This month we talked to Tenable’s director of research product management Ray Carney and Eric Hoffman, director of partnerships and alliances at Greynoise, about the formation of a new

After we discussed the concept of Exposure Management on our last podcast, this time we welcome back Tenable’s senior principal security advocate Nath...

The concept of Exposure Management has become more and more prominent in recent months, as users understand how much they are exposed to attack, how they can protect their assets and what it takes to achieve a level of compliance.

In the field of responsible disclosure, a policy of 90 days to publicly disclose vulnerabilities has been created by industry. This time period should allow the researcher to disclose the vulnerability to the recipient company, giving them time...

In the first few months of 2022, the LAPSUS$ Group made a major splash in the cybersecurity headlines as it conducted a series of attacks on the likes of Nvidia, Microsoft and Okta. However a few months later, they had disappeared and arrests w...

Beyond the success of its impact, a lucrative criminal ecosystem has been developed for ransomware. This has seen ransomware-as-a-service (RaaS) creating an ecosystem utilizing multiple players, while the concept of double extortion has emerged...

This month we talk to Tenable research manager Scott Caveza about three recent patching stories, where F5 and Microsoft offered fixes in a regular cycle, and how Amazon Web Services released hot patches to repair earlier vulnerabilities in fixe...

On this edition of the podcast, we look at the conversation around operational technology (OT) and attacks on critical infrastructure, as we mark a year since the Colonial Pipeline incident. We’re joined by Tenable’s VP of operational technolog...

This month we take a deep dive into the most recent Java related vulnerability, and ask what the situation was with this, how it got confused with another vulnerability, and how significant it is to the wider threat landscape - or was i...

Have you ever sat in the audience at a conference, watched a video of a presentation, or listened to an interview on a podcast or TV, and seen a researcher and thought ‘how do I get to do that?’Tenable now has a wide selection...

This month we look at newly-released, important-rated patches from Microsoft, and a new blog from Tenable’s Security Response Team where more vulnerabilities from 2021 were discussed, and why they did not make the final top five in our Threa...

This month we talk to Renaud Deraison, outgoing CTO and a co-founder of Tenable, who talks about his time developing Nessus from an open source scanner in 1998 to the development of Tenable over the past 20 years, and what the future looks like...

This month we look at new patches released by Cisco, Microsoft and SAP, and while there were some very critical vulnerabilities patched, we also saw Microsoft change tact with a significantly reduced patch bundle and with no critical patches re...

As it is Black History Month in North America in February, we talked to the co-chairs of Black@Tenable, the diversity and inclusion group for African-American employees of Tenable, about the recognition of black leaders in technology, efforts t...

In our first look at the research highlights of 2022, we take a deep dive into Tenable’s 2021 Threat Landscape Retrospective, and look at the incidents, attacks and notable vulnerabilities that made up the past year....

This month we take a look back at the impact of Log4J and how both the industry and Tenable were able to respond to this major incident that affected so many users globally. There are also fresh fixes from SonicWall and ZoHo for ManageEngine...

The recent Binding Operational Directive from CISA will see a number of U.S. government departments receive better instruction on which vulnerabilities need to be patched, and to do so within a six month time frame. <...

This time we’re joined by Tenable’s security strategist Sylvain Cortes, as we look at the types of attacks being targeted at Active Directory, how attackers look to get a foothold into enterprise networks by exploiting AD, and what steps you...

This month we look at patches from Apache and VMware, an example of very rapid response to a researcher’s findings, and another quiet month from Microsoft’s Patch Tuesday, with guests Claire Tills and Satnam Narang from Tenable's Security Re...

This month we review new blogs from Tenable’s Security Response Team on a vulnerability in Atlassian’s Confluence Server, review what made cybersecurity say “OMIGOD” and look at another light load of patches from Microsoft. We also look at new ...

On this edition of the Research podcast, we talk to Satnam Narang and Claire Tills about the Security Response Team’s recent research blog around SSL VPN vulnerabilities. That blog looked back at how three particular flaws in major VPNs are fre...

This month we look at new blogs from Tenable’s security response team, including on a year of Zerologon, vulnerabilities in Microsoft Exchange Servers and Pulse Secure, and a widely spread flaw in wifi routers which could affect thousands of...

As the first major security conference prepares to take place, Tenable's chief security strategist Nathan Wenzler talks to Dan Raywood about what the conference scene could look like going forward, what people can expect from the experience and...

In this episode we talk to security researchers Claire Tills and Satnam Narang on a busy month in cybersecurity headlines, from an MSP facing a major ransomware situation, to Microsoft’s attempts to keep up with the PrintNightmare issue, and...

Welcome back to the Tenable Research Podcast. In this new episode we look back at June’s Microsoft patches, and ask Tenable staff research engineer Satnam Narang what he feels the reasons are for the number of patches generally decreasing bo...