We're a Major Player in the 2025 IDC MarketScape for CNAPP. Here's Why That Matters for Your Cloud Security.
"With a strong focus on CNAPP through Tenable Cloud Security and exposure management with Tenable One, Tenable provides visibility and control over hybrid attack surfaces, including on-premises, cloud, and hybrid environments,” according to the report....
Identity is the New Perimeter: Why Your IdP Isn’t Enough
In a cloud-first world, identity is one of the most critical layers of security. While organizations are making progress using IdPs, major identity protection gaps remain....
Tackling Shadow AI in Cloud Workloads
As enterprise adoption of cloud AI systems balloons, protecting them has become a priority for cybersecurity teams. Shadow AI – the rampant, unsanctioned use of AI apps and services – has emerged as a particularly critical threat. Here we outline two best practices that can help you combat shadow AI...
OCI, Oh My: Remote Code Execution on Oracle Cloud Shell and Code Editor Integrated Services
Tenable Research discovered a Remote Code Execution (RCE) vulnerability (now remediated) in Oracle Cloud Infrastructure (OCI) Code Editor. We demonstrated how an attacker could silently 1-click hijack a victim’s Cloud Shell environment and potentially pivot across OCI services. The vulnerability als...
Seguridad en la nube más robusta en cinco minutos: Acelere la respuesta en la nube
In this sixth installment of Tenable’s “Stronger Cloud Security in Five” blog series, we offer three recommendations that you can quickly roll out to help you expedite, prioritize and fine-tune how you detect and respond to cloud security issues....
Los secretos están expuestos: exposiciones de datos en la nube que ponen en riesgo a su negocio
Los datos confidenciales y los secretos se están filtrando. How cloud security leaders can shut them down....
Seguridad en la nube más robusta en cinco minutos: 3 formas rápidas de mejorar la seguridad de Kubernetes en GCP
In this fifth installment of Tenable’s “Stronger Cloud Security in Five” blog series, we offer three best practices for quickly hardening your Kubernetes environment’s security in GCP: remove wide inbound access to cluster APIs; remove root permissions from containers; and remove privileged permissi...
Seguridad en la nube más robusta en cinco minutos: How DSPM Helps You Discover, Classify and Secure All Your Data Assets
In this fourth installment of Tenable’s “Stronger Cloud Security in Five” blog series, we turn our attention to securing cloud data, a complex endeavor as data grows exponentially and threats become more sophisticated. Check out five DSPM best practices to sharpen your cloud data security and compli...
El futuro de la gestión del acceso a la nube: ¿cómo Tenable Cloud Security redefine el acceso justo a tiempo?
Traditional approaches to cloud access rely on static, permanent permissions that are often overprivileged. Learn how just-in-time access completely changes the game....
Seguridad en la nube más robusta en cinco minutos: Cómo proteger sus cargas de trabajo en la nube
In the first installment of Tenable’s “Stronger Cloud Security in Five” blog series, we covered cloud security posture management (CSPM), which focuses on protecting your multi-cloud infrastructure by detecting misconfigurations. Today, we turn to securing cloud workloads, which are the applications...
ConfusedComposer: Una vulnerabilidad de escalación de privilegios que afecta a GCP Composer
Tenable Research discovered a privilege-escalation vulnerability in Google Cloud Platform (GCP) that is now fixed and which we dubbed ConfusedComposer. The vulnerability could have allowed an identity with permission (composer.environments.update) to edit a Cloud Composer environment to escalate pri...
Seguridad en la nube más robusta en cinco minutos: la importancia de la seguridad de la configuración en la nube
Mismanaging configurations in your multi-cloud environment can put you at an elevated risk for cyber attacks. In the first installment of our “Stronger Cloud Security in Five” blog series, we outline five best practices for boosting your cloud configuration management....