We're a Major Player in the 2025 IDC MarketScape for CNAPP. Here's Why That Matters for Your Cloud Security.
"With a strong focus on CNAPP through Tenable Cloud Security and exposure management with Tenable One, Tenable provides visibility and control over hybrid attack surfaces, including on-premises, cloud, and hybrid environments,” according to the report....
Identity is the New Perimeter: Why Your IdP Isn’t Enough
In a cloud-first world, identity is one of the most critical layers of security. While organizations are making progress using IdPs, major identity protection gaps remain....
Tackling Shadow AI in Cloud Workloads
As enterprise adoption of cloud AI systems balloons, protecting them has become a priority for cybersecurity teams. Shadow AI – the rampant, unsanctioned use of AI apps and services – has emerged as a particularly critical threat. Here we outline two best practices that can help you combat shadow AI...
OCI, Oh My: Remote Code Execution on Oracle Cloud Shell and Code Editor Integrated Services
Tenable Research discovered a Remote Code Execution (RCE) vulnerability (now remediated) in Oracle Cloud Infrastructure (OCI) Code Editor. We demonstrated how an attacker could silently 1-click hijack a victim’s Cloud Shell environment and potentially pivot across OCI services. The vulnerability als...
5분만에 더 강력한 클라우드 보안: 클라우드에서 대응을 가속화
In this sixth installment of Tenable’s “Stronger Cloud Security in Five” blog series, we offer three recommendations that you can quickly roll out to help you expedite, prioritize and fine-tune how you detect and respond to cloud security issues....
공개된 비밀: 비즈니스를 위험하게 만드는 클라우드 데이터 위험 노출
Sensitive data and secrets are leaking. How cloud security leaders can shut them down....
5분 만에 더 강력한 클라우드 보안: GCP에서 Kubernetes 보안을 향상하는 3개의 빠른 방법
In this fifth installment of Tenable’s “Stronger Cloud Security in Five” blog series, we offer three best practices for quickly hardening your Kubernetes environment’s security in GCP: remove wide inbound access to cluster APIs; remove root permissions from containers; and remove privileged permissi...
5분만에 더 강력한 클라우드 보안: How DSPM Helps You Discover, Classify and Secure All Your Data Assets
In this fourth installment of Tenable’s “Stronger Cloud Security in Five” blog series, we turn our attention to securing cloud data, a complex endeavor as data grows exponentially and threats become more sophisticated. Check out five DSPM best practices to sharpen your cloud data security and compli...
클라우드 액세스 관리의 미래: Tenable Cloud Security가 Just-in-time 액세스를 새로 정의하는 방식
클라우드 액세스에 대한 기존의 접근 방식은 과도한 권한이 종종 있는 정적이고 영구적인 권한에 의존합니다. Just-in-time 액세스가 어떻게 판도를 완전히 바꾸는지 알아보십시오....
5분만에 더 강력한 클라우드 보안: 클라우드 워크로드를 보호하는 방법
Tenable의 “5분만에 더 강력한 클라우드 보안” 시리즈의 첫 번째 블로그에서는 구성 오류를 탐지하여 멀티클라우드 인프라를 보호하는 데 집중하는 CSPM(클라우드 보안 보스처 관리)에 대해 다룹니다. 지금은 클라우드 워크로드 보호 즉 애플리케이션 보호에 집중...
ConfusedComposer: GCP Composer에 영향을 권한 상승 취약성
Tenable Research discovered a privilege-escalation vulnerability in Google Cloud Platform (GCP) that is now fixed and which we dubbed ConfusedComposer. The vulnerability could have allowed an identity with permission (composer.environments.update) to edit a Cloud Composer environment to escalate pri...
5분 만에 더 강력한 클라우드 보안: 클라우드 구성 보안의 중요성
Mismanaging configurations in your multi-cloud environment can put you at an elevated risk for cyber attacks. In the first installment of our “Stronger Cloud Security in Five” blog series, we outline five best practices for boosting your cloud configuration management....