Blog de Tenable
Instantánea de ciberseguridad: SharePoint Attacks Trigger Urgent Patching Calls, While U.S. Gov’t Unveils AI Innovation Plan
Si solo cuenta con cinco minutos, aquí presentamos brevemente CNAPP (pero también tenemos un libro electrónico)
Si está desconcertado por todo este revuelo sobre las plataformas de protección de aplicaciones nativas en la nube (CNAPP), no se preocupe. Our new eBook “Empower Your Cloud: Mastering CNAPP Security” explains in plain English what CNAPP is, how it works and why it’ll help you secure your cloud environment confidently. Read o...
Mejora de la seguridad en la nube con acceso JIT para aplicaciones SaaS confidenciales
Using just-in-time controls to secure access to your SaaS applications will reduce your cloud attack surface by avoiding permanent access and enforcing least privilege....
How To Do a Security Audit of Pimcore Enterprise Platform
Our new research paper gives you a roadmap for using Pimcore's features while preserving security....
Actualización para clientes de Tenable en relación al incidente de CrowdStrike
Please read this important customer update about CrowdStrike's recent incident....
Instantánea de ciberseguridad: CISA Breaks Into Agency, Outlines Weak Spots in Report, as Cloud Security Alliance Updates Cloud Sec Guidance
CISA’s red team acted like a nation-state attacker in its assessment of a federal agency’s cybersecurity. Plus, the Cloud Security Alliance has given its cloud security guidance a major revamping. Meanwhile, a Google report puts a spotlight on insecure credentials. And the latest on open source secu...
Tenable Announces Former Senior Administration Officials to Inaugural Public Sector Advisory Board
Rob Joyce and Mark Weatherford will help Tenable shape federal cyber and AI policy...
La actualización de parches críticos de Oracle de julio de 2024 aborda 175 CVE
Oracle addresses 175 CVEs in its third quarterly update of 2024 with 386 patches, including 26 critical updates....
Instantánea de ciberseguridad: CISA Tells Tech Vendors To Squash Command Injection Bugs, as OpenSSF Calls on Developers To Boost Security Skills
Check out CISA’s call for weeding out preventable OS command injection vulnerabilities. Plus, the Linux Foundation and OpenSSF spotlight the lack of cybersecurity expertise among SW developers. Meanwhile, GenAI deployments have tech leaders worried about data privacy and data security. And get the l...
Cómo la gestión de vulnerabilidades basada en el riesgo impulsa su postura de seguridad para entornos de TI modernos
La evaluación de vulnerabilidades y la gestión de vulnerabilidades suelen confundirse, pero son dos cosas distintas. De acuerdo al documento técnico de Enterprise Strategy Group: "es fundamental comprender sus diferencias y cambiar de evaluaciones de vulnerabilidades ad hoc a una gestión de vulnerabilidades basada en el riesgo (RBVM) continua". Read...
