Blog de Tenable
Dynamic Objects in Active Directory: The Stealthy Threat
Prácticas recomendadas de gestión y autenticación de contraseñas
Attackers are always looking for new ways to crack passwords and gain access to sensitive information. Keeping passwords secure is a challenging, yet critical task. Read this blog to learn several best practices for password management and authentication so you can keep your environment safe.
Tenable Cyber Watch: SEC emite nuevas reglas de divulgación cibernética, las debilidades de software más peligrosas de MITRE y más
This week’s edition of Tenable Cyber Watch unpacks the new cybersecurity disclosures rules from the U.S. Securities and Exchange Commission and looks at MITRE’s list of the most dangerous software weaknesses. Also covered: Cloud adoption by financial institutions continues to increase. What one…
Instantánea de ciberseguridad: ¿Qué, me preocupo? Las empresas adoptan IA generativa, los riesgos de seguridad se condenan
Seduced by generative AI’s potential, organizations plunge ahead overlooking its pitfalls. Plus, check out a common flaw that puts web app data at risk. Also, why many zero day bugs last year were variants of known vulnerabilities. Moreover, find out the current cost of a data breach – ouch! And…
Evitando el azar en la seguridad: el buen gobierno le ayuda desde el código hasta la nube
What's involved in shifting cloud security responsibilities to the app development team with governance by the security team?
AA23-215A: Principales vulnerabilidades explotadas de forma rutinaria en 2022
A joint Cybersecurity Advisory collaborated on by multiple international agencies highlights the top routinely exploited vulnerabilities of 2022.
CNAPPgoat: The Multicloud Open-Source Tool for Deploying Vulnerable-by-Design Cloud Resources
Here’s all you need to know about CNAPPgoat, our open-source project designed to modularly provision vulnerable-by-design components in cloud environments.
Uso del protocolo de ubicación de servicios (SLP) para buscar interfaces de gestión expuestas
Exposed management interfaces are valuable entry points for attackers. CISA Binding Operational Directive 23-02 calls for getting them off the internet. Here’s a novel approach for finding some of these elusive devices using SLP.
Desempaquetando el modelo de responsabilidad compartida para la seguridad en la nube: cómo evitar brechas en la cobertura y confusión
Confusion over the scope of customer responsibility for cloud security causes control gaps and exposes businesses to risks of attack and non-compliance. Secure configuration of customer-managed resources is the most critical factor for reducing cloud risk. However, it can only be achieved by first…
Las novedades en Tenable OT Security 3.16: Elevación de la seguridad del sistema de gestión de edificios y la experiencia del usuario
Tenable OT Security 3.16 introduces advanced security for building automation systems, a streamlined interface and simplified upgrade process, empowering users to be at the forefront of securing their IT, OT, BMS and IoT assets with confidence.
