Tenable blog
What Makes This “Data Privacy Day” Different?
Tenable.io and Tenable.io WAS Achieve FedRAMP Authorization
Six reasons why FedRAMP authorization for Tenable.io and Tenable.io Web App Scanning (WAS) is important for our customers and partners. After lengthy and rigorous testing under the U.S. Federal Risk and Authorization Management Program (FedRAMP), we are excited to announce that Tenable.io and Tenab...
CVE-2021-41773: Path Traversal Zero-Day in Apache HTTP Server Exploited
The Apache HTTP Server Project patched a path traversal vulnerability introduced less than a month ago that has been exploited in the wild.Update October 7: The Solution section has been updated to reflect the secondary fix the Apache HTTP Server Project released.BackgroundOn October 5, the Apache H...
Taking IBM QRadar SIEM One Step Further Using Tenable.ad
If you can't continuously monitor Active Directory, it's impossible to achieve full visibility into your evolving attack surface. Here's how combining Tenable.ad with IBM QRadar can help. It's no secret that CISOs are constantly challenged with new cyberthreats across an expanding attack surface. T...
Spotlight on the Kingdom of Saudi Arabia: The New World Of Work Introduces Risks Attackers Can Utilize
A new world of work has been adopted by Saudi Arabian organizations, with many planning to make hybrid and remote work models permanent. Here’s how these changes are increasing risk. The transition to cloud adoption and remote work practices, which were being cautiously adopted in Saudi Arabia prio...
Spotlight on India: A Perimeter-less Workplace Introduces More Risk
India's plans for hybrid work models in the next 12-24 months are outpacing the speed of security in India. Find out where organizations need to place their focus to secure the new world of work. The rapid deployment of new technologies to facilitate remote work heightened the level of risk for Ind...
Spotlight on Australia: Remote Work is Here to Stay and So are Cyberattacks
Snap lockdowns are making remote work models a permanent feature — and leaving organisations more exposed to risk. Find out how the floodgates for cyberattacks have opened in Australia. As many Australians grapple with long stints of remote work due to snap lockdowns, it's looking more certai...
An Introduction to “Scan Everything”
A “scan everything” approach tests and triages every asset to understand your organization’s risk and how to reduce risk quickly and efficiently. ...
How to Talk to Your Boss About Zero Trust
A recent Executive Order from the Biden Administration put zero trust architecture in the spotlight. When your top execs come asking about it, here's what you need to know. President Joseph R. Biden's May 12 Executive Order on Improving the Nation's Cybersecurity brought renewed interest in zero tr...
CVE-2021-38647 (OMIGOD): Critical Flaw Leaves Azure Linux VMs Vulnerable to Remote Code Execution
Agents installed by default on Azure Linux virtual machines are vulnerable to a remote code execution flaw that can be exploited with a single request. Background On September 14, researchers at Wiz disclosed a set of four vulnerabilities in Microsoft’s Open Management Infrastructure (OMI), an ope...
