Tenable blog
Microsoft’s March 2025 Patch Tuesday Addresses 56 CVEs (CVE-2025-26633, CVE-2025-24983, CVE-2025-24993)
How to Operationalize a Cloud Security Solution
How to successfully operationalize your cloud security solution in 4 easy steps — and why fast and effective operationalization matters....
VMware Patches Multiple Vulnerabilities in Workspace ONE, Identity and Lifecycle Manager and vRealize (VMSA-2022-0011)
VMware cautions organizations to patch or mitigate several serious vulnerabilities across multiple products....
Securing Critical Infrastructure: It's Complicated
In his testimony before the U.S. House Committee on Homeland Security on April 5, Amit Yoran, Tenable’s chairman and CEO, highlighted real-world challenges and offered guidance on how government can help....
Spring4Shell (CVE-2022-22965) FAQ: Spring Framework Remote Code Execution Vulnerability
A list of frequently asked questions related to Spring4Shell (CVE-2022-22965)....
CVE-2022-22948: VMware vCenter Server Sensitive Information Disclosure Vulnerability
Researchers disclose a moderate severity vulnerability in VMware vCenter Server that can be used in an exploit chain with other vCenter Server flaws to take over servers....
Cr8escape: How Tenable Can Help (CVE-2022-0811)
CrowdStrike discloses container escape vulnerability affecting CRI-O for Kubernetes. Here’s how Tenable.cs can help you detect vulnerable pods. Background On March 15, CrowdStrike published technical details and a proof-of-concept for CVE-2022-0811, a vulnerability they have named cr8escape, i...
ContiLeaks: Chats Reveal Over 30 Vulnerabilities Used by Conti Ransomware – How Tenable Can Help
Private messages between Conti members uncover invaluable information about how the infamous ransomware group hijacks victims’ systems. Leaked internal chats between Conti ransomware group members offer a unique glimpse into its inner workings and provide valuable insights, including details on o...
Access Undenied on AWS
Introducing our new open-source tool: Access Undenied on AWS. The tool parses AWS AccessDenied CloudTrail events, explains the reasons for them and offers actionable fixes....
Behind the Scenes: How We Picked 2021’s Top Vulnerabilities – and What We Left Out
The 2021 Threat Landscape Retrospective explored the top five vulnerabilities of the year. Learn about other high-impact vulnerabilities that nearly made our list. When putting together the Threat Landscape Retrospective (TLR) for 2021, the Security Response Team had a particularly difficult chal...