惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

The Register - Security
The Register - Security
云风的 BLOG
云风的 BLOG
U
Unit 42
F
Fortinet All Blogs
The GitHub Blog
The GitHub Blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
D
Docker
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
S
Secure Thoughts
Hacker News: Ask HN
Hacker News: Ask HN
Vercel News
Vercel News
S
Security @ Cisco Blogs
GbyAI
GbyAI
Stack Overflow Blog
Stack Overflow Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
I
Intezer
MongoDB | Blog
MongoDB | Blog
AI
AI
MyScale Blog
MyScale Blog
Engineering at Meta
Engineering at Meta
Y
Y Combinator Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
P
Proofpoint News Feed
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
W
WeLiveSecurity
博客园 - 叶小钗
S
SegmentFault 最新的问题
N
News | PayPal Newsroom
WordPress大学
WordPress大学
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
D
DataBreaches.Net
小众软件
小众软件
Microsoft Azure Blog
Microsoft Azure Blog
Spread Privacy
Spread Privacy
H
Help Net Security
美团技术团队
博客园 - 司徒正美
T
Threat Research - Cisco Blogs
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
K
Kaspersky official blog
Application and Cybersecurity Blog
Application and Cybersecurity Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
V
Vulnerabilities – Threatpost
TaoSecurity Blog
TaoSecurity Blog
N
Netflix TechBlog - Medium
L
Lohrmann on Cybersecurity
J
Java Code Geeks
量子位
Martin Fowler
Martin Fowler
博客园_首页

Tenable Blog

SharePoint CVEs FAQ: CVE-2026-56164, CVE-2026-32201, CVE-2026-45659 | Tenable® Build agentic AI security at Tenable Swarm, Black Hat 2026 SonicWall CVE-2026-15409 and CVE-2026-15410 zero-day exploited | Tenable® Understanding Anthropic’s new AI agent Claude Tag’s access model in Slack 5 reasons to integrate AppSec data with your exposure management platform July 2026 Patch Tuesday: Largest Patch Tuesday 569 CVEs FedRAMP High, IL5, and zero trust: How federal agencies can secure cloud environments OMB M-26-14: Why federal agencies must fix asset visibility first CISO’s guide to CISA BOD 26-04 and risk-based security metrics for vulnerability management How much cyber risk does AI create for organizations? 457 million security issues. Here’s what you can do about it. The Developer Credential Economy: An inside look at the Miasma worm campaign Oracle Critical Security Patch Update June 2026 | Tenable® How Tenable helps federal agencies comply with CISA BOD 26-04 Get critical cyber risk context: Understanding control validation, CTEM & Tenable One CISA BOD 26-04: Frequently asked questions about the new risk-based patching directive Microsoft’s June 2026 Patch Tuesday Addresses 198 CVEs ( CVE-2026-49160, CVE-2026-50507) The June 2026 AI Executive Order: What federal agencies need to know and how Tenable can help Tenable joins Anthropic’s Project Glasswing to advance AI-era cyber defense Tenable CTO Vlad Korsunsky Q&A: Countering AI threat multipliers with AI-powered exposure management | Tenable CTO Q&A: C-suite views AI as massive threat, as cyber teams adopt exposure management to counter AI attacks Oracle May 2026 Critical Security Patch Update Addresses 35 CVEs Download pumping: New npm deception technique for supply chain attacks Inside the customer environment: Where threat actors, vulnerabilities, and exposed assets intersect EXPOSURE 2026 prepares cybersecurity professionals for the AI era Mini Shai-Hulud: Frequently asked questions about the TeamPCP npm and PyPI supply chain campaign CVE-2026-9082: Highly Critical SQL Injection Vulnerability in Drupal Core (SA-CORE-2026-004) Tenable One deepens third-party integrations with new Open Connector for unified risk visibility Implement agentic AI in cybersecurity with Tenable Hexa AI: Reduce cyber risk at machine speed Key findings from the Verizon DBIR 2026: Slower vulnerability remediation meets faster exploitation Frequently asked questions about the continued exploitation of Cisco Catalyst SD-WAN vulnerabilities (CVE-2026-20182) Bring out your dead: How agentic AI for cybersecurity helps you rid your cloud of forgotten, risky assets Fragnesia (CVE-2026-46300): Frequently asked questions about new Linux Kernel XFRM ESP-in-TCP privilege escalation Securing data centers in the agentic AI era Microsoft’s May 2026 Patch Tuesday Addresses 118 CVEs (CVE-2026-41103) Dirty Frag (CVE-2026-43284, CVE-2026-43500): Frequently asked questions about this Linux kernel privilege escalation vulnerability chain Why the approaching flood of vulnerabilities changes everything — and what to do about it Anthropic’s CEO warns the “moment of danger” is real. But most are looking in the wrong place. Security for AI: A strategic framework for closing the AI exposure gap Vulnerability remediation: Match CVEs to asset owners in seconds with Tenable Hexa AI Bridging the gap: How to integrate Claude Security into the Tenable One Exposure Management Platform Copy Fail (CVE-2026-31431): Frequently asked questions about Linux kernel privilege escalation vulnerability Mastering agentic AI security through exposure management As the NVD scales back CVE enrichment, here’s what Tenable customers need to know Five steps to become Mythos ready Oracle April 2026 Critical Patch Update Addresses 241 CVEs Beating the Mythos clock: Using Tenable Hexa AI custom agents for automated patching Unlocking foundational visibility for cyber-physical systems with OT vulnerability management Claude Mythos: Prepare for your board’s cybersecurity questions about the latest AI model from Anthropic Microsoft’s April 2026 Patch Tuesday Addresses 163 CVEs (CVE-2026-32201) Crushing the Axios supply chain threat with Tenable Hexa AI: Use cases for agentic AI What to Know About CyberAv3ngers: The IRGC-Linked Group Targeting Critical Infrastructure CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild The developer credential economy: Why exposure data is the new front line in the supply chain war Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069 Supply chain attack on Axios npm package: Scope, impact, and remediations What’s new in Tenable Cloud Security: Custom policies, AWS ABAC, and research-driven protection Uncover prompt injection, insider threats with the Tenable One Model Refusal Detection Security for AI: A guide to managing the risks of vibe coding and AI in software development Meet Tenable Hexa AI: Agentic AI for exposure management
The AI-vs-AI battle is already happening. Watch it live at EXPOSURE 2026.
Team Tenable · 2026-05-07 · via Tenable Blog

Don’t singularly focus on the speed of AI attacks. You must also prepare for the shift AI is bringing to the threat landscape. Join Tenable at EXPOSURE 2026 to witness a live AI-vs-AI battle and get clarity to defend your organization against next-generation autonomous threats.

Key takeaways

  1. Organizations must expand their visibility to map a growing attack surface that now includes AI-enabled applications and the interconnected business logic they expose, which attacks, like natural language prompt injection, can leverage.
  2. Standard security tools cannot assess the AI-extended attack surface or counteract the sophisticated reasoning of autonomous agentic threats, requiring investment in specialized security products and detection capabilities.
  3. Effective AI governance requires setting clear thresholds for autonomous agent actions to ensure organizational policy governs critical operations.

You’ve heard and read a lot about how AI is upending cybersecurity. But have you actually seen an AI attack unfold right before your eyes? It’s one of many compelling reasons for you to join us at Tenable’s EXPOSURE 2026 conference in Boston from May 19 to 21.

During a keynote, you can witness a live simulation where two agentic AI tools — an offensive red team and a defensive blue team — duel, simultaneously attacking and protecting a vibe-coded expense report application that has an embedded large language model (LLM) chatbot.

The presentation, titled “The AI battle: A live defense simulation,” will offer you a unique opportunity to deepen your understanding of AI attacks and AI defenses, as well as gain invaluable insights to boost your organization’s AI security strategy.

AI attack speed is part of the picture

Researchers Robert McSulla and Ben Smith crafted the simulation to drive home this point: If you just focus on countering the machine speed of AI attacks, you’ll fall short of protecting your organization. Why? While AI has indeed accelerated cyber attacks, it has also radically transformed them in multiple other ways.

By creating a unique, custom demo of an all-out agentic AI battle, the researchers will showcase multiple novel attack vectors in a clear and structured manner, aided by elements such as a timeline, a battle status monitor, and a scorecard. For example, the presentation will unpack autonomous defensive assessments by the blue-team agent, as well as sophisticated attack planning by the red-team agent.

The presentation will make it clear that while AI makes attackers faster, this increased speed represents a quantitative change. You can defend against faster AI attacks if you tune up the tools you already have.

However, AI has also brought about substantial changes, including an expanded attack surface; AI vs. AI attacks; new adversary capabilities; and context poisoning. To counter these new elements, you can’t rely on conventional cybersecurity tools and processes. A web application firewall rule can’t defuse a prompt injection attack. A Sigma rule can’t detect a semantic jailbreak attempt. 

During the presentation, you’ll see how in order to secure the simulation’s app – whose LLM chatbot has access to business logic, user data, and external tools – you’ll need security controls and capabilities designed specifically for AI.

In the end, you’ll emerge from the talk with concrete actions your team can implement right away, including:

  • Threat actors are already leveraging AI. If your organization is not using AI for security, you are operating at a significant disadvantage.
  • Effective defense requires proactively considering and defining your governance thresholds for the use of autonomous defensive AI.

But wait, there’s much more at EXPOSURE 2026

“The AI battle: A live defense simulation” is just one of the many presentations at EXPOSURE 2026 that’ll boost your understanding of how and why exposure management is a requirement for effective cybersecurity in the AI era.

With an exposure management strategy, your cybersecurity teams can regain control over a chaotic attack surface that has exploded in size and complexity due to AI. Exposure management gives you unified visibility over all assets – wherever they are – and their security issues, such as vulnerabilities, misconfigurations, and overprivileged identities, so that you can proactively slash cyber risk, including AI-driven threats.

EXPOSURE 2026, which will be held in Boston from May 19 to May 21 at the Hilton Boston Park Plaza, features an impressive roster of cybersecurity experts, including: 

  • Smithfield Foods’ CISO Jim Nelms
  • GEICO CISO Rick Vadgama
  • Verizon’s Senior Director, Readiness and Proactive Security, Jorge Orchilles
  • Munich Re’s Global Head of IT Risk and Security John Schramm
  • Cloud Security Alliance CEO Jim Reavis

You’ll also get a chance to hear directly from top-level Tenable executives, including: 

  • Co-CEOs Steve Vintz and Mark Thurmond, who will explain how exposure management is redefining modern cybersecurity
  • Chief Technology Officer Vlad Korsunsky, who will unpack how attackers use AI to accelerate reconnaissance, chain misconfigurations, abuse over-privileged identities, and exploit overlooked AI services and integrations
  • Chief Product Officer Eric Doerr, who will explain what AI capabilities actually work; where AI meaningfully improves triage, investigations, and prioritization; and where teams should avoid over-automation, blind spots, and hype-driven missteps
  • Chief Security Officer Robert Huber, who will sit down with fellow cyber leaders to talk about building an exposure management program; communicating effectively with the board; and operationalizing exposure management

If you’re looking to sharpen your cybersecurity skills and boost your professional development, EXPOSURE 2026 offers the following technical training tracks:

Eager to boost your understanding of AI security and exposure management? Register for EXPOSURE 2026 today.