Exposure Management

A Cybersecurity Context

Exposure Management

Exposure Management in the realm of cybersecurity refers to the proactive identification, assessment, and mitigation of potential security risks & vulnerabilities within an organisation’s digital infrastructure. It is a comprehensive approach that aims to minimise the attack surface and enhance overall security posture.

The Exposure Management Company

Today, approximately 44,000 organisations around the globe rely on Tenable to understand and reduce cyber risk — in the cloud or on-premises, from IT to OT and beyond. Tenable helps organisations to effectively analyse all the data generated from a mixed bag of technologies to make informed decisions on which exposures represent the greatest cyber risk to the organisation.

Learn More

Tenable Comment: CVE-2022-38028: GooseEgg EoP Exploit

The Russia-based threat actor, known as APT28 or Forest Blizzard, has recently been exploiting a vulnerability known as CVE-2022-38028 within the Windows Print Spooler service using a malware called GooseEgg. CVE-2022-38028 represents an elevation of privilege vulnerability which could enable attackers to install additional malware like a backdoor or they could use these elevated privileges to perform lateral movement through the network to discover other systems that hold more sensitive information. Organisations that have not yet applied patches for Print Spooler vulnerabilities, including CVE-2022-38028, as well as related vulnerabilities like CVE-2021-34527 and CVE-2021-1675 (PrintNightmare), are urged to...

Prioritise Foundational Cloud Security Before Leveraging Generative AI

April 16, 2024 | Artificial Intelligence | Exposure Management | Security Awareness

An article around how to prioritise foundational cloud security before leveraging Generative AI.

AI-generated Code: The Fourth Component of Software

March 15, 2024 | Application Security | Exposure Management

There is enormous attention on generative AI (GenAI) and its potential to change software development. While the full impact of GenAI is yet to be known, organisations are ...

Boosting Confidence In Ransomware Recovery

February 7, 2024 | Crisis Management | Exposure Management | Security Awareness

The safeguarding of digital assets is an ongoing, uphill battle. This fight is made harder still by the gaps in cyber resilience policies and the alarming lack of confidence ...

The Kids Aren’t Alright: Vulnerabilities in Edulog Portal Revealed K-12 Student Location Data

January 30, 2024 | Exposure Management | Reports & Predictions

Tenable Research discovered security flaws in a popular transportation management app that allowed access to student location data. While these issues have been fixed, the ...

AI for Cybersecurity: Use With Caution

January 23, 2024 | Artificial Intelligence | Exposure Management | Security Operations

This article discusses the challenges and opportunities that AI poses to cybersecurity, specifically looking into how companies can approach it with caution.

Forescout Uncovers The 5 Riskiest Connected Devices in 2023: IT, IoT, OT, IoMT

July 17, 2023 | Exposure Management | Reports & Predictions

Since 2020, Forescout Research - Vedere Labs has been tracking the riskiest devices on organisations’ networks. In 2020, Forescout released the first Enterprise of Things ...