Tenable ブログ
Axios npm パッケージに対するサプライチェーン攻撃: 範囲、影響、および対策
How to Implement CIEM – A Checklist
What differentiates a CIEM solution from other cloud security platforms, and how should a CIEM be used in an organization? Read on to find out.
Tenable の EASM ソリューションからデータと価値を抽出する
It’s essential for external attack surface management products to offer users a variety of data-extraction methods so that they can use the data in different scenarios and use cases. Learn how Tenable.asm’s various data-extraction capabilities can help you operationalize your EASM data.
Tenable サイバーウォッチ: IoT ベンダーは脆弱性を適切に開示していない、サイバーセキュリティはビジネス上の最大の懸念事項、連邦機関は GAO の勧告を完全に実施していない
This week's edition of the Tenable Cyber Watch unpacks the importance of vulnerability disclosures, explores the top reasons why cyberthreats remain a top concern among business leaders, addresses the GAO's frustrations with federal agencies not heeding their cybersecurity advice and provides…
話題の ChatGPT に対して NIST が AI セキュリティガイドラインを発表
Learn all about NIST’s new framework for artificial intelligence risk management. Plus, how organizations are balancing AI and data privacy. Also, check out our ad-hoc poll on cloud security. Then read about how employee money-transfer scams are on the upswing. その他。
今こそ米国政府がアフリカのサイバーセキュリティ強化を支援する時だ
African governments are rightly prioritizing cybersecurity and the U.S. government can assist them in building critical infrastructure that is cyber secure by design.
How Attackers Can Exploit GCP’s Multicloud Workload Solution
A deep dive into the inner workings of GCP Workload Identity Federation, taking a look at risks and how to avoid misconfigurations.
ProxyNotShell、OWASSRF、TabShell: Microsoft Exchange サーバーに今すぐセキュリティパッチを適用する
Several flaws in Microsoft Exchange Server disclosed over the last two years continue to be valuable exploits for attackers as part of ransomware and targeted attacks against organizations that have yet to patch their systems. Patching the flaws outlined below is strongly recommended.
Tenable サイバーウォッチ: CISO の仕事満足度、開発者がセキュリティ対策に苦労する理由、AI を使用してセキュリティリスクを軽減する
This week's edition of the Tenable Cyber Watch reveals key findings about CISO job satisfaction, explore how artificial intelligence and machine learning can be used to reduce risk and unpacks the communication pitfalls that hold security leaders back. Ever wonder how happy your CISO is at…
サンドワームの新たな攻撃 : Active Directory グループポリシーを悪用した新種のワイパー型マルウェア
Sandworm, the Russian-backed APT responsible for NotPetya in 2017, has recently attacked an Ukrainian organization using a new wiper, SwiftSlicer.
