Tenable 블로그
CVE-2025-25256: Proof of Concept Released for Critical Fortinet FortiSIEM Command Injection Vulnerability
How to Remediate Risk to Critical OT/IoT Systems without Disrupting Operations
Find out how adopting a proactive approach to secure your operational environments can help you reduce risk and eliminate downtime....
Microsoft’s August 2025 Patch Tuesday Addresses 107 CVEs (CVE-2025-53779)
Microsoft addresses 107 CVEs, including one zero-day vulnerability that was publicly disclosed....
From Vulnerability to Visibility: What the SharePoint Attacks Reveal About the Need for Proactive Cybersecurity
The recent exploitation of Microsoft SharePoint vulnerabilities highlights a critical gap in traditional, reactive cybersecurity strategies. Learn how a proactive exposure management approach empowers federal agencies to reduce risk, streamline operations and stay secure....
The Breach You Didn’t See Coming: How Invisible Combinations of Risk Are Exposing Your Organization
Most breaches don’t happen because of one glaring issue. They happen when multiple, seemingly low-risk factors silently combine. Learn how invisible risk combinations evade siloed security tools and how an exposure management program gives defenders the context they need to stop attacks before they ...
Tenable Jailbreaks GPT-5, Gets It To Generate Dangerous Info Despite OpenAI’s New Safety Tech
Within just 24 hours of the release of OpenAI’s GPT-5, Tenable Research successfully managed to jailbreak the model by getting it to share detailed instructions for how to build an explosive. Our finding is concerning, given that OpenAI described GPT-5's prompt safety technology as significantly mor...
How Tenable’s Security Team Went from Thousands of Alerts to a Handful of Tickets with Exposure Management
매주 월요일 Tenable 위험 노출 관리 아카데미에서는 취약성 관리에서 위험 노출 관리로 전환하기 위해 필요한 실용적이고 실제 환경에 사용할 수 있는 참조 자료를 제공합니다. In this post, Tenable CSO Robert Huber shares how he and his team have guided the company to unified exposure management. ...
사이버 보안 스냅샷: CISA Analyzes Malware Used in SharePoint Attacks, as U.K. Boosts Cyber Assessment Framework
Check out what CISA found after it dissected malware from the latest SharePoint hacks. Plus, the U.K.’s cyber agency is overhauling its cyber framework to keep pace as threats escalate. In addition, CISA is sounding the alarm on a high-severity vulnerability impacting hybrid Exchange environments. A...
CVE-2025-53786: Frequently Asked Questions About Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability
Frequently asked questions about CVE-2025-53786, an elevation of privilege vulnerability affecting Microsoft Exchange Server Hybrid Deployments....
We're a Major Player in the 2025 IDC MarketScape for CNAPP. Here's Why That Matters for Your Cloud Security.
"With a strong focus on CNAPP through Tenable Cloud Security and exposure management with Tenable One, Tenable provides visibility and control over hybrid attack surfaces, including on-premises, cloud, and hybrid environments,” according to the report....
