Tenable Cloud Security Now Supports the Generation of Pull Requests for Remediation Suggestions
January 18, 2024The new capability is designed to make it more efficient for security teams to pass remediation recommendations on to the infrastructure team to implement. Here’s how it works.
Beyond the Horizon: Top 5 Cloud Security Trends to Watch in 2024
January 16, 2024Generative AI will undoubtedly boost organizations’ cybersecurity capabilities. However, cybersecurity departments will reap few gains from generative AI without first enforcing solid cloud security principles. In this blog, we explain the top cloud security trends that organizations must track – and adapt to – this year in order to maintain a robust cloud security posture.
Exfiltrated, Signed, Delivered – What Can Go Wrong When an Amazon Elastic Compute Cloud (EC2) Instance is Exposed to SSRF
October 4, 2023Using CNAPPgoat, you can now experiment with a technique that leverages exposure to SSRF to trigger calls to AWS services from within an Amazon EC2 instance.
Building Custom Scenarios with CNAPPgoat
September 27, 2023You can now construct and import your own vulnerability scenarios into CNAPPgoat, enhancing your cloud security skills.
What’s New with CNAPPgoat?
September 23, 2023Read about the newest, expanded features in the Tenable Cloud Security open source vulnerable-by-design tool for enhancing your security skills.
The MGM Breach and the Role of IdP in Modern Cyber Attacks
September 21, 2023A deep dive into the recent MGM breach and our insights into the actor behind the attack and possible mitigations.
The Azure Metadata Protection You Didn’t Know Was There
September 11, 2023Some Azure services have an additional, not widely known, protection mechanism against session token exfiltration.
The Benefits of Cloud Entitlement Management
August 30, 2023Cloud identities and entitlements pose grave challenges - learn about the benefits of CIEM solutions and KPIs for measuring them.
The Next Step in the IMDSv1 Redemption Journey
August 17, 2023Learn about AWS’s new open source library for enforcing IMDSv2 and Tenable Cloud Security’s new lab for trying it out.
Secure Your AWS EC2 Instance Metadata Service (IMDS)
August 8, 2023Read this review of IMDS, an important AWS EC2 service component, to understand its two versions and improve your AWS security.
CNAPPgoat: The Multicloud Open-Source Tool for Deploying Vulnerable-by-Design Cloud Resources
August 2, 2023Here’s all you need to know about CNAPPgoat, our open-source project designed to modularly provision vulnerable-by-design components in cloud environments.
An Unexpected Implication of Lambda Privileges
July 4, 2023Learn how a combination of AWS service usage and permissions discovered by Tenable Cloud Security may increase risk upon a certain non-compliance.