Tenable ブログ
サイバーセキュリティニュース: 攻撃された SharePoint の脆弱性に緊急パッチがリリース、米国政府が AI 行動計画を発表
「VPR」とは何か。「CVSS」とはどう違うのか。
このブログシリーズでは、さまざまな観点からVPR(脆弱性の優先度評価)について詳しく説明します。Part one will focus on the distinguishing characteristics of VPR that make it a more suitable tool for prioritizing remediation efforts than the Common Vulnerability S...
CVE-2020-1938: Ghostcat - Apache Tomcat AJP における実行ファイル読み込み・インクルージョンに関する脆弱性 (CNVD-2020-10487)
Several proof-of-concept exploit scripts for recently patched flaw in Apache Tomcat are now available.BackgroundOn February 20, China National Vulnerability Database (CNVD) published a security advisory for CNVD-2020-10487, a severe vulnerability in Apache Tomcat’s Apache JServ Protocol (or AJP). AJ...
Tenable Lumin でプロセスの整合性におけるリスクを把握
成熟したリスクベースの脆弱性管理を実践するには、ビジネスシステムのリスクとプロセスの整合性のリスクを評価する 2 つのリスク指標が不可欠です。Tenable Lumin の新しい評価成熟度スコアは、両方に対する知見を提供します。Risk-based vulnerability management requires metrics addressing two types of r...
Cash App の詐欺:YouTube 動画が簡単な金儲けを約束し、プレゼントキャンペーンが Instagram ユーザーを罠にハメる
Cash App 詐欺師は、Instagram と YouTube のユーザーをターゲットにしています。Here’s what you need to know about their tactics — and how to avoid being conned.In part one of our two-part series on Cash App scammers, I explored how promotional tactics used by the popular person-to-person (P2P) payment service...
適切な脆弱性管理ソリューションを選択するには
As vulnerability management evolves, organizations are seeing increased need for prioritization, benchmarking and flexible reporting. Here are five things to keep in mind when choosing a vulnerability management solution.Vulnerability management is once again rising to the top of the security agenda...
Tenable Lumin: 脆弱性管理をビジネス言語に変換する
With Tenable Lumin, we’re giving customers a bridge between the language of vulnerability management and the language of business. In our work here at Tenable, we often hear from our CISO customers about the dual challenges they face: How to help business executives and the board unde...
Nessusを使用して脆弱性スキャンを初回実行するにはNessusで最初の脆弱性スキャンを実行しましょう
Get your Nessus vulnerability assessment tool up and running with these five easy steps.With Nessus, you can gain full visibility into your network by conducting a vulnerability assessment. Read on as we guide you through the five steps to run your first Nessus scan. (If you have not yet installed N...
脆弱性管理の基本:知っておくべきこと
In part one of our five-part series on vulnerability management fundamentals, we explore the four stages of the Cyber Exposure lifecycle. ...
セキュリティチーム:脆弱性対応について知っておくべきこと
Tenable’s Predictive Prioritization leverages data science and machine learning to make it easier for cybersecurity teams to find, patch and remediate vulnerabilities. Week after week, critical vulnerabilities in enterprise software are found and published, sending security teams off ...