مدونة Tenable
CVE-2025-53786: Frequently Asked Questions About Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability
CVE-2023-4966 (CitrixBleed): أوقف الجلسات النشطة أو المستمرة لمنع المزيد من الحلول الوسط
Patching CitrixBleed isn’t enough; organizations need to invalidate active or persistent session tokens as the these tokens can be used to compromise networks and bypass authentication measures including multifactor authentication...
مشاهدة Tenable Cyber: تصدر CSA شهادة Zero Trust، وتحدث CISA نموذج شهادة الأمان، والمزيد
This week’s edition of Tenable Cyber Watch unpacks CISA’s Security Attestation Form Draft and discusses CSA’s new Zero Trust Certification. Also covered: The FCC’s new pilot program that would help U.S. schools and libraries boost their cybersecurity. ...
Cybersecurity Snapshot: الولايات المتحدة، المملكة المتحدةتوفر الحكومات النصائح حول كيفية بناء أنظمة ذكاء اصطناعي آمنة
Looking for guidance on developing AI systems that are safe and compliant? Check out new best practices from the U.S. and U.K. cyber agencies. Plus, a new survey shows generative AI adoption is booming, but security and privacy concerns remain. In addition, CISA is warning municipal water plants abo...
يمكنك زيادة قيمة فحص الثغرات الأمنية إلى الحد الأقصى من خلال الفحص المعتمد
Want to get a lot more value out of your vulnerability scans? Start doing authenticated scanning...
لقد أصبح AWS Access Analyzer أفضل، وكذلك أصبح Tenable Cloud Security أفضل
AWS IAM Access Analyzer now has an API allowing you to make custom policy checks. Tenable Cloud Security allows you to easily use this API as part of its code scanning functionality. Find out how and why it’s important.AWS today announced a significant enhancement to AWS IAM Access Analyzer (AA) all...
الهويات: النسيج الضام للأمان في السحابة
يمثل كل شيء تقريبًا في السحابة امتيازات مفرطة أو تكوينات غير صحيحة بعيدًا عن التعرض للمخاطر. Proper cloud posture and entitlement management can help mitigate risk and eliminate toxic combinations....
مشاهدة Tenable Cyber: يقدم المركز القومي للأمن السيبراني إرشادات للتهديد الكمي واعتماد SBOM لتأمين سلسلة توريد البرامج والمزيد
This week’s edition of Tenable Cyber Watch unpacks what organizations need to do to prepare for quantum computing attacks and addresses SBOM adoption to help organizations beef up the security of the software supply chain. Also covered: اعتمدت Office of Management and Budget drafts guidance for fe...
Cybersecurity Snapshot: الولايات المتحدةتراجع الحكومة وتسعى للوصول إلى إدخال بشأن استبيان تقييم الأمان لبائعي البرمجيات
Uncle Sam wants your input on the latest version of the “Secure Software Development Attestation Form” that federal agencies will use to assess the security of software vendors. Plus, it’s warning cyber teams about the threats from the Rhysida and Scattered Spider cybercrime groups. In addition, the...
فك تشفير CNAPP:تجاوز الاختصارات والمصطلحات التحليلية إلى نهج موحد لأمن السحابة
CNAPPs provide end-to-end protection of cloud workloads by combining previously siloed tools, such as CSPM and CWPP into a single platform. In this post, we’ll explain what the key benefits of CNAPP are and how organizations can use these tools to protect their cloud workloads....
