Blog de Tenable
Forrester Names Tenable a Leader in the Q3 2025 Unified Vulnerability Management Solutions Wave™ Report
La gestión de la exposición es el futuro de la seguridad proactiva
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, Jorge Orchilles, Senior Director of Readiness and Proactive Security at Verizon, offers an up-close glimpse at the th...
Instantánea de ciberseguridad: NIST ofrece asesoría sobre la implementación de Zero Trust, mientras que OpenAI comparte incidentes de uso indebido de ChatGPT
Check out NIST best practices for adopting a zero trust architecture. Plus, learn how OpenAI disrupted various attempts to abuse ChatGPT. In addition, find out what Tenable webinar attendees said about their exposure management experiences. And get the latest on cyber crime trends, a new cybersecuri...
Nueva orden ejecutiva de ciberseguridad: lo que debe saber
A new cybersecurity Executive Order aims to modernize federal cybersecurity with key provisions for post-quantum encryption, AI risk and secure software development....
El Martes de parches de Microsoft de junio de 2025 aborda 65 CVE (CVE-2025-33053)
Microsoft addresses 65 CVEs, including two zero-day vulnerabilities, with one being exploited in the wild....
Cómo utilizar las métricas basadas en el riesgo en un programa de gestión de exposición
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, Tenable security engineers Arnie Cabral and Jason Schavel share how you can use risk-based metrics. ...
Instantánea de ciberseguridad: Experts Issue Best Practices for Migrating to Post-Quantum Cryptography and for Improving Orgs’ Cyber Culture
Check out a new roadmap for adopting quantum-resistant cryptography. Plus, find out how your company can create a better cybersecurity environment. In addition, MITRE warns about protecting critical infrastructure from cyber war. And get the latest on exposure response strategies and on CISO compens...
Seguridad en la nube más robusta en cinco minutos: 3 formas rápidas de mejorar la seguridad de Kubernetes en GCP
In this fifth installment of Tenable’s “Stronger Cloud Security in Five” blog series, we offer three best practices for quickly hardening your Kubernetes environment’s security in GCP: remove wide inbound access to cluster APIs; remove root permissions from containers; and remove privileged permissi...
Abuso de las extensiones del lado del cliente (CSE): una puerta trasera hacia su entorno de AD
Crucial for applying Active Directory Group Policy Objects, client-side extensions (CSEs) are powerful but also present a significant, often overlooked, attack vector for persistent backdoors. Rather than cover well-documented common abuses of built-in CSEs, this article demonstrates how to create c...
Preguntas frecuentes acerca de BadSuccessor
Frequently asked questions about “BadSuccessor,” a zero-day privilege escalation vulnerability in Active Directory domains with at least one Windows Server 2025 domain controller....