Blog de Tenable
CVE-2025-40602: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Exploited
Cinco pasos para trasladarse hacia la gestión de exposición
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, we explore the five steps to take on your journey to exposure management.
Instantánea de ciberseguridad: SANS Recommends Six Controls To Secure AI Systems, While NCSC Warns About Outdated API Security Methods
Check out the security controls that SANS Institute says are essential for protecting your AI systems. Plus, the U.K. NCSC urges organizations to adopt newer API security practices. In addition, CISA and other cyber agencies warn that attackers are using “fast flux” techniques to conceal their…
Cómo endurecer los permisos de GitLab con Tenable
If your organization uses GitLab for managing your software development lifecycle, you must ensure you’re not misconfiguring the permissions of this open source DevSecOps platform. Doing so can expose your source code, along with sensitive data, while creating security risks. In this blog, we’ll…
ImageRunner: una vulnerabilidad de escalación de privilegios que afecta a GCP Cloud Run
Tenable Research discovered a privilege escalation vulnerability in Google Cloud Platform (GCP) that is now fixed and which we dubbed ImageRunner. At issue are identities that lack registry permissions but that have edit permissions on Google Cloud Run revisions. The vulnerability could have…
Los líderes de ciberseguridad comparten tres desafíos que la gestión de exposición les ayuda a resolver
Todos los lunes, la Exposure Management Academy de Tenable ofrece la orientación práctica y del mundo real que necesita para pasar de la gestión de vulnerabilidades a la gestión de exposición. In this blog, we share three challenges cybersecurity leaders say exposure management helps them solve.
Instantánea de ciberseguridad: NIST Details Attacks Against AI, Recommends Defenses, While ETSI Issues Quantum-Resistant Crypto Standard
Check out NIST’s comprehensive taxonomy of cyberattacks against AI systems, along with mitigation recommendations. Plus, organizations have another cryptographic algorithm for protecting data against future quantum attacks. And get the latest on the IngressNightmare vulnerabilities, and on cyber…
¿Quién teme a los riesgos de IA en los entornos en la nube?
The Tenable Cloud AI Risk Report 2025 reveals that 70% of AI cloud workloads have at least one unremediated critical vulnerability — and that AI developer services are plagued by risky permissions defaults. Find out what to know as your organization ramps up its AI game.
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare
Frequently asked questions about five vulnerabilities in the Ingress NGINX Controller for Kubernetes, collectively known as IngressNightmare.
What it Takes to Start the Exposure Management Journey
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to make the shift from vulnerability management to exposure management. In this blog, Tenable Senior Staff Information Security Engineer Arnie Cabral, who is leading the company's internal…
Póngase en contacto con nuestro equipo de ventas