivering end-to-end unified exposure management for the future of risk management.
マイクロソフト 2025 年 12 月月例セキュリティ更新プログラム、56 件の CVE を修正 (CVE-2025-62221)
Microsoft addresses 56 CVEs, including two publicly disclosed vulnerabilities and one zero-day that was exploited in the wild to close out the final Patch Tuesday of 2025
AI がもたらすセキュリティリスクの検出には DLP や CASB を超えた特殊なツールが必要
Learn why your existing security tech won’t detect data exposure, prompt injection and manipulation, and other AI security risks from ChatGPT Enterprise, Microsoft 365 Copilot, and other LLMs.
サイバーセキュリティニュース: BRICKSTORM マルウェアによる情報窃取攻撃を阻止、AI を OT に安全に統合する
CISA has identified a China-backed BRICKSTORM malware campaign targeting the IT and government sectors. Meanwhile, global agencies released a guide for adding AI safely to OT. Plus, proving your online content is legit; fighting cyber fraud; and preventing bank account takeover scams.
Tenable Cloud Security の新機能: 11 月エクスポージャー管理最新情報
Tenable Cloud Security delivers critical capabilities to unify security across your entire attack surface. Our latest enhancements let you extend your on-prem vulnerability management program to the cloud; gain granular visibility into external access risk; and discover Snowflake sensitive data.
CVE-2025-55182: React2Shell に関するよくある質問: React サーバー コンポーネントにおけるリモート コード実行の脆弱性
A maximum severity vulnerability (CVSS 10) was discovered in React, one of the most popular JavaScript frameworks. If your app supports React Server Components, you are likely vulnerable out of the box, even if you aren’t using Server Functions explicitly. Patch immediately.
