Tenable ブログ
From Vulnerability to Visibility: What the SharePoint Attacks Reveal About the Need for Proactive Cybersecurity
業界を先導する Tenable の Security End-of-Life プラグインプログラム
Handling end-of-life conditions for software and hardware products is complicated by different stages and definitions. Tenable is leading the way on defining these disparate vulnerabilities under a comprehensive Security End of Life framework that addresses the common risk exposure to our customers....
Kubernetes のセキュリティ保護に関する重要な考慮事項
The use of Kubernetes introduces complexity to the modern attack surface and requires a different approach to security than traditional IT infrastructure. Security teams need a base understanding of Kubernetes architecture, configurations and deployment processes to effectively manage risk. Here’s w...
Cloud Workload Protection (CWP) Best Practice – Focus on Impact, Not Volume
How to do CWP right to prepare your organization and protect it from the next widespread vulnerability. ...
Tenable サイバーウォッチ: ダーク Web マーケットプレイス Genesis Market の閉鎖、ChatGPT の使用による個人データ 保護規則の違反など
This week’s edition of the Tenable Cyber Watch unpacks the international sting operation that successfully shut down notorious cybercrime marketplace Genesis Market and explores how using ChatGPT can breach data privacy rules. また、 Why the cybersecurity term “BISO” is getting all the buzz. ...
ETHOS: OT セキュリティのコミュニティ間で脅威情報を共有
Tenable participates in a first-of-its-kind initiative that will aggregate information from several operational technology (OT) security vendors to share emerging threat intelligence with critical infrastructure service providers....
CVE-2023-20864: VMware Aria Operations for Logs のデシリアライゼーションの脆弱性
VMware issues advisory to address two flaws in its VMware Aria Operations for Logs solution, including a critical deserialization flaw assigned a CVSSv3 score of 9.8....
サイバーセキュリティニュース: サプライチェーンセキュリティの最新情報 – SBOM ディストリビューション、オープンソースの脆弱性、新しいセキュリティフレームワーク
Check out what CISA says about the sharing of software bills of materials. Plus, why you should tread carefully with open source components. Also, the SLSA supply chain security framework is ready. In addition, security worries hold back enterprise IoT adoption. And much more!...
オラクル、2023 年 4月 「Critical Patch Update」で 231 件の CVE を修正
Oracle addresses 231 CVEs in its second quarterly update of 2023 with 433 patches, including 74 critical updates....
幅広いクラウドセキュリティに影響を与える 7 つの規制とコンプライアンスフレームワーク
Security teams responsible for enforcing regulatory and compliance mandates in a scalable and consistent way are often challenged to translate general legislative guidelines and controls into specific policies, tools and processes....
