Blog de Tenable
CVE-2025-20333, CVE-2025-20362: Frequently Asked Questions About Zero-Day Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) Vulnerabilities
MCP Prompt Injection: Not Just For Evil
MCP tools are implicated in several new attack techniques. Here's a look at how they can be manipulated for good, such as logging tool usage and filtering unauthorized commands.
El futuro de la gestión del acceso a la nube: ¿cómo Tenable Cloud Security redefine el acceso justo a tiempo?
Los abordajes tradicionales de acceso en la nube se basan en permisos estáticos y permanentes que frecuentemente tienen privilegios excesivos. Descubra cómo el acceso justo a tiempo cambia completamente las reglas del juego.
Exposure Management Works When the CIO and CSO Are in Sync
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, Tenable CIO Patricia Grant looks at how the CIO/CSO relationship is key to a successful exposure management program.
La reducción del tiempo de corrección sigue siendo un desafío: cómo puede ayudar Tenable Vulnerability Watch
Timely vulnerability remediation is an ongoing challenge for organizations as they struggle to prioritize the exposures that represent the greatest risk to their operations. Existing scoring systems are invaluable but can lack context. Here’s how Tenable’s Vulnerability Watch classification system…
CVE-2025-31324: Vulnerabilidad de día cero en SAP NetWeaver explotada en la realidad
SAP has released out-of-band patch to address CVE-2025-31324, a critical zero-day vulnerability in SAP NetWeaver that has been exploited by threat actors. Organizations are strongly encouraged to apply patches as soon as possible.
Instantánea de ciberseguridad: Verizon DBIR Finds Attackers Feast on Vulnerability Exploits for Initial Access, While MITRE ATT&CK Adds Mobile, Cloud, ESXi Threat Intel
Check out highlights from this year’s Verizon DBIR, including a surge in zero-day exploits targeting edge devices and VPNs. Plus, find out what’s new in the latest version of MITRE ATT&CK. Also, see what Tenable webinar attendees said about AI security. And get the latest on ransomware preparedness…
A pesar del reciente endurecimiento de la seguridad, la función de sincronización de Entra ID permanece susceptible a vulneraciones perpetradas por atacantes
Microsoft synchronization capabilities for managing identities in hybrid environments are not without their risks. In this blog, Tenable Research explores how potential weaknesses in these synchronization options can be exploited.
Seguridad en la nube más robusta en cinco minutos: Cómo proteger sus cargas de trabajo en la nube
In the first installment of Tenable’s “Stronger Cloud Security in Five” blog series, we covered cloud security posture management (CSPM), which focuses on protecting your multi-cloud infrastructure by detecting misconfigurations. Today, we turn to securing cloud workloads, which are the…
Verizon 2025 DBIR: La colaboración de Tenable Research destaca las tendencias de corrección de CVE
The 2025 Verizon Data Breach Investigations Report (DBIR) reveals that vulnerability exploitation was present in 20% of breaches — a 34% increase year-over-year. To support the report, Tenable Research contributed enriched data on the most exploited vulnerabilities. In this blog, we analyze 17 edge…
Póngase en contacto con nuestro equipo de ventas