Tenable blog
Oracle January 2025 Critical Patch Update Addresses 186 CVEs
Spotlight on Australia: Remote Work is Here to Stay and So are Cyberattacks
Snap lockdowns are making remote work models a permanent feature — and leaving organisations more exposed to risk. Find out how the floodgates for cyberattacks have opened in Australia. As many Australians grapple with long stints of remote work due to snap lockdowns, it's looking more certai...
An Introduction to “Scan Everything”
A “scan everything” approach tests and triages every asset to understand your organization’s risk and how to reduce risk quickly and efficiently. ...
How to Talk to Your Boss About Zero Trust
A recent Executive Order from the Biden Administration put zero trust architecture in the spotlight. When your top execs come asking about it, here's what you need to know. President Joseph R. Biden's May 12 Executive Order on Improving the Nation's Cybersecurity brought renewed interest in zero tr...
CVE-2021-38647 (OMIGOD): Critical Flaw Leaves Azure Linux VMs Vulnerable to Remote Code Execution
Agents installed by default on Azure Linux virtual machines are vulnerable to a remote code execution flaw that can be exploited with a single request. Background On September 14, researchers at Wiz disclosed a set of four vulnerabilities in Microsoft’s Open Management Infrastructure (OMI), an ope...
Security Defined As Code - Why Tenable has entered into an agreement to acquire Accurics
Tenable has entered into an agreement to acquire Accurics. Learn more....
How to Talk to the Board About Zero Trust
Framing zero trust as a cybersecurity strategy for reducing business risk is a surefire way to get your executive leadership to take notice. It's no secret that CISOs and other cybersecurity leaders struggle to communicate with executive management and boards of directors in a language they can und...
How to Establish Cyber Resilience with Policy as Code
When it comes to cloud native architecture, the one constant we can count on is change. Complex systems need a comprehensive, proactive security approach, and that is where Policy as Code (PaC) comes into play. Policy as Code takes the policies that are most important to your organization, codifi...
Access Keys: An Unintended Backdoor-by-Design to Azure Storage Accounts Data
Learn the importance of understanding the assignments of Azure resource roles when giving permissions....
Unpacking the U.S. National Security Memorandum on Improving Cybersecurity for Critical Infrastructure
Recent activity from the Biden Administration represents a watershed moment in the establishment of baseline standards for preparing, mitigating and responding to attacks that impact the critical infrastructure we all rely on. On July 28, the Biden Administration issued the National Security Memora...
