Tag: Tenable
Critical Microsoft GitHub Flaw Highlights Dangers to CI/CD Pipelines: Tenable
Jeff Burt | | Aqua Security Trivy, CI/CD cyberthreats, exposed secrets, GitHub Actions, IANS Research, malicious code, microsoft, OWASP Top 10, remote code execution, software development security, software supply chain attacks, software vulnerabilities, TenableA critical vulnerability in a popular Microsoft GitHub repository could allow a threat actor to easily exploit its CI/CD infrastructure to run arbitrary code in the repository and gain access to secrets, ...
Malicious NPM Package Gets Downloaded 50K Times Before Discovery
A malicious package downloaded approximately 50,000 times from a node package manager (npm) is providing an object lesson for adopting more DevSecOps best practices. Security researchers from Tenable discovered a “ambar-src” package ...
Patch or Perish: The Brutal Truth About Vulnerability Management in 2025
Samuel Ogbonna | | Active Risk AI, AI-powered VM, attack surface management, breach costs, Cisco VM, continuous monitoring, CVEs 2025, cybersecurity best practices, delayed patching, exploit prediction, IBM data breach report, Kenna Security, machine learning risk scoring, patch management, predictive prioritization, Rapid7, remediation automation, risk-based prioritization, Tenable, threat-aware prioritization, unpatched vulnerabilities, Vulcan Cyber, vulnerability management, vulnerability scanningVulnerability management in 2025 is overwhelmed by escalating CVEs and costly breaches; organizations must shift from slow, manual patching to continuous, risk-based, AI-powered remediation to stay secure ...
Tenable Allies With Datadog to Drive DevSecOps
Mike Vizard | | APIs, datadog, devsecops, partnership, security data, Tenable, vulnerability scanningDatadog and Tenable have teamed up to enable organizations to adopt best DevSecOps processes. Tenable CTO Renaud Deraison said his company is making the cybersecurity data it gathers via its Nessus vulnerability ...
