Tenable Cyber Watch: escasez de habilidades cibernéticas en 2023, la habilidad de tecnología cibernética más solicitada en 2023 y más
This week edition of Tenable Cyber Watch unpacks the 2023 cyber skills shortage and addresses the most sought-after cyber skills in 2023. Also covered: The most in-demand cybersecurity jobs from 2023 according to COMPTIA's "State of the Tech Workforce Report." Why did CISA urge AI vendors to ap...
Cómo enfrentar los desafíos de OT: inventario de activos y evaluación de vulnerabilidades
The plurality of devices and protocols found in operational technology (OT) environments makes asset discovery and remediation a challenge. Here’s how Tenable OT Security can help....
Instantánea de ciberseguridad: CISA Calls on Software Makers To Use Memory Safe Languages, as OpenSSF Issues Secure Software Principles
CISA is urging developers to stamp out memory vulnerabilities with memory safe programming languages. Meanwhile, the OpenSSF published 10 key principles for secure software development. Plus, malware used in fake browser-update attacks ballooned in Q3. In addition, a new program aims to boost the cy...
CVE-2023-4966 (CitrixBleed): invalide las sesiones activas o persistentes para evitar un mayor riesgo
Patching CitrixBleed isn’t enough; organizations need to invalidate active or persistent session tokens as the these tokens can be used to compromise networks and bypass authentication measures including multifactor authentication...
Tenable Cyber Watch: CSA lanza la certificación de Zero Trust, CISA actualiza el formulario de certificación de seguridad y más
This week’s edition of Tenable Cyber Watch unpacks CISA’s Security Attestation Form Draft and discusses CSA’s new Zero Trust Certification. Also covered: The FCC’s new pilot program that would help U.S. schools and libraries boost their cybersecurity. ...
Instantánea de ciberseguridad: Los gobiernos de los EE. UU. y el Reino Unido ofrecen asesoría de cómo construir sistemas de IA seguros
Looking for guidance on developing AI systems that are safe and compliant? Check out new best practices from the U.S. and U.K. cyber agencies. Plus, a new survey shows generative AI adoption is booming, but security and privacy concerns remain. In addition, CISA is warning municipal water plants abo...
Maximice el valor de su escaneo de vulnerabilidades con escaneo autenticado
Want to get a lot more value out of your vulnerability scans? Start doing authenticated scanning...
AWS Access Analyzer acaba de mejorar, al igual que Tenable Cloud Security
AWS IAM Access Analyzer now has an API allowing you to make custom policy checks. Tenable Cloud Security allows you to easily use this API as part of its code scanning functionality. Find out how and why it’s important.AWS today announced a significant enhancement to AWS IAM Access Analyzer (AA) all...
Identidades: el tejido conectivo para la seguridad en la nube
Casi todo lo que existe en la nube está a un privilegio excesivo o un error de configuración de sufrir una exposición. Proper cloud posture and entitlement management can help mitigate risk and eliminate toxic combinations....
Tenable Cyber Watch: NCSC ofrece orientación para la amenaza cuántica, adopción de SBOM para proteger la cadena de suministro de software y más
This week’s edition of Tenable Cyber Watch unpacks what organizations need to do to prepare for quantum computing attacks and addresses SBOM adoption to help organizations beef up the security of the software supply chain. Also covered: El Office of Management and Budget drafts guidance for fe...
Instantánea de ciberseguridad: El gobierno de los EE. UU. revisa y busca información con cuestionario de evaluación de seguridad para proveedores de software
Uncle Sam wants your input on the latest version of the “Secure Software Development Attestation Form” that federal agencies will use to assess the security of software vendors. Plus, it’s warning cyber teams about the threats from the Rhysida and Scattered Spider cybercrime groups. In addition, the...
Decrypting CNAPP: Moving Beyond the Acronyms and Analyst Jargon to a Unified Approach to Cloud Security
CNAPPs provide end-to-end protection of cloud workloads by combining previously siloed tools, such as CSPM and CWPP into a single platform. In this post, we’ll explain what the key benefits of CNAPP are and how organizations can use these tools to protect their cloud workloads....
