Tenable 블로그
사이버 보안 스냅샷: Industrial Systems in Crosshairs of Russian Hackers, FBI Warns, as MITRE Updates List of Top Hardware Weaknesses
Geopolitics Just Cranked Up Your Threat Model, Again. Here’s What Cyber Pros Need to Know
If it feels like your entire cybersecurity program is once again operating on a geopolitical fault line, you're not imagining things....
사이버 보안 스냅샷: Beware of Mobile Spyware Attacks, Cyber Agencies Warn, While Corporate Boards Get Cyber Governance Guidance
Check out why a global geopolitical spyware campaign could ensnare mobile users outside of its target groups. Plus, the U.K.’s cyber agency offers cyber governance resources to boards of directors. Also, find out what webinar attendees told Tenable about using port scanning and service discovery to ...
Frequently Asked Questions About Model Context Protocol (MCP) and Integrating with AI for Agentic Applications
The emergence of Model Context Protocol for AI is gaining significant interest due to its standardization of connecting external data sources to large language models (LLMs). While these updates are good news for AI developers, they raise some security concerns. In this blog we address FAQs about MC...
5분 만에 더 강력한 클라우드 보안: 클라우드 구성 보안의 중요성
Mismanaging configurations in your multi-cloud environment can put you at an elevated risk for cyber attacks. In the first installment of our “Stronger Cloud Security in Five” blog series, we outline five best practices for boosting your cloud configuration management....
Microsoft의 April 2025 Patch Tuesday에서 121개 CVE에 대응(CVE-2025-29824)
Microsoft addresses 121 CVEs including one zero-day which was exploited in the wild....
Just-In-Time 액세스를 구현하는 방법: 모범 사례 및 배운 점
With the just-In-time (JIT) access control method, privileges are granted temporarily on an as-needed basis. This reduces static entitlements, lowering the risk of compromised accounts and preventing privilege creep. In this blog, we’ll share how we implemented JIT access internally at Tenable using...
위험 노출 관리로 향하는 5개 단계
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, we explore the five steps to take on your journey to exposure management....
사이버 보안 스냅샷: SANS Recommends Six Controls To Secure AI Systems, While NCSC Warns About Outdated API Security Methods
Check out the security controls that SANS Institute says are essential for protecting your AI systems. Plus, the U.K. NCSC urges organizations to adopt newer API security practices. In addition, CISA and other cyber agencies warn that attackers are using “fast flux” techniques to conceal their actio...
How To Harden GitLab Permissions with Tenable
If your organization uses GitLab for managing your software development lifecycle, you must ensure you’re not misconfiguring the permissions of this open source DevSecOps platform. Doing so can expose your source code, along with sensitive data, while creating security risks. In this blog, we’ll exp...
