What’s New with CNAPPgoat?
Read about the newest, expanded features in the Tenable Cloud Security open source vulnerable-by-design tool for enhancing your security skills....
The MGM Breach and the Role of IdP in Modern Cyber Attacks
A deep dive into the recent MGM breach and our insights into the actor behind the attack and possible mitigations....
The Azure Metadata Protection You Didn’t Know Was There
Some Azure services have an additional, not widely known, protection mechanism against session token exfiltration....
The Benefits of Cloud Entitlement Management
Cloud identities and entitlements pose grave challenges - learn about the benefits of CIEM solutions and KPIs for measuring them....
The Next Step in the IMDSv1 Redemption Journey
Learn about AWS’s new open source library for enforcing IMDSv2 and Tenable Cloud Security’s new lab for trying it out....
Secure Your AWS EC2 Instance Metadata Service (IMDS)
Read this review of IMDS, an important AWS EC2 service component, to understand its two versions and improve your AWS security....
CNAPPgoat: The Multicloud Open-Source Tool for Deploying Vulnerable-by-Design Cloud Resources
Here’s all you need to know about CNAPPgoat, our open-source project designed to modularly provision vulnerable-by-design components in cloud environments....
An Unexpected Implication of Lambda Privileges
Learn how a combination of AWS service usage and permissions discovered by Tenable Cloud Security may increase risk upon a certain non-compliance....
The Default Toxic Combination of GCP Compute Engine Instances
By default, compute instances in GCP are prone to a toxic combination that you should be aware of, and can avoid and fix....
Shared Responsibility Model in the Cloud
CSPs have embraced a shared responsibility model to define the security responsibilities for different components of the architecture....
Mastering the Art of Kubernetes Security
With Kubernetes’ explosive adoption by the development community comes an urgent need to secure clusters and ensure their compliance effectively....
Uncovering 3 Azure API Management Vulnerabilities – When Good APIs Go Bad
Learn how now-patched Azure API Management service vulnerabilities revealed by our research team enabled malicious actions....
