Overcoming your pain-proven strategies for grief recovery Coping with loss is difficult, but that doesn't mean you have to suffer alone. Based on the proven-effective acceptance and commitment therapy (ACT) treatment, Moving Through Grief provides simple and effective techniques to help you get unstuck and start living a rich and fulfilling life again, loss and all. ACT is all about embracing what hurts and committing to actions that will improve and enrich your life. Whether you're dealing with the loss of a loved one, your health, home, or even career, Moving Through Grief provides you with creative exercises that will help you work through your pain and reconnect with the things you love. In Moving Through Grief, you will learn: - How you can show up for your life and experience joy and satisfaction again, even as you work through the pain of your loss -Ddiscover how the six tools of ACT-values, committed action, acceptance, being present, cognitive diffusion, and self-as-context-can ease your pain and aid with the healing process - And make real progress towards feeling like yourself again with straightforward exercises, like identifying your values and setting realistic goals. Find out how ACT can change the way you relate to your pain with Moving Through Grief.

Western Jane Candia Coleman is a natural storyteller whose characters come from the lands between the southwestern valleys of Arizona and the Gila Mountains of New Mexico. The night Billy the Kid died is hauntingly depicted in Corrido for Billy. Lady Flo is a memoir, based on historical fact, of the black wife of an Irish nobleman. Moving On depicts a young girl abandoned by her family who finds her way with an itinerant Jewish peddler. And Are You Coming Back, Phin Montana? is the winner of the 1995 Spur Award for Best Western Short Fiction. Each story embodies the finest elements of Western fiction imitations of hope, vulnerability, and courage.

In this groundbreaking book, authors Russell Friedman and John W. James show listeners how to move on from their unsuccessful past relationships and finally find the love of their lives. Demonstrating revolutionary ideas that have worked for thousands of their clients at the Grief Recovery Institute, Friedman and James give listeners the strategies they need to effectively mourn the loss of the relationship, while opening themselves up to love in the future. With compassionate guidance, Friedman and James help listeners to close a chapter of their romantic past so that they can be ready to begin again.

A young man travels to Trinidad to reconnect with a transgender parent, uncovering the complex realities of love and family. Jonathan Lewis-Adey was nine when his parents separated, and his mother, Sid, vanished entirely from his life. It is not until he is a grown man that Jonathan finally reconnects with his beloved lost parent, only to find, to his shock and dismay, that the woman he knew as "Sid" in Toronto has become an elegant man named Sydney living in his native Trinidad. For nine years, Jonathan has paid regular visits to Sydney on his island retreat, trying with quiet desperation to rediscover the parent he adored inside this familiar stranger, and to overcome his lingering confusion and anger at the choices Sydney has made. At the novel's opening, Jonathan is summoned urgently to Trinidad where Sydney, now aged and dying, seems at last to offer him the gift he longs for: a winding story that moves forward sideways as it reveals the truths of Sydney's life. But when and where the story will end is up to Jonathan, and it is he who must decide what to do with Sydney's haunting legacy of love, loss, and acceptance.

The mysterious prophecy that has shaped the life of Kelvin Knight Hackleberry and his family seems nearly to have run its course. The Two Kingdoms that were joined by Kelvin to form Kelvinia have now been united with three others, to make a great confederation under the rule of the young twin kings, Kildom and Kildee. Kelvin has earned some time to rest with his family. Charles and Merlain are now twenty years old, and so is Dragon Horace, their brother who is the Great King of all the land. But the clouds of the last battle are gathering. The evil Professor DeVale and his witch servant Zady had been foiled in their attempt to destroy Kelvin by using his children--their evil plot has led to a stronger, more peaceful land under its rightful rulers. Now they will try one last time to pervert all that is good in the universe of the frames--and although the Prophecy of Mouvar has been accurate up to now, still there is a chance that evil will prevail.

It is a blustery spring day, and Mouse and Mole are very excited. They are going to go bird watching and plan to make bird books. It turns out, birds are not so easy to watch. Together, they come up with a plan to get closer to the birds.

Often hailed as the heir apparent to Wallace Stegner, Ivan Doig is among the finest chroniclers of the contemporary American West. In Mountain Time, Lexa McCaskell and Mitch Rozier leave their Seattle home to visit Mitch's dying father in Montana. There Mitch clashes with both Lexa and his father as events from the past are explored and difficult memories resurface. "Mountain Time will not dissuade those who rank Doig among the best living American writers."-San Francisco Chronicle

When Christy travels alone to a nearby mountain, she vows to discover the truth behind the terrifying legend of a strange mountain creature. But what she finds seems worse than anything she could ever have imagined!

Join Motor Mouse on three hilarious adventures in this irresistible start to a brand-new series from the creators of Gooseberry Park and the Mr. Putter and Tabby books! Motor Mouse is a busy little mouse, between driving his delivery car, eating cake, and visiting with friends. Come along with him on his adventures! In "The Friday Cake Day," Motor Mouse and his friend Telly have been looking forward all week to their Friday tradition of eating cake. But when Friday arrives, the Cake Shop is closed. This is not acceptable! Could a friendly hedgehog help them with their predicament? In "Going For a Look-About," Motor Mouse decides that instead of driving, he'd like to go for a look-about as a passenger instead. So he hires a cab to take him to places that bring back good memories of old friends. But is a brand-new friend right in front of him? In "Front Row at the Picture Show," Motor Mouse and his brother, Vincent, are going to a movie. Vincent always insists on getting a large bucket of popcorn to share, since it's a better deal than two small buckets. But he always hogs it! What is Motor Mouse to do? This sweet and funny trio of stories is sure to have young readers wanting to visit with Motor Mouse again and again.

Tenable®, the exposure management company, today announced new data security posture management (DSPM) and artificial intelligence security posture management (AI-SPM) capabilities for Tenable Cloud Security, the actionable cloud security solution. By extending exposure management capabilities to cloud data and AI resources, Tenable Cloud Security reduces risk to two of the biggest emerging threats.

Today’s cloud environments are more complex than ever. The challenge of managing this complexity has led to preventable security gaps caused by misconfigurations, risky entitlements and vulnerabilities, leaving sensitive data and AI resources vulnerable. In fact, Tenable Research found that 38% of organizations are battling a toxic cloud trilogy – cloud workloads that are publicly exposed, critically vulnerable and highly privileged. 

Tenable Cloud Security exposes risk from across hybrid and multi-cloud environments, including vulnerabilities, misconfigurations and excess privilege, that affects data and AI resources. Integrating DSPM and AI-SPM into Tenable Cloud Security enables users to automatically discover, classify and analyze sensitive data risk with flexible, agentless scanning. With Tenable Cloud Security’s intuitive user interface, security leaders can easily answer tough questions – such as “What type of data do I have in the cloud and where is it located?,” “What AI resources are vulnerable and how do I remediate the issue?” and “Who has access to my sensitive cloud and AI data?”

“Data is constantly on the move and new uses for data in today’s AI-driven world have created new risks,” said Liat Hayun, vice president of product management for Tenable Cloud Security. “DSPM and AI-SPM capabilities from Tenable Cloud Security bring context into complex risk relationships, so teams can prioritize threats based on the data involved. This gives customers the confidence to unlock the full potential of their data without compromising security.”

“The importance of cloud data has made communicating data exposure risk one of the biggest security challenges for CISOs,” said Philip Bues, senior research manager, Cloud Security at IDC. “Tenable is at the forefront of this emerging DSPM-CNAPP conversation, enabling customers to contextualize and prioritize data risk and communicate it, which is pertinent to almost every domain in CNAPP.”

AI-SPM features enable customers to confidently forge ahead with AI adoption by enforcing AI and machine learning configuration best practices and securing training data. With the combined power of AI-SPM and Tenable Cloud Security’s market-leading cloud infrastructure entitlement management (CIEM) and Cloud Workload Protection (CWP) capabilities, customers can manage AI entitlements, reduce exposure risk of AI resources, and safeguard critical AI and machine learning training data to ensure data integrity. 

Available to all Tenable Cloud Security and Tenable One customers, these new features enable customers to:

• Gain complete visibility and understanding of cloud and AI data - Tenable Cloud Security continuously monitors multi-cloud environments to discover and classify data types, assign sensitivity levels and prioritize data risk findings in the context of the entire cloud attack surface. 
• Effectively prioritize and remediate cloud risk - Backed by vulnerability intelligence from Tenable Research, context-driven analytics provides security teams with prioritized and actionable remediation guidance to remediate the most threatening cloud exposures.
• Proactively identify cloud and AI data exposure - Unique identity and access insights enable security teams to reduce data exposure in multi-cloud environments and AI resources by monitoring how data is being accessed and used and detect anomalous activity. 

Join the upcoming Tenable webinar, “Know Your Exposure: Is Your Cloud Data Secure in the Age of AI?” on October 22, 2024 at 10 am BST and 11 am ET, by registering here. 

Read today’s blog post, “Harden your cloud security posture by protecting your cloud data and AI resources” here. 

With a Net Promoter Score of 73, Tenable Cloud Security helps customers around the world expose and close priority threats. More information about DSPM and AI-SPM capabilities available in Tenable Cloud Security is available at: https://www.tenable.com/announcements/dspm-ai-spm

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for approximately 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, the exposure management company, today announced that it has been ranked first for 2023 worldwide market share for device vulnerability management in the IDC Worldwide Device Vulnerability Management Market Shares (doc #US51417424, July 2024) report. This is the sixth consecutive year Tenable has been ranked first for market share.

According to the IDC market share report, Tenable is ranked first in global 2023 market share and revenue. Tenable credits its success to its strategic approach to risk management, which includes a suite of industry-leading exposure management solutions that expose and close security gaps, safeguarding business value, reputation and trust. The Tenable One Exposure Management Platform, the world’s only AI-powered exposure management platform, radically unifies security visibility, insight and action across the modern attack surface – IT, cloud, OT and IoT, web apps and identity systems.

According to the IDC market share report, “The top 3 device vulnerability management vendors remained the same in 2023 as previous years, with Tenable once again being the top vendor.”

The report highlighted Tenable’s use of generative AI, noting, “ExposureAI, available as part of the Tenable One platform, provides GenAI-based capabilities that include natural language search queries, attack path and asset exposure summaries, mitigation guidance suggestions, and a bot assistant to ask specific questions about attack path results.”

Tenable’s latest innovations in the vulnerability management market – Vulnerability Intelligence and Exposure Response – were also highlighted in the report, stating, “Vulnerability Intelligence provides dynamic vulnerability information collected from multiple data sources and vetted by Tenable researchers, while Exposure Response enables security teams to create campaigns based on risk posture trends so remediation progress can be monitored internally.”

The report also spotlighted the Tenable Assure Partner Program and MDR partnerships, noting, “Tenable has made more of a strategic effort to recruit managed security service providers (SPs) and improve the onboarding experience for them, as well as their customers. Managed detection and response (MDR) providers have been adding proactive exposure management because it helps shrink the customer attack surface, helping them provide better outcomes. Sophos and Coalfire are recently announced partners adding managed exposure management services to their MDR and pen testing services, respectively.”

“At Tenable, we build products for a cloud-first, platform centric world, meeting customers' evolving risk management needs,” said Shai Morag, chief product officer, Tenable. “We leverage cutting edge technology, innovating across our portfolio to help customers know, expose and close priority security gaps that put businesses at risk.” 

"The device vulnerability management market is characterized by a focus on broader exposure management, with a number of acquisitions to round out exposure management portfolios," said Michelle Abraham, senior research director, Security and Trust at IDC. "Vendors are advised to enhance their offerings with additional security signals and automated remediation workflows to stay competitive in this evolving landscape."

To read an excerpt of the IDC market share report, visit https://www.tenable.com/analyst-research/idc-worldwide-device-vulnerability-management-market-share-report-2023 

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, the exposure management company, today released its 2024 Tenable Cloud Risk Report, which examines the critical risks at play in modern cloud environments. Most alarmingly, nearly four in 10 organizations globally are leaving themselves exposed at the highest levels due to the “toxic cloud trilogy” of publicly exposed, critically vulnerable and highly privileged cloud workloads. Each of these misalignments alone introduces risk to cloud data, but the combination of all three drastically elevates the likelihood of exposure access by cyber attackers.

Security gaps caused by misconfigurations, risky entitlements and vulnerabilities combine to dramatically increase cloud risk. The Tenable Cloud Risk Report provides a deep dive into the most pressing cloud security issues observed in the first half of 2024, highlighting areas such as identities and permissions, workloads, storage resources, vulnerabilities, containers and Kubernetes. It also offers mitigation guidance for organizations seeking ways to limit exposures in the cloud.

Publicly exposed and highly privileged cloud data lead to data leaks. Critical vulnerabilities exacerbate the likelihood of incidents. The report reveals that a staggering 38% of organizations have cloud workloads that meet all three of these toxic cloud trilogy criteria, representing a perfect storm of exposure for cyber attackers to target. When bad actors exploit these exposures, incidents commonly include application disruptions, full system takeovers, and DDoS attacks that are often associated with ransomware. Scenarios like these could devastate an organization, with the 2024 average cost of a single data breach approaching $5 million.¹ 

Additional key findings from the report include: 

• 84% of organizations have risky access keys to cloud resources: The majority of organizations (84.2%) possess unused or longstanding access keys with critical or high severity excessive permissions, a significant security gap that poses substantial risk. 
• 23% of cloud identities have critical or high severity excessive permissions: Analysis of Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure reveals that 23% of cloud identities, both human and non-human, have critical or high severity excessive permissions. 
• Critical vulnerabilities persist: Notably, CVE-2024-21626, a severe container escape vulnerability that could lead to the server host compromise, remained unremediated in over 80% of workloads even 40 days after its publishing. 
• 74% of organizations have publicly exposed storage: 74% of organizations have publicly exposed storage assets, including those in which sensitive data resides. This exposure, often due to unnecessary or excessive permissions, has been linked to increased ransomware attacks. 
• 78% of organizations have publicly accessible Kubernetes API servers: Of these, 41% also allow inbound internet access. Additionally, 58% of organizations have cluster-admin role bindings — which means that certain users have unrestricted control over all the Kubernetes environments.

“Our report reveals that an overwhelming number of organizations have access exposures in their cloud workloads of which they may not even be aware,” said Shai Morag, chief product officer, Tenable. “It’s not always about bad actors launching novel attacks. In many instances, misconfigurations and over-privileged access represent the highest risk for cloud data exposures. The good news is, many of these security gaps can be closed easily once they are known and exposed.”

The report reflects findings by the Tenable Cloud Research team based on telemetry from millions of cloud resources across multiple public cloud repositories, analyzed from January 1 through June 30, 2024.

To download the report today, please visit: https://www.tenable.com/cyber-exposure/tenable-cloud-risk-report-2024 

¹ IBM Security Cost of a Data Breach Report 2024

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, Inc. the exposure management company, today announced that Bank of Yokohama, one of the largest of the major regional banks in Japan, has chosen Tenable Identity Exposure to protect its Active Directory and enhance the bank’s ability to protect its internal systems from cyber threats.

Bank of Yokohama, based in Kanagawa Prefecture and Tokyo Metropolitan, is committed to enhancing industry security standards. In 2023, it collaborated with 19 other regional banks to establish CMS-CSIRT, an organization providing mutual cybersecurity support. Unlike megabanks, regional banks often face resource and budget constraints, making such collaborative efforts crucial for implementing effective security programs.

As part of its objectives for FY 2023, the Bank of Yokohama wanted to improve Active Directory (AD) security as it’s the most crucial system in the bank’s intranet. Previously, the bank only applied security patches periodically without any tool or system to detect Active Directory misconfigurations or attacks. Given the evolving threat landscape and rise of attacks involving an identity breach, enhancing the security of Active Directory became a top priority.

“Attackers who have infiltrated an organization's internal system or who wield ransomware and other malware, almost always make a beeline for Active Directory,” said Mr. Akihiro Fushimi, Leader, Concordia Financial Group ICT Governance Department, Security Governance Section and Bank of Yokohama ICT Planning & Promotion Department, Security Governance Section. “They steal user account privileges and elevate them via Active Directory, to enable them to access important data. So, securing Active Directory was an area that we wanted to invest in.”

Bank of Yokohama already used Tenable Security Center for vulnerability management and trusted Tenable's reliability. Selecting Tenable Identity Exposure was an easy decision, with its fast, agentless feature ensuring a seamless deployment process.

The deployment of Tenable Identity Exposure provided the Bank of Yokohama with an in-depth view of its Active Directory. The bank can now accurately identify every AD account, including dormant accounts and machine identities, and understand the potential risks of exploitation by malicious actors due to the multi-functional capabilities of Active Directory. Tenable Identity Exposure detects many of the techniques used in cyber attacks to gain elevated privileges and enable lateral movement, including DCShadow, Brute Force, Password Spraying, Golden Ticket and more.

“Previously, we were under the impression that all we needed to do was to apply patches and manage accounts. Now, with the deployment of Tenable Identity Exposure, we are physically able to see the risk of exploitation. This, I believe, is the positive impact of deploying Tenable Identity Exposure. Its alert functions are comprehensive—it detects vulnerabilities as well as misconfigurations,” said Mr. Shinnosuke Shimada, Bank of Yokohama ICT Planning & Promotion Department, Security, Governance Section.

“Many organizations struggle to maintain proper Active Directory security as their domains grow more complex, often leaving flaws undetected until a major incident occurs. Given the high-profile attacks involving AD in recent years, it's crucial to prioritize AD security within the overall cybersecurity strategy,” said Naoya Kishima, Country Manager, Tenable Japan. “Bank of Yokohama recognizes this need, and we're pleased to support them in their security journey.”

About Tenable
Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

Media contact
Tenable PR
tenablepr@tenable.com 

Tenable®, the exposure management company, today announced the availability of Tenable Enclave Security, a solution that supports the needs of customers operating in highly secure environments, such as those that are classified or otherwise air-gapped. Backed by Tenable Security Center, Tenable Enclave Security protects IT assets and modern workloads with risk assessment and contextual insight so organizations can identify exposures before they cause damage.

Federal agencies face unique security and compliance regulations when deploying cloud solutions, and Tenable Enclave Security is key to supporting public sector customers, as well as commercial organizations with strict data residency, security or privacy requirements. 

Built to support the strictest security requirements, including FedRAMP High and Impact Level 5, Tenable Enclave Security empowers agencies to know, expose and close IT and container exposures from a single, highly secure platform. This consolidated approach also eliminates tool sprawl, reduces costs and boosts efficiency for public sector organizations.

“As a leader in vulnerability management and cloud security and a longtime partner of governments all around the world, we’re perfectly positioned to tap into our expertise and deliver mission critical capabilities to assist government agencies as they transform their IT strategy and safely embrace modern workloads to speed innovation,” said Robert Huber, chief security officer and president, Tenable Public Sector, Tenable. “With Tenable Enclave Security, agencies are now able to gain a fuller understanding of their exposure and risk with the ability to continuously discover, assess and prioritize vulnerabilities across IT assets and container images, all from a single, highly secure framework.”

Tenable Enclave Security will immediately enable organizations to: 

• Meet cloud security and data residency restrictions: Tenable Enclave Security enables customers to meet stringent cloud security and data residency requirements, such as FedRAMP High or Impact Level 5. It can meet customers’ needs wherever they reside, with the ability to be deployed on-prem, in a virtual private cloud or commercial cloud.
• Secure containers before they hit production: As agencies modernize their infrastructure, containers create a more efficient manner to create applications and modernize existing ones. Tenable Enclave Security empowers organizations to quickly assess the risk in their container images, expose their vulnerabilities and understand the breadth of impact.
• Centralize security tools: Unlike siloed solutions with fragmented visibility, Tenable Enclave Security provides protection for IT assets and modern workloads from a single deployment architecture. 

For more information on Tenable Enclave Security, please visit: https://www.tenable.com/products/enclave-security 

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, the exposure management company, today announced the release of AI Aware, advanced detection capabilities designed to rapidly surface artificial intelligence solutions, vulnerabilities and weaknesses available in Tenable Vulnerability Management, the world’s #1 vulnerability management solution. Tenable AI Aware provides exposure insight into AI applications, libraries and plugins so organizations can confidently expose and close AI risk, without inhibiting business operations.

The rapid development and adoption of AI technologies in the past two years has introduced major cybersecurity and compliance risks that organizations must proactively address without established best practices. As a result, cybersecurity teams face significant AI-related challenges, such as vulnerability detection and remediation, containing data leakage and reining in unauthorized AI use. 

According to recent Tenable Research, more than one-third of security teams are finding usage of AI applications in their environment that might not have been provisioned via formal processes. In fact, during a 75-day period between late June and early September, Tenable found over 9 million instances of AI applications on more than 1 million hosts. The cybersecurity risk of unfettered AI usage is compounded by the increasing volume of AI vulnerabilities. Tenable Research has found and disclosed several vulnerabilities in AI solutions, including in Microsoft Copilot, Flowise, Langflow, among others.

With AI Aware, Tenable transforms proactive security for AI solutions. Tenable AI Aware uniquely leverages agents, passive network monitoring, dynamic application security testing and distributed scan engines to detect approved and unapproved AI software, libraries and browser plugins, along with associated vulnerabilities, thereby mitigating risks of exploitation, data leakage and unauthorized resource consumption. The combined depth of these multiple assessment methods delivers the most complete detection of AI in the modern ecosystem. 

[Watch the Tenable AI Aware product demo video here.]

“In an effort to keep pace with the sea change introduced by AI, organizations around the world ran full speed ahead, potentially bypassing countless cybersecurity, privacy and compliance red flags,” said Shai Morag, chief product officer, Tenable. “Perhaps more so than with any other new technology we’ve seen, there are many risk factors to consider, especially with rushed development and deployment. Tenable AI Aware empowers organizations to deploy AI confidently, ensuring their security measures keep pace with the rapid evolution of AI technologies.”

In addition to AI software and vulnerability detection, key AI Aware features available in Tenable Vulnerability Management, Tenable Security Center and Tenable One include:

• Dashboard Views provide a snapshot of the most common AI software discovered in the ecosystem, top assets with vulnerabilities related to AI and the most common communication ports leveraged by AI technologies. 
• Shadow Software Development Detection illuminates the unexpected existence of the building blocks of AI development in the environment, enabling businesses to align initiatives with organizational best practices.
• Filter Findings for AI Detections enable teams to focus on AI-related findings when reviewing vulnerability assessment results. Combined with the power of Tenable Vulnerability Prioritization Rating (VPR), teams can effectively assess and prioritize vulnerabilities introduced by AI packages and libraries. 
• Asset-Centric AI-Inventory provides a complete inventory of AI-related packages, libraries and browser plugins while reviewing the detailed profile of an asset. 

Join the upcoming Tenable webinar titled, "Mitigating AI-Related Security Risks: Insights and Strategies with Tenable AI Aware" on October 9, 2024 at 11:00 am ET, by registering here.

More information on Tenable AI Aware is available at: https://www.tenable.com/products/vulnerability-management/ai-aware 

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, the exposure management company, announced today that Shelly Raban, senior cloud security researcher for Tenable, will give a presentation at fwd:cloudsec Europe 2024, taking place on 17 September, 2024 in Brussels, Belgium.

During the session titled, “Who Watches the Watchmen? Stealing Credentials from Policy-as-Code Engines (and Beyond),” Raban will explore techniques adversaries use to exploit modern policy-as-code and Infrastructure-as-code (IaC) domain-specific languages (DSLs), compromise cloud identities and exfiltrate sensitive data. Raban will conclude her presentation by sharing various detection strategies that cyber defenders can implement to detect malicious activity. 

The session will be hosted in the Main Room from 2:50 - 3:10 pm CEST. 

More information on the event is available on the fwd:cloudsec Europe website. 

More information about Tenable Cloud Security is available at: https://www.tenable.com/products/tenable-cloud-security 

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, the exposure management company, today announced new risk prioritization and compliance features for Tenable Nessus, the #1 vulnerability assessment solution in accuracy, coverage and adoption. Nessus supports new and updated vulnerability scoring systems – Exploit Prediction Scoring System (EPSS) and Common Vulnerability Scoring System (CVSS) v4 – to help customers implement more effective prioritization for risk reduction and maintain compliance.

Due to evolving threats and expanding attack surfaces, organizations rely on multiple risk scoring systems, which are not effective risk qualifiers on their own to determine criticality. With Tenable Nessus, customers can take advantage of the latest industry-adopted vulnerability scoring systems – EPSS and CVSS v4 – and Tenable Vulnerability Priority Rating (VPR) to identify and take action on the vulnerabilities that pose the greatest risk specific to their environment. Leveraging an advanced data science algorithm developed by Tenable Research, Tenable VPR combines and analyzes Tenable proprietary vulnerability data, third-party vulnerability data and threat data to effectively and efficiently measure risk.

“EPSS and CVSS are single variables in the risk equation – context around exposures delivers a deeper level of understanding around true risk,” said Shai Morag, chief product officer, Tenable. “Recent Tenable Research found that only 3% of vulnerabilities most frequently result in impactful exposure. We’ve optimized Nessus to meet the evolving needs of our customers, empowering informed vulnerability prioritization strategies to address these critical few.”

Key features in this release include:

• EPSS and CVSS v4 Support enables users to see and filter plugins by EPSS and CVSS v4 score, further informing prioritization strategy. This feature enables security teams to remain compliant with organizational policies that require the use of EPSS or CVSS as the primary scoring system.
• Nessus Offline Mode addresses challenges with conducting vulnerability scans offline in air-gapped environments. Building upon existing offline scanning capabilities, Nessus runs critical services only, removing unwanted traffic generated by functions that rely on an active internet connection, thereby ensuring the security of sensitive data within a secure environment.
• Declarative Agent Versioning On-Prem enables users to create and manage agent profiles in Nessus Manager for Tenable Security Center. Users can specify a product version for an agent deployed in an environment, thereby reducing disruptions in day-to-day operations and enabling users to adhere to enterprise change control policies.

Learn more about vulnerability and risk scoring by checking out the Inaugural Study of EPSS Data and Performance developed by Cyentia Institute and the Forum of Incident Response and Security Teams (FIRST).

Join the upcoming Tenable webinar titled, From Data to Defense: Harnessing Predictive Scoring to Strengthen Your Cybersecurityon September 12, 2024 at 2:00 pm ET, by registering here.

Tenable Nessus is available as a standalone product and is included in Tenable Security Center and Tenable Vulnerability Management. More information on Tenable Nessus is available at: https://www.tenable.com/products/nessus

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com.

###

Media Contact:

Tenable

tenablepr@tenable.com

 New research conducted by Tenable®, Inc., the exposure management company, has uncovered more than 26,500 potential internet-facing assets among Southeast Asia’s top banking, financial services and insurance (BFSI) companies by market capitalisation across Indonesia, Malaysia, the Philippines, Singapore, Thailand and Vietnam.

On July 15, 2024, Tenable examined the external attack surface of over 90 BFSI organisations with the largest market capitalisations across the region. The findings revealed that the average organisation possesses nearly 300 internet-facing assets susceptible to potential exploitation, resulting in a total of more than 26,500 assets across the study group.

Singapore ranked the highest among the six countries assessed, with over 11,000 internet-facing assets identified across its top 16 BFSI companies. Over 6,000 of those assets are hosted in the United States. Next on the list is Thailand with over 5000 assets. The distribution of internet-accessible assets underscores the need for cybersecurity strategies that adapt to the rapidly evolving digital landscape.

“The results of our study reveal that many financial institutions are struggling to close the priority security gaps that put them at risk. Effective exposure management is key to closing these gaps,” said Nigel Ng, Senior Vice President, Tenable APJ. “By identifying and securing vulnerable assets before they can be exploited, organisations can better protect themselves against the growing tide of cyberattacks.” 

Cyber Hygiene Gaps 
The Tenable study revealed many potential vulnerabilities and exposed several cyber hygiene issues among the study group, including outdated software, weak encryption, and misconfigurations. These vulnerabilities provide cybercriminals with easily exploitable potential entry points, posing potential risk to the integrity and security of financial data. 

Weak SSL/TLS encryption 

A notable finding is that among the total assets, organisations had nearly 2,500 still supporting TLS 1.0—a 25-year old security protocol introduced in 1999 and disabled by Microsoft in September 2022. This highlights the significant challenge organisations with extensive internet footprints face in identifying and updating outdated technologies.

Misconfiguration increases external exposure

Another concerning discovery was that over 4,000 assets, originally intended for internal use, were inadvertently exposed and are now accessible externally. Failing to secure these internal assets poses a significant risk to organisations, as it creates an opportunity for malicious actors to target sensitive information and critical systems.

Lack of encryption 

There were over 900 assets with unencrypted final URLs, which can present a security weakness. When URLs are unencrypted, the data transmitted between the user's browser and the server is not protected by encryption, making it vulnerable to interception, eavesdropping, and manipulation by malicious actors. This lack of encryption can lead to the exposure of sensitive information, such as login credentials, personal data, or payment details, and can compromise the integrity of the communication.

API vulnerabilities amplify risk

The identification of over 2,000 API v3 out of the total number of assets among organisations' digital infrastructure poses a substantial risk to their security and operational integrity.

APIs serve as crucial connectors between software applications, facilitating seamless data exchange. However, inadequate authentication, insufficient input validation, weak access controls, and vulnerabilities in dependencies within API v3 implementations create a vulnerable attack surface.

Malicious actors can exploit such weaknesses to gain unauthorised access, compromise data integrity, and launch devastating cyber attacks.

“The cybersecurity landscape is evolving faster than ever, and financial institutions must evolve with it, so they can know where they are exposed and take action to close critical risk” Ng added. “By prioritising exposure management, these organisations can better protect their digital assets, safeguard customer trust, and ensure the resilience of their operations in an increasingly hostile digital environment.”

About Tenable
Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

Notes to Editors:

1. Tenable examined the top 12-16 BFSI companies discoverable based on market cap. 
2. In the context of this alert:

• An asset is a domain name, subdomain, or IP addresses and/or combination thereof of a device connected to the Internet or internal network. An asset may include, but not limited to web servers, name servers, IoT devices, network printers, etc. Example: foo.tld, bar.foo.tld, x.x.x.xs.
• The Attack Surface is from the network perspective of an adversary, the complete asset inventory of an organisation including all actively listening services (open ports) on each asset.

In this episode of the IoT Insider podcast, Bernard Montel provides a brief history of the evolution of the Cloud and the challenges of securing it.

Mechanization service providers in Myanmar were originally interviewed by telephone in early May 2020 in order to determine how their businesses were being affected by COVID-19 related restrictions. The results of that survey were published in Myanmar Strategy Support Program Policy Note 07. To trace the continuing impact of the COVID-19 pandemic on their economic activities, a second phone survey of mechanization service providers was done in mid-June 2020. This Policy Note reports on the results of this second survey.

After a decade of stagnation during the 1990s, investments and human resource capacity in public agricultural research and development (R&D) averaged more than 20 percent growth in Sub-Saharan Africa (SSA) during 2001–2008. In 2008, the region spent $1.7 billion on agricultural R&D (in 2005 purchasing power parity dollars)—or $0.8 billion (in 2005 constant US dollars)—and employed more than 12,000 full-time equivalent (FTE) agricultural researchers.

Ethiopia’s agricultural sector, which is dominated by smallscale, mixed crop, and livestock farming, is the mainstay of the country’s economy. It constitutes more than half the nation’s gross domestic product (GDP), generates more than 85 percent of the foreign exchange earnings, and employs about 80 percent of the population. Ethiopia’s dependence on agriculture makes the country particularly vulnerable to the adverse impacts of climate change on crop and livestock production.

Ethiopia possesses abundant water resources and hydropower potential, yet less than 5 percent of irrigable land in the Blue Nile basin has been developed for food production, and more than 80 percent of Ethiopians lack access to electricity. Consequently, the Ethiopian government is pursuing plans to develop hydropower and irrigation along the Blue Nile River in an effort to tap into this underused potential.

Numerous studies indicate that agricultural production is sensitive to climate variability, and lack of infrastructure in developing countries increases vulnerability to extreme climate events. In Ethiopia, the historical climate record indicates frequent droughts and floods, which can devastate agricultural production and existing infrastructure. Too much precipitation can flood crops, rot or suffocate roots, and wash out roads, creating similar economic conditions to those resulting from drought.

The potential adverse effects of climate change on Ethiopia’s agricultural sector are a major concern, particularly given the country’s dependence on agricultural production. Securing Ethiopia’s economic and social well-being in the face of climate change requires that policymakers and stakeholders work together to integrate climate change adaptation into the country’s development process.

Agricultural production remains the main source of livelihood for rural communities in Sub-Saharan Africa, providing employment to more than 60 percent of the population and contributing about 30 percent of gross domestic product. With likely long-term changes in rainfall patterns and shifting temperature zones, climate change is expected to significantly affect agricultural production, which could be detrimental to the region’s food security and economic growth.

"Ethiopia's agricultural sector, which is dominated by smallscale, mixed-crop, and livestock farming, is the mainstay of the country's economy. It constitutes more than half of the country's gross domestic product, generates more than 85 percent of foreign exchange earnings, and employs about 80 percent of the population. Unfortunately, Ethiopia's dependence on agriculture makes the country particularly vulnerable to the adverse impactsof climate change on crop and livestock production.

Growing consensus in the scientific community indicates that higher temperatures and changing precipitation levels resulting from climate change will depress crop yields in many countries over the coming decades. This is particularly true in low-income countries, where adaptive capacity is low. Many African countries are particularly vulnerable to climate change because their economies largely depend on climate-sensitive agricultural production.

"A graphic biography of civil rights leader and American icon Martin Luther King Jr. This graphical biography tells the story of the most prominent leader of the American civil rights movement. With full-color illustrations and a historically accurate narrative, Martin Luther King Jr.: Voice for Equality! will inform and entertain readers of all ages. From his childhood in Atlanta to his rise as an international icon of human rights and a fiery orator who refused to back down in the face of adversity, King's life story serves as an ongoing source of inspiration." -- Provided by publisher.

"Benjamin Franklin has been called one of the most accomplished and influential Americans in history, and his role in shaping the United States has had a lasting impact that is still felt today. Franklin's research into topics as varied as electricity, meteorology, demography, and oceanography were as wide-ranging and important as his travels, which took him across the globe as a diplomat." -- Provided by publisher.

"When Amelia Earhart became the first woman to make a solo flight across the Atlantic Ocean in 1932, she immediately became an American icon and a subject of endless fascination for generations to come. In Amelia Earhart: Pioneer of the Sky!, the story of the bold and daring aviator's life is presented in graphic novel format, with full-color illustrations and historically accurate details. From her hardscrabble childhood to her final flight— and mysterious disappearance— Earhart's journey will entertain, captivate, and inspire readers of all ages." -- Provided by publisher

"A fascinating and entertaining biography of Alexander Hamilton, in graphic novel format. Alexander Hamilton: The Fighting Founding Father!tells the story of one of the most ambitious and controversial figures in American history in a graphic novel format. From a rough childhood on the Caribbean island of Nevis to the highest levels of American politics, Alexander Hamilton's life was filled with adventure, conflict, and controversy. Full-color illustrations and an entertaining narrative make this graphical biography of America's first Secretary of the Treasury accessible for readers of all ages." -- Provided by publisher.

"Considered by many historians to be the greatest American president, Abraham Lincoln led the Union at the greatest turning point in the nation's history. Abraham Lincoln: Defender of the Union! tells the story of one of America's most admired figures in graphic novel format. From his childhood on a farm in Kentucky to the battlefields of the Civil War, Abraham Lincoln served the United States with resolve, intelligence, and courage unlike that of any other president. Readers of all ages will be entertained and educated by the full-color illustrations and historically accurate narrative of this graphical biography." -- Provided by publisher.

"Sail the Pacific Islands in search of destiny and the demigod Maui in this retelling of Disney Moana. Moana is a spirited teenager who loves the ocean, yet she is forbidden to travel beyond the reef that surrounds her island home of Motunui. But she feels called to something more, and wants to discover who she was meant to be. When darkness begins to consume the island, and nature is out of balance, Moana knows the solution lies beyond the safety of the reef. Following the messages of her ancestors, and with encouragement from the ocean itself, Moana sails into the open sea to find the demigod Maui and right a wrong from his past. Together they face rough waters, monstrous creatures, and the unknown, in a mission to stop the darkness from spreading, and restore life to the islands! Become a master wayfinder in this action-packed story as Moana's love for the sea turns her into a hero among her people, the gods, and the ocean." -- Provided by publisher

"Raised from a kitten by a kindly old ninja master, Claude now spends his days as the pampered house cat of an eleven-year-old boy. But when trouble arises, Claude dons his mask and springs into action as Cat Ninja— Metro City's secret protector." -- Provided by publisher

A first installment in a graphic-novel rendering of Season 10 from the beloved animated series finds Twilight adjusting to new leadership responsibilities by recruiting her friends to help explore potentially dangerous regions throughout Equestria.

"Nyuki is a brand-new honey bee, and she has a lot of questions. Follow her on a lifelong journey as she annoys her sisters, avoids predators, and learns to trust her inner voice as she masters the way of the hive. Includes a section at the end of the book called 'Odds & Ends' with facts and information about bees."--Provided by publisher.

"This middle-grade graphic novel for fans of Roller Girl and Smile introduces Jamila and Shirley, two unlikely friends who save each other's summers while solving their neighborhood's biggest mysteries. Jamila Waheed is staring down a lonely summer in a new neighborhood— until she meets Shirley Bones. Sure, Shirley's a little strange, but both girls need a new plan for the summer, and they might as well become friends. Then this kid Oliver shows up begging for Shirley's help. His pet gecko has disappeared, and he's sure it was stolen! That's when Jamila discovers Shirley's secret: She's the neighborhood's best kid detective, and she's on the case. When Jamila discovers she's got some detective skills of her own, a crime-solving partnership is born. The mystery of the missing gecko turns Shirley and Jamila's summer upside down. And when their partnership hits a rough patch, they have to work together to solve the greatest mystery of all: What it means to be a friend." -- Description provided by publisher.

"New best friends Cookie and Broccoli are as different as peanut butter and cheese, but that doesn't stop them from taking on the first grade! Together they navigate the first day of school: finding the classroom, making new friends (all various fruits, veggies, and desserts), and silly secret greetings. When Broccoli discovers that Cookie also has shy moments, the two of them come up with the perfect solution— inviting all their classmates to join their Shy Friends Club." -- Provided by publisher.

"Magic turned Aster's life upside-down— and it's not over! Get ready for more family, more fun, and even more magic in this graphic novel adventure. Moving to the middle of nowhere has been less of a disaster than Aster expected. Her mom's science experiments are actually pretty cool; her dad's cooking has gotten much better; her new dog is possibly the best canine companion anyone could ask for. And she's gotten to save the day— and her family— and the whole valley she lives in— from various magical calamities in what even she has to admit were extremely fun adventures. So now she can have a break, right? Guess what? Oh no; things get even more interesting." -- Description provided by publisher.

"A fun, action-packed fantasy adventure about a girl, her dog, and magic gone wrong! Quiet … birds … nature … . That's what Aster expects when her parents move their whole family to the middle of nowhere. It's just her (status: super-bored), her mom and dad (status: busy with science), her brother (status: has other plans), and … magic? In her new home, Aster meets a mysterious old woman with a herd of dogs who gives her a canine companion of her own. But when she and her dog Buzz are adventuring in the forest, they run into a trickster spirit who gives Aster three wishes. After wishing for the ability to understand and talk to her dog, she becomes only able to talk in dog language … and the trouble she gets into is just starting. Maybe the middle of nowhere will be more interesting than Aster thought."

"At home, Maggie is the odd one out. Her parents are preoccupied with the new baby they're expecting, and her younger brothers are twins and always in their own world. Maggie thinks a new puppy is the answer, but when she goes to select one on her birthday, she breaks out in hives and rashes. She's severely allergic to anything with fur! Can Maggie outsmart her allergies and find the perfect pet?." -- Description provided by publisher.

"Sun dreams of money. Moon dreams of scientific discoveries. When their paths cross with Team Skull, both their plans go awry … Lost in an alternate dimension, Sun and Moon battle to help their new friends defend the eternally dark city of Ultra Megalopolis. But then a betrayal deprives them of their transportation home! Meanwhile, what surprising news does Lillie receive?" -- Provided by publisher

"Nate Adams is just an average kid until the mysterious Whisper gives him the Yo-kai Watch. Now he can see what others cannot: Yo-kai of all shapes and forms! … A mysterious door opens, causing Nate to run into weird and wacky Yo-kai from the past, present and future. Watch as they participate in a battle royale to decide which Yo-kai is the strongest!" -- Provided by publisher.

The Donner Party expedition is one of the most notorious stories in all of American history. It's also a fascinating snapshot of the westward expansion of the United States, and the families and individuals who sacrificed so much to build new lives in a largely unknown landscape. From the preparation for the journey to each disastrous leg of the trip, this book shows the specific bad decisions that led to the party's predicament in the Sierra Nevada Mountains. The graphic novel focuses on the struggles of the Reed family to tell the true story of the catastrophic journey.

Presents, in graphic novel format, the story of the Haitian Revolution and its role in Napoleon's decision to sell Thomas Jefferson and James Monroe the whole Louisiana Territory, when they sought to buy only New Orleans.

"'Remember the Alamo!' That rallying cry has been a part of Texas lore for generations. But what, exactly, should we remember? Who were the ragtag group of adventurers behind the famous slogan, and how did they end up barricaded in a fort against a Mexican army? Who survived, who died, and how? This sixth book in the bestselling Hazardous Tales series tracks the Lone Star State's bloody fight for independence from the Mexican government. It features the exploits of the notorious Jim Bowie, as well as Stephen Austin, Davy Crockett, and other settlers and soldiers who made the wild frontier of Texas their home— until the bitter end. Nathan Hale's Hazardous Tales are graphic novels that tell the thrilling, shocking, gruesome, and TRUE stories of American history. Read them all— if you dare!" -- Description provided by publisher.

Reproductions of the original sketches and text of an unfinished story by Hergé, with English translation and commentary.

"When local park fixture (and spy-master) Pops gets squirrel-napped, it's up to Norma, Belly, and their friend little B to save him!" -- Provided by publisher.