How to Talk to Your Boss About Zero Trust
September 20, 2021A recent Executive Order from the Biden Administration put zero trust architecture in the spotlight. When your top execs come asking about it, here's what you need to know. President Joseph R. Biden'...
How to Talk to the Board About Zero Trust
September 9, 2021Framing zero trust as a cybersecurity strategy for reducing business risk is a surefire way to get your executive leadership to take notice. It's no secret that CISOs and other cybersecurity leaders ...
How to Establish Cyber Resilience with Policy as Code
August 10, 2021When it comes to cloud native architecture, the one constant we can count on is change. Complex systems need a comprehensive, proactive security approach, and that is where Policy as Code (PaC) comes ...
Unpacking the U.S. National Security Memorandum on Improving Cybersecurity for Critical Infrastructure
August 4, 2021Recent activity from the Biden Administration represents a watershed moment in the establishment of baseline standards for preparing, mitigating and responding to attacks that impact the critical infr...
Focus on the Fundamentals: 6 Steps to Defend Against Ransomware
July 21, 2021Ransomware is the monetization of poor cyber hygiene. Here are 6 steps you can take to improve your security defenses. Ransomware attacks have become a boardroom issue for nearly every organization...
False Negatives in Attack Surface Mapping
June 10, 2021Attack surface mapping tools can miss assets for a wide variety of reasons. Here we list 15 such scenarios, including a broken DNS server, the use of round-robin DNS and ephemeral infrastructure.
A Powerful Tenable.asm Feature: HTML Search
June 7, 2021Find out why Tenable.asm’s HTML search capability is so practical and powerful, as it offers nearly infinite flexibility to build whatever search you need to and report on it expeditiously.
Zero Days Do Not Wait for CVEs
June 3, 2021Learn why an attack surface map can provide invaluable and unique help in detecting zero day vulnerabilities.
The Right Way to do Attack Surface Mapping
May 21, 2021The key to mapping out your attack surface accurately is to scan all of your organization's assets, develop an asset inventory list and find shadow IT.
Passive DNS Is the Wrong Way To Do Attack Surface Mapping
May 13, 2021When identifying a corporate attack surface, passive DNS can be useful but it won’t be comprehensive by itself, so it should be part of a more holistic program.
Primary Group ID Attack in Active Directory: How to Defend Against Related Threats
April 27, 2021The Primary Group ID in Active Directory, created to help manage access to sensitive resources, has become a critical vulnerability that attackers can exploit to escalate privileges without leaving a ...
How to Stop the Kerberos Pre-Authentication Attack in Active Directory
April 27, 2021Here’s a look at how to safeguard your Active Directory from the known roasting attack on Kerberos Pre-Authentication.As part of the Kerberos authentication process in Active Directory, there is an in...