Tenable Blog
SubscribeElon Musk and SNL: Scammers Steal Over $10 Million in Fake Bitcoin, Ethereum and Dogecoin Crypto Giveaways
These Are the Building Blocks of Effective Vulnerability Management
High-performing cybersecurity teams base their actions and investments on actual risk to the business — not theoretical scores or news headlines. If you're like most cybersecurity professionals I tal...
The Path to Zero Trust: Is it Time to Rethink What We're Calling a Vulnerability?
Reconsidering how we define "vulnerability" is more than a thought exercise. It could represent a sea change in how organizations manage risk. For most of us in cybersecurity, the definition of "vulne...
Microsoft’s May 2021 Patch Tuesday Addresses 55 CVEs (CVE-2021-31166)
After crossing the 100 CVEs patched mark for the first time in April, Microsoft patched just 55 CVEs in May, the lowest number of CVEs patched this year. 4Critical 50Important 1Moderate 0Low Microsoft...
GitHub’s Role in, and Responsibility to, the Security Community
GitHub's decision to remove the ProxyLogon exploit proof-of-concept from its platform put security researchers at a disadvantage even as attackers continued to exploit the vulnerabilities en masse. Gi...
Colonial Pipeline Ransomware Attack: How to Reduce Risk in OT Environments
It's time for Operational Technology (OT) environments to pursue a more proactive approach to cybersecurity by making cyber maintenance as much of a routine practice as the mechanical maintenance of s...
Open Banking Is the Future: 5 Ways to Secure Your Network
The sharing of financial data across applications is changing how consumers save, manage and spend their money. Here's how financial institutions can secure the next generation of banking. Open bankin...
Disrupting the Pervasive Attacks Against Active Directory and Identities
Securing Active Directory and the identity infrastructure is critical for preventing privilege escalation, lateral movement and attacker persistence. As we look deeper into recent high-profile breache...
Disrupting Attack Paths: Why Tenable's Acquisition of Alsid Matters
This acquisition allows us to combine Tenable's ability to assess the state of the digital infrastructure with Alsid's ability to assess the state of Active Directory, helping security professionals a...
How to Migrate to Office 365 the Secure Way
Looking to extend your Active Directory to the cloud? This guide explores options for securely migrating your on-prem identities and access controls to Office 365. Cloud computing offers lower costs,...
The Top 10 Active Directory Security Questions CISOs Must Ask
Active Directory has become the primary target for advanced cyberattacks and ransomware groups. Here's what you should consider when evaluating security vendors. For more than 20 years, Active Directo...
Insider Threats in Active Directory: How to Safeguard Privileged and Non-Privileged User Accounts
In this post, we define privileges related to Active Directory and highlight the key security risks of internal privileged and non-privileged user groups. What do we mean by “privileges”? For the purp...
Primary Group ID Attack in Active Directory: How to Defend Against Related Threats
The Primary Group ID in Active Directory, created to help manage access to sensitive resources, has become a critical vulnerability that attackers can exploit to escalate privileges without leaving a...