Tenable Cyber Watch: CSA에서 제로트러스트 인증을 시작, CISA에서 보안 증명 양식을 업데이트 등
This week’s edition of Tenable Cyber Watch unpacks CISA’s Security Attestation Form Draft and discusses CSA’s new Zero Trust Certification. Also covered: The FCC’s new pilot program that would help U.S. schools and libraries boost their cybersecurity. ...
사이버 보안 스냅샷: 미국 및 영국 정부에서 보안을 유지하는 AI 시스템을 구축하는 방법에 대한 권고를 제공
Looking for guidance on developing AI systems that are safe and compliant? Check out new best practices from the U.S. and U.K. cyber agencies. Plus, a new survey shows generative AI adoption is booming, but security and privacy concerns remain. In addition, CISA is warning municipal water plants abo...
인증된 스캐닝으로 취약성 스캔의 가치를 최대화
Want to get a lot more value out of your vulnerability scans? Start doing authenticated scanning...
AWS Access Analyzer가 향상되었으며 Tenable Cloud Security도 향상됨
AWS IAM Access Analyzer now has an API allowing you to make custom policy checks. Tenable Cloud Security allows you to easily use this API as part of its code scanning functionality. Find out how and why it’s important.AWS today announced a significant enhancement to AWS IAM Access Analyzer (AA) all...
ID: 클라우드에서 보안을 위한 연결 고리
클라우드의 거의 모든 요소는 단 한 번의 과도한 권한 또는 구성 오류가 위험 노출로 이어집니다. Proper cloud posture and entitlement management can help mitigate risk and eliminate toxic combinations....
Tenable Cyber Watch: NCSC에서 퀀텀 위협에 대한 가이드라인, 소프트웨어 공급망 보안 유지를 위한 SBOM 채택 등
This week’s edition of Tenable Cyber Watch unpacks what organizations need to do to prepare for quantum computing attacks and addresses SBOM adoption to help organizations beef up the security of the software supply chain. Also covered: 미국의 Office of Management and Budget drafts guidance for fe...
사이버 보안 스냅샷: 미국 정부 기관에서 수정하여 소프트웨어 공급업체에 대한 보안 평가 질의서에 입력을 요구
Uncle Sam wants your input on the latest version of the “Secure Software Development Attestation Form” that federal agencies will use to assess the security of software vendors. Plus, it’s warning cyber teams about the threats from the Rhysida and Scattered Spider cybercrime groups. In addition, the...
CNAPP 이해하기: 약자 및 애널리스트 특수 용어를 넘어 통합된 접근 방식에서 클라우드 보안으로
CNAPPs provide end-to-end protection of cloud workloads by combining previously siloed tools, such as CSPM and CWPP into a single platform. In this post, we’ll explain what the key benefits of CNAPP are and how organizations can use these tools to protect their cloud workloads....
CitrixBleed(CVE-2023-4966)에 대한 자주 묻는 질
Frequently asked questions relating to a critical vulnerability in Citrix NetScaler that has been under active exploitation for over a month, including by ransomware groups....
Tenable Cyber Watch: 11월을 중요 인프라 보안 및 복원력의 달로 선언 등
This week’s edition of Tenable Cyber Watch unpacks Critical Infrastructure Security and Resilience month and addresses the “Shields Ready” campaign aimed at promoting critical infrastructure security and resilience. Also covered: Do most organizations need a generative AI policy? What one poll shows...
사이버 보안 스냅샷: 공급망 보안 레이더 화면에 SBOM이 있습니까? CISA 및 NSA의 새로운 권장 사항을 확인
The SBOM concept is still half-baked, but CISA and NSA want to help change that with new best practices for software vendors, developers and buyers. Plus, there’s new guidance about the Royal ransomware gang – as ransomware attacks grow. In addition, Google highlights a new typosquatting trend impac...
Tenable Nessus 스캐너 기능이 Red Hat에서 인정을 받음
The Red Hat Vulnerability Scanner Certification for Tenable Nessus represents our commitment to continue providing customers with visibility into their Red Hat Enterprise Linux systems. Read about what this means and how it benefits our customers....