Tenable blog
Microsoft’s February 2025 Patch Tuesday Addresses 55 CVEs (CVE-2025-21418, CVE-2025-21391)
Choosing the Right CNAPP: Six Considerations for Mid-Sized Enterprises
Mid-sized enterprises increasingly find themselves in need of a CNAPP, as their cloud adoption matures. But how should they go about selecting the right one? What questions should they ask and what criteria should they use? Here we unpack six key considerations that’ll help them evaluate their optio...
Navigating the SEC’s Cybersecurity Disclosure Rules: One Year On
In December 2023, as cyberattacks surged, the U.S. Securities and Exchange Commission (SEC) began enforcing new cybersecurity disclosure rules. This pushed C-level executives and boards to adopt measures for compliance and transparency. In this post, we look at the enforcement actions the SEC has ta...
Cybersecurity Snapshot: What Looms on Cyberland’s Horizon? Here’s What Tenable Experts Predict for 2025
Wondering what cybersecurity trends will have the most impact in 2025? Check out six predictions from Tenable experts about cyber issues that should be on your radar screen in the new year — including AI security, data protection, cloud security … and much more!...
Cybersecurity Snapshot: CISA Hands Down Cloud Security Directive, While Threat from North Korean IT Workers Gets the Spotlight
Check out the new cloud security requirements for federal agencies. Plus, beware of North Korean government operatives posing as remote IT pros. Also, learn how water plants can protect their HMIs against cyberattacks. And get the latest on the U.S. cyber incident response framework; the CIS Benchma...
Web App Scanning 101: What Security Pros Need to Know About CI/CD Pipelines
Git, repositories and pipelines…oh my! We unpack standard practices in the web app development process and provide guidance on how to use Tenable Web Application Scanning to secure your code....
Cybersecurity Snapshot: Telecoms May Face Tougher Regulations After Salt Typhoon Hacks, as Study Finds Cyber Pros More Stressed at Work
The FCC wants stronger cyber regulations for telecoms after cyber espionage breaches. Meanwhile, find out why cyber pros say work has become more difficult. Plus, check out tips to prevent AI-boosted financial fraud. And get the latest on vulnerability management, EU cyber challenges and CIS predict...
New CISA Hardening Guidance Provides Valuable Insights for Network Security Engineers
Recent guidance from CISA and the FBI highlights best practices to monitor and harden network infrastructure. The guidance, published in response to high-profile attacks on telecom infrastructure, is applicable to a wider audience. This blog unpacks important points and explains how Tenable products...
Microsoft Patch Tuesday 2024 Year in Review
Microsoft addressed over 1000 CVEs as part of Patch Tuesday releases in 2024, including 22 zero-day vulnerabilities....
Microsoft’s December 2024 Patch Tuesday Addresses 70 CVEs (CVE-2024-49138)
Microsoft addresses 70 CVEs with 16 rated critical, including one zero-day that was exploited in the wild....