by Jeffrey Man on November 18, 2014
In a new article on BetaNews, Tenable’s Jeffrey Man discusses the viability of cybersecurity insurance for companies that experience payment card breaches. “Is cyber insurance your last line of defense?” examines the impact of litigation on retailer liability and PCI compliance.
by Marcus J. Ranum on November 14, 2014
Continuing his blog series on SecurityWeek, Tenable’s Marcus Ranum discusses the challenges in presenting and comparing system metrics. Metrics should be normalized and placed in context for effective communication.
by Ron Gula on November 13, 2014
In a recent post in Wired’s Innovation Insights blog, Ron Gula explains why continuous monitoring is needed as preventive healthcare to protect today’s IT landscape.
by Gavin Millard on November 12, 2014
The latest Patch Tuesday from Microsoft (November 11, 2014) includes fixes for some major vulnerabilities, including remote code execution bugs affecting core Windows components and Internet Explorer.
by Ken Bechtel on November 7, 2014
This week, the industry press is reporting a resurgence of older malware threats with new capabilities. And as usual, the press is making the threats sound like the end of the Internet as we know it. While both threats are serious, there is no need to panic.
by Marcus J. Ranum on November 7, 2014
At a recent conference, I heard a security practitioner blame a couple of users for being dummies who click on everything. He then said, “At a certain point, it's reasonable to blame the user.
by Ron Gula on November 6, 2014
In today’s security environment, with highly motivated cyber attackers employing increasingly sophisticated techniques to break through commonly deployed defenses, just one skillful intruder can infiltrate your systems with one carefully crafted attack path to a relat
by Eileen Bator on October 28, 2014
In a pioneering cooperative effort, several industry security leaders, including Tenable, have been working on a project led by Novetta Solutions to investigate, report on, and take action against the major threat actor group dubbed “Axiom.” According to No