Spotlight on India: A Perimeter-less Workplace Introduces More Risk
India's plans for hybrid work models in the next 12-24 months are outpacing the speed of security in India. Find out where organizations need to place their focus to secure the new world of work. The rapid deployment of new technologies to facilitate remote work heightened the level of risk for Ind...
Spotlight on Australia: Remote Work is Here to Stay and So are Cyberattacks
Snap lockdowns are making remote work models a permanent feature — and leaving organisations more exposed to risk. Find out how the floodgates for cyberattacks have opened in Australia. As many Australians grapple with long stints of remote work due to snap lockdowns, it's looking more certai...
An Introduction to “Scan Everything”
A “scan everything” approach tests and triages every asset to understand your organization’s risk and how to reduce risk quickly and efficiently. ...
How to Talk to Your Boss About Zero Trust
A recent Executive Order from the Biden Administration put zero trust architecture in the spotlight. When your top execs come asking about it, here's what you need to know. President Joseph R. Biden's May 12 Executive Order on Improving the Nation's Cybersecurity brought renewed interest in zero tr...
How to Talk to the Board About Zero Trust
Framing zero trust as a cybersecurity strategy for reducing business risk is a surefire way to get your executive leadership to take notice. It's no secret that CISOs and other cybersecurity leaders struggle to communicate with executive management and boards of directors in a language they can und...
How to Establish Cyber Resilience with Policy as Code
When it comes to cloud native architecture, the one constant we can count on is change. Complex systems need a comprehensive, proactive security approach, and that is where Policy as Code (PaC) comes into play. Policy as Code takes the policies that are most important to your organization, codifi...
Unpacking the U.S. National Security Memorandum on Improving Cybersecurity for Critical Infrastructure
Recent activity from the Biden Administration represents a watershed moment in the establishment of baseline standards for preparing, mitigating and responding to attacks that impact the critical infrastructure we all rely on. On July 28, the Biden Administration issued the National Security Memora...
How Risk-based Vulnerability Management Can Help Address the Most Commonly Exploited Vulnerabilities Today
Tenable's analysis of the 29 vulnerabilities highlighted in a recent CISA alert reveals key differences between CVSS and our Vulnerability Priority Rating.Attackers continue to exploit known and prevalent vulnerabilities. Last year, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) an...
Focus on the Fundamentals: 6 Steps to Defend Against Ransomware
Ransomware is the monetization of poor cyber hygiene. Here are 6 steps you can take to improve your security defenses. Ransomware attacks have become a boardroom issue for nearly every organization. In 2020 alone, there were more than 300 million ransomware attacks recorded, an increase of more t...
False Negatives in Attack Surface Mapping
Attack surface mapping tools can miss assets for a wide variety of reasons. Here we list 15 such scenarios, including a broken DNS server, the use of round-robin DNS and ephemeral infrastructure....
A Powerful Tenable.asm Feature: HTML Search
Find out why Tenable.asm’s HTML search capability is so practical and powerful, as it offers nearly infinite flexibility to build whatever search you need to and report on it expeditiously....
Zero Days Do Not Wait for CVEs
Learn why an attack surface map can provide invaluable and unique help in detecting zero day vulnerabilities....