Tenable Blog

A Hard-Coded NULL root user password vulnerability was found in Alpine Linux Docker Images from December 2015’s 3.3 version onward. Users are encouraged to disable the root user, or any services that utilize the system shadow file as an authentication database.

Attackers are targeting vulnerable Confluence instances after company published a fix for the vulnerability back in March 2019.

Background

On March 20, Atlassian published a Confluence Security Advisory to announce fixes for two vulnerabilities, CVE-2019-3395 and CVE-2019-3396.

Moving from Nessus Pro to Tenable.sc or Tenable.io can easily help you mature your vulnerability management program. Here's what you need to know.

Does your vulnerability management workflow involve a spreadsheet at any point? If so, you’re doing it wrong. Well, maybe not wrong per se, but definitely inefficiently.

In my career, I’ve been both the recipient and the creator of some monster-sized vulnerability spreadsheets that triggered “whack-a-mole” remediation exercises. It can be daunting to determine not only what to fix, but in what order.

Tenable Industrial Security can now be sold, installed and managed by Siemens professional services staff, alongside the company’s SPPA-T3000 distributed control system.

In part four of our six-part blog series, we explore the challenges facing organizations as they try to accurately answer the question “How are we reducing our exposure over time.” Here’s what you need to know.

When you’re tasked with addressing thousands of vulnerabilities per year, it’s hard to imagine having the luxury to pause and assess your current performance against prior periods. But the only way you’ll know if your security efforts and investments are paying off is by having a standard way to benchmark your progress over time.