사이버 보안 스냅샷: 미국 AI 사이버 보안 도구 컨테스트에서 수백만 달러 수여 및 NIST에서 사이버 보안 프레임워크 개편
Got an idea for a new AI-based cybersecurity product? You could win millions in a new contest. Meanwhile, NIST has drafted a major revision to the CSF 2.0 and wants your opinion about it. Also, there’s a new free tool that flags security flaws in public AI models. Plus, most cloud breaches are cause...
Tenable One에 ExposureAI 소개: 예방적 사이버 보안의 미래와 만나기
Tenable One - 위험 노출 관리 플랫폼은 이미 조직에서 예방적 사이버 보안을 실천하는 방식을 변화시키고 있습니다. Now, with the introduction of ExposureAI, users can unleash the full potential of generative artificial intelligence to stay one step ahead of attackers....
Secure Your AWS EC2 Instance Metadata Service (IMDS)
Read this review of IMDS, an important AWS EC2 service component, to understand its two versions and improve your AWS security....
Microsoft의 August 2023 Patch Tuesday에서 73개 CVE를 처리(CVE-2023-38180)
Microsoft addresses 73 CVEs, including one vulnerability exploited in the wild....
비밀번호 관리 및 인증 모범 사례
Attackers are always looking for new ways to crack passwords and gain access to sensitive information. Keeping passwords secure is a challenging, yet critical task. Read this blog to learn several best practices for password management and authentication so you can keep your environment safe....
Tenable Cyber Watch: SEC에서 새 사이버 보안 공개 규칙 발급, MITRE의 가장 위험한 소프트웨어 약점 등
This week’s edition of Tenable Cyber Watch unpacks the new cybersecurity disclosures rules from the U.S. Securities and Exchange Commission and looks at MITRE’s list of the most dangerous software weaknesses. Also covered: Cloud adoption by financial institutions continues to increase. What one stud...
사이버 보안 스냅샷: 우리가 무엇을 걱정? 비즈니스가 생성형 AI를 도입하면서 보안 위험 증가
Seduced by generative AI’s potential, organizations plunge ahead overlooking its pitfalls. Plus, check out a common flaw that puts web app data at risk. Also, why many zero day bugs last year were variants of known vulnerabilities. Moreover, find out the current cost of a data breach – ouch! And muc...
뷔페식 보안 피하기: 올바른 거버넌스는 코드에서 클라우드까지 유익
What's involved in shifting cloud security responsibilities to the app development team with governance by the security team?...
AA23-215A: 2022년 가장 일반적으로 악용되는 취약성
A joint Cybersecurity Advisory collaborated on by multiple international agencies highlights the top routinely exploited vulnerabilities of 2022....
CNAPPgoat: The Multicloud Open-Source Tool for Deploying Vulnerable-by-Design Cloud Resources
Here’s all you need to know about CNAPPgoat, our open-source project designed to modularly provision vulnerable-by-design components in cloud environments....
Service Location Protocol(SLP)를 사용하여 위험에 노출된 관리 인터페이스 찾기
Exposed management interfaces are valuable entry points for attackers. CISA Binding Operational Directive 23-02 calls for getting them off the internet. Here’s a novel approach for finding some of these elusive devices using SLP....
클라우드 보안의 공유 책임 모델 언패킹: 보안 범위 공백 및 혼란을 피하는 방법
Confusion over the scope of customer responsibility for cloud security causes control gaps and exposes businesses to risks of attack and non-compliance. Secure configuration of customer-managed resources is the most critical factor for reducing cloud risk. However, it can only be achieved by first u...
