Tenable blog
CVE-2025-23006: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Reportedly Exploited
Cybersecurity Snapshot: Data Breach Costs Rise, as Ransomware Attacks Fall, Reports Find
IBM’s latest “Cost of a Data Breach Report” finds these data-theft incidents getting more expensive. Plus, the IT-ISAC says that ransomware attacks fell in Q2 due to law-enforcement disruptions of ransomware groups. Meanwhile, check out a Carnegie Mellon comp sci professor’s take on AI system securi...
Tenable Cloud Security To Help Fed Agencies Tackle Cloud Challenges as It Nears FedRAMP Authorization
As federal agencies adopt a cloud-first policy, they face unique challenges in securing cloud infrastructure. Learn how Tenable Cloud Security, which is now FedRAMP "In Process," can help....
EPSS Shows Strong Performance in Predicting Exploits, Says Study from Cyentia and FIRST
Tenable sponsored research from Cyentia and FIRST, which finds that while vulnerability exploitation is highly variable, EPSS is getting stronger in its ability to predict exploitation. ...
Cybersecurity Snapshot: North Korea’s Cyber Spies Hunt for Nuclear Secrets, as Online Criminals Ramp Up AI Use in the EU
Check out a CISA-FBI advisory about North Korean cyber espionage on critical infrastructure orgs. Plus, what Europol found about the use of AI for cybercrime. Meanwhile, the risk concerns that healthcare leaders have about generative AI. And a poll on water plant cybersecurity. And much more!...
ConfusedFunction: A Privilege Escalation Vulnerability Impacting GCP Cloud Functions
Organizations that have used Google Cloud Platform’s Cloud Functions – a serverless execution environment – could be impacted by a privilege escalation vulnerability discovered by Tenable and dubbed as “ConfusedFunction.” Read on to learn all about the vulnerability and what your organization needs ...
Tenable’s Software Update Process Protects Customers’ Business Continuity with a Safe, Do-No-Harm Design
With the unprecedented tech outages experienced by so many of our customers over the last week, we recognize the need for deeper understanding of our software development processes and how they support global business continuity. In this blog post, we’ll outline how Tenable’s comprehensive approach ...
If You Only Have Five Minutes, Here’s CNAPP in a Snap (But We Have an eBook, Too)
If you’re a bit puzzled by all the talk about cloud native application protection platforms (CNAPPs), worry not. Our new eBook “Empower Your Cloud: Mastering CNAPP Security” explains in plain English what CNAPP is, how it works and why it’ll help you secure your cloud environment confidently. Read o...
Improving Your Cloud Security Using JIT Access for Sensitive SaaS Applications
Using just-in-time controls to secure access to your SaaS applications will reduce your cloud attack surface by avoiding permanent access and enforcing least privilege....
How To Do a Security Audit of Pimcore Enterprise Platform
Our new research paper gives you a roadmap for using Pimcore's features while preserving security....