Tenable Cloud Security To Help Fed Agencies Tackle Cloud Challenges as It Nears FedRAMP Authorization
As federal agencies adopt a cloud-first policy, they face unique challenges in securing cloud infrastructure. Learn how Tenable Cloud Security, which is now FedRAMP "In Process," can help....
ConfusedFunction: A Privilege Escalation Vulnerability Impacting GCP Cloud Functions
Organizations that have used Google Cloud Platform’s Cloud Functions – a serverless execution environment – could be impacted by a privilege escalation vulnerability discovered by Tenable and dubbed as “ConfusedFunction.” Read on to learn all about the vulnerability and what your organization needs ...
단 5분의 시간이 있다면 CNAPP을 짧게 설명합니다(물론 자세한 전자책도 있습니다)
클라우드 네이티브 애플리케이션 보호 플랫폼(CNAPP)에 대한 모든 논의가 아직 혼란스럽게 느껴지신다면 걱정하지 마십시오. Our new eBook “Empower Your Cloud: Mastering CNAPP Security” explains in plain English what CNAPP is, how it works and why it’ll help you secure your cloud environment confidently. Read o...
중요한 SaaS 애플리케이션에 JIT 액세스를 사용하여 클라우드 보안을 개선
Using just-in-time controls to secure access to your SaaS applications will reduce your cloud attack surface by avoiding permanent access and enforcing least privilege....
regreSSHion 취약성이 클라우드 환경에 영향을 줄 수 있는 방식
With growing concern over the recently disclosed regreSSHion vulnerability, we’re explaining here what it is, why it’s so significant, what it could mean for your cloud environment and how Tenable Cloud Security can help....
Tag, You’re IT! Tagging Your Way to Cloud Security Excellence
To manage your cloud resources effectively and securely, you need to consistently tag assets across all your cloud platforms. Here we explain tagging’s main benefits, as well as proven strategies and best practices for tagging success. ...
Understanding Customer Managed Encryption Keys (CMKs) in AWS, Azure and GCP: A Comparative Insight
Explore critical differences in handling customer-managed encryption keys (CMKs) across AWS, Azure and GCP to avoid security misconfigurations and protect your data effectively....
Cloud Workload Protection: The Key to Decreasing Cloud Security Risks
More than 80% of all breaches involve data stored in the cloud, and security teams that don’t use cloud workload protection (CWP) may never get ahead of attackers who want to access as much data as possible with the least effort. A single cloud breach is often the most straightforward way into these...
These Services Shall Not Pass: Abusing Service Tags to Bypass Azure Firewall Rules (Customer Action Required)
Azure customers whose firewall rules rely on Azure Service Tags, pay attention: You could be at risk due to a vulnerability detected by Tenable Research. Here’s what you need to know to determine if you’re affected, and if so, what you should do right away to protect your Azure environment from atta...
How A CNAPP Can Take You From Cloud Security Novice To Native In 10 Steps
Context is critical in cloud security. In a recent RSA presentation, Tenable's Shai Morag offered ten tips for end-to-end cloud infrastructure security....
Kubernetes 영구 볼륨의 보안을 유지할 때 유의할 사항
To many, Kubernetes is a black box that’s difficult to understand, manage and secure. If you’re using stateful persistent volumes – cloud resources that live and manage data outside the scope of your pods – it can be even darker. ...
Kinsing Malware Hides Itself as a Manual Page and Targets Cloud Servers
Tenable Cloud Security Research Team has recently discovered that Kinsing malware, known for targeting Linux-based cloud infrastructures, exploits Apache Tomcat servers with new advanced stealth techniques. Explore our analysis and the indicators of compromise in this report....