단 5분의 시간이 있다면 CNAPP을 짧게 설명합니다(물론 자세한 전자책도 있습니다)
클라우드 네이티브 애플리케이션 보호 플랫폼(CNAPP)에 대한 모든 논의가 아직 혼란스럽게 느껴지신다면 걱정하지 마십시오. Our new eBook “Empower Your Cloud: Mastering CNAPP Security” explains in plain English what CNAPP is, how it works and why it’ll help you secure your cloud environment confidently. Read…
중요한 SaaS 애플리케이션에 JIT 액세스를 사용하여 클라우드 보안을 개선
Using just-in-time controls to secure access to your SaaS applications will reduce your cloud attack surface by avoiding permanent access and enforcing least privilege.
How To Do a Security Audit of Pimcore Enterprise Platform
Our new research paper gives you a roadmap for using Pimcore's features while preserving security.
Tenable Customer Update about CrowdStrike Incident
Please read this important customer update about CrowdStrike's recent incident.
사이버 보안 스냅샷: CISA Breaks Into Agency, Outlines Weak Spots in Report, as Cloud Security Alliance Updates Cloud Sec Guidance
CISA’s red team acted like a nation-state attacker in its assessment of a federal agency’s cybersecurity. Plus, the Cloud Security Alliance has given its cloud security guidance a major revamping. Meanwhile, a Google report puts a spotlight on insecure credentials. And the latest on open source…
Tenable Announces Former Senior Administration Officials to Inaugural Public Sector Advisory Board
Rob Joyce and Mark Weatherford will help Tenable shape federal cyber and AI policy
Oracle의 July 2024 중요 패치 업데이트로 175개 CVE 해결
Oracle addresses 175 CVEs in its third quarterly update of 2024 with 386 patches, including 26 critical updates.
사이버 보안 스냅샷: CISA Tells Tech Vendors To Squash Command Injection Bugs, as OpenSSF Calls on Developers To Boost Security Skills
Check out CISA’s call for weeding out preventable OS command injection vulnerabilities. Plus, the Linux Foundation and OpenSSF spotlight the lack of cybersecurity expertise among SW developers. Meanwhile, GenAI deployments have tech leaders worried about data privacy and data security. And get the…
위험 기반 취약성 관리가 최근 IT 환경의 보안 포스처를 강화하는 방식
취약성 평가 및 취약성 관리는 비슷하게 생각되지만 다릅니다. As a new Enterprise Strategy Group white paper explains, it’s key to understand their differences and to shift from ad-hoc vulnerability assessments to continuous, risk-based vulnerability management (RBVM)…
Microsoft’s July 2024 Patch Tuesday Addresses 138 CVEs (CVE-2024-38080, CVE-2024-38112)
Microsoft addresses 138 CVEs in its July 2024 Patch Tuesday release, with five critical vulnerabilities and three zero-day vulnerabilities, two of which were exploited in the wild.
regreSSHion 취약성이 클라우드 환경에 영향을 줄 수 있는 방식
With growing concern over the recently disclosed regreSSHion vulnerability, we’re explaining here what it is, why it’s so significant, what it could mean for your cloud environment and how Tenable Cloud Security can help.
사이버 보안 스냅샷: Malicious Versions of Cobalt Strike Taken Down, While Microsoft Notifies More Orgs About Midnight Blizzard Email Breach
Check out the results of a multinational operation against illegal instances of Cobalt Strike. Plus, more organizations are learning that Midnight Blizzard accessed their email exchanges with Microsoft. Meanwhile, Carnegie Mellon has a new report about how to fix and mitigate API vulnerabilities…