The CISA Known Exploited Vulnerabilities (KEV) catalog and enhanced logging guidelines are among the new measurement tools added for the 2024 State and Local Cybersecurity Grant Program.

Last month, the Department of Homeland Security announced the availability of $279.9 million in grant funding for the Fiscal Year (FY) 2024 State and Local Cybersecurity Grant Program (SLCGP). Now in its third year, the four-year, $1 billion program provides funding for State, Local and Territorial (SLT) governments to implement cybersecurity solutions that address the growing threats and risks to their information systems. Applications must be submitted by December 3, 2024.

While there are no significant modifications to the program for FY 2024, the Federal Emergency Management Agency (FEMA), which administers SLCGP in coordination with the Cybersecurity and Infrastructure Security Agency (CISA), identified key changes, some of which we highlight below:

The FY 2024 NOFO adds CISA’s KEV catalog as a new performance measure and recommended resource

The FY 2024 notice of funding opportunity (NOFO) adds the CISA Known Exploited Vulnerabilities (KEV) catalog as a recommended resource to encourage governments to regularly view information related to cybersecurity vulnerabilities confirmed by CISA, prioritizing those exploited in the wild. In addition, CISA has added “Addressing CISA-identified cybersecurity vulnerabilities” to the list of performance measures it will collect through the duration of the program.

Tenable offers fastest, broadest coverage of CISA’s KEV catalog

At Tenable, our goal is to help organizations identify their cyber exposure gaps as accurately and quickly as possible. To achieve this goal, we have research teams around the globe working to provide precise and prompt coverage for new threats as they are discovered. Tenable monitors and tracks additions to the CISA KEV catalog on a daily basis and prioritizes developing new detections where they do not already exist.

Tenable updates the KEV coverage of its vulnerability management products — Tenable Nessus, Tenable Security Center and Tenable Vulnerability Management — allowing organizations to use KEV catalog data as an additional prioritization metric when figuring out what to fix first. The ready availability of this data in Tenable products can help agencies meet the SLCGP performance measures. This blog offers additional information on Tenable’s coverage of CISA’s KEV catalog.

FY 2024 NOFO adds “Adopting Enhanced Logging” as a new performance measure

The FY 2024 NOFO also adds “Adopting Enhanced Logging” to the list of performance measures CISA will collect throughout the program duration.

How Tenable’s library of compliance audits can help with Enhanced Logging

Tenable's library of Compliance Audits, including Center for Internet Security (CIS) and Defense Information Systems Agency (DISA), allows organizations to assess systems for compliance, including ensuring Enhanced Logging is enabled. Tenable's vulnerability management tools enable customers to easily schedule compliance scans. Users can choose from a continuously updated library of built-in audits or upload custom audits. By conducting these scans regularly, organizations can ensure their systems are secure and maintain compliance with required frameworks.

FY 2024 NOFO continues to require applicants to address program objectives in their applications

As with previous years, the FY 2024 NOFO sets four program objectives. Applicants must address at least one of the following in their applications:

• Objective 1: Develop and establish appropriate governance structures, including by developing, implementing, or revising Cybersecurity Plans, to improve capabilities to respond to cybersecurity incidents, and ensure operations.
• Objective 2: Understand their current cybersecurity posture and areas for improvement based on continuous testing, evaluation, and structured assessments.
• Objective 3: Implement security protections commensurate with risk.
• Objective 4: Ensure organization personnel are appropriately trained in cybersecurity, commensurate with responsibility.

How Tenable can help agencies meet Objective 2 of the program

Tenable is uniquely positioned to help SLTs meet Objective 2 through the Tenable One Exposure Management Platform. In addition to analyzing traditional IT environments, Tenable One analyzes cloud instances, web applications, critical infrastructure environments, identity access and privilege solutions such as Active Directory and more — including highly dynamic assets like mobile devices, virtual machines and containers. Once the complete attack surface is understood, the Tenable One platform applies a proactive risk-based approach to managing exposure, allowing SLT agencies to successfully meet each of the sub-objectives outlined in Objective 2 (see table below).

Source: Tenable, October 2024

Tenable One deployment options offer flexibility for SLT agencies

Tenable offers SLT agencies flexibility in their implementation models to help them best meet the requirements and objectives outlined as part of the SLCGP. Deployment models include:

• Centralized risk-based vulnerability program managed by a state Department of Information Technology (DoIT)
• Multi-entity projects
• Decentralized deployments of Tenable One managed by individual municipalities,
• Managed Security Service Provider (MSSP) models that allow agencies to rapidly adopt solutions by utilizing Tenable’s Technology Partner network.

Whole-of-state approach enables state-wide collaboration and cooperation

A “whole-of-state” approach — which enables state-wide collaboration to improve the cybersecurity posture of all stakeholders — allows state governments to share resources to support cybersecurity programs for local government entities, educational institutions and other organizations. Shared resources increase the level of defense for SLTs both individually and as a community and reduce duplication of work and effort. States get real-time visibility into all threats and deploy a standard strategy and toolset to improve cyber hygiene, accelerate incident response and reduce statewide risk. For more information, read Protecting Local Government Agencies with a Whole-of-State Cybersecurity Approach.

FY 2024 NOFO advises SLT agencies to adopt key cybersecurity best practices

As in previous years, the FY 2024 NOFO again recommends SLT agencies adopt key cybersecurity best practices. To do this, they are required to consult the CISA Cross-Sector Cybersecurity Performance Goals (CPGs) throughout their development of plans and projects within the program. This is also a statutory requirement for receiving grant funding.

How Tenable One can help agencies meet the CISA CPGs

The CISA CPGs are a prioritized subset of cybersecurity practices aimed at meaningfully reducing risk to critical infrastructure operations and the American people. They provide a common set of IT and operational technology (OT) fundamental cybersecurity best practices to help SLT agencies address some of the most common and impactful cyber risks. Learn more about how Tenable One can help agencies meet the CISA CPGs here.

Learn more

• $1 Billion State and Local Cybersecurity Grant Program Now Open for Applicants
• Protecting Local Government Agencies with a Whole-of-State Cybersecurity Approach
• How to Meet FY 2023 U.S. State and Local Cybersecurity Grant Program Objectives
• New U.S. SLCGP Cybersecurity Plan Requirement: Adopt Cybersecurity Best Practices Using CISA's CPGs
• Study: Tenable Offers Fastest, Broadest Coverage of CISA's KEV Catalog

Vulnerability management remains a cornerstone of preventive cybersecurity, but organizations still struggle with vulnerability overload and sophisticated threats. Tenable’s new Exposure Signals gives security teams comprehensive context, so they can shift from vulnerability management to exposure management and effectively prioritize high-risk exposures across their complex attack surface.

A critical vulnerability has been disclosed and attackers worldwide are actively exploiting it in the wild. Your vulnerability management team jumps into action and determines that the vulnerability is present in hundreds of your organization’s assets. Which ones do you patch first? How do you prioritize your remediation efforts? What criteria do you use? The clock is ticking. Hackers are on the prowl.

Historically, your vulnerability management team would rely on severity scores like Vulnerability Priority Rating (VPR). This is a great start, but only gives you one indicator of risk. To prioritize remediation precisely and effectively, you need to consider a variety of other criteria, such as a vulnerable asset’s type, owner, and function; the access-level and privileges on the asset; and critical attack paths into your environment.

This type of comprehensive, holistic context will let you prioritize correctly, but it can only be achieved with a different approach that goes beyond traditional vulnerability management. That approach is exposure management. 

With exposure management, your vulnerability management team would be able to pinpoint the subset of assets affected by our hypothetical vulnerability that, for example, are externally accessible, possess domain-level privileges and are part of a critical attack path. That way they would know where the greatest risk is and what they need to remediate first. Having this deep insight, context and visibility transforms the risk assessment equation, and allows your vulnerability management team to move decisively, quickly and strategically.

In this blog, we’ll outline why it’s imperative for your vulnerability management teams to shift to an exposure management mindset, and we’ll explain how Tenable can help them do it.

To pinpoint riskiest vulns, vulnerability management needs broader exposure context 

In today's evolving cybersecurity landscape, vulnerability management remains one of the foundational pieces of an organization's proactive defense strategy. However, these teams still have difficulty in addressing the increased level of risks posed by the continuous surge of Common Vulnerabilities and Exposures (CVEs) and other flaws.

Many security teams are frequently overwhelmed by the sheer volume of vulnerabilities with limited resources to manage them effectively. The sophistication and speed of threat actors has escalated, with attackers having more entry points and using new tactics, techniques and procedures to access other critical areas of the business - demonstrating that attacks are no longer linear but multifaceted.

It’s common for security teams to struggle with:

• Vulnerability overload - This long-standing problem keeps getting worse. Security teams are finding it more difficult than ever to sift through the avalanche of CVEs and identify the areas of the business that have the most risk.
   
•  Lack of exposure context for prioritization - Your teams are making decisions while missing layers of context. Threat intelligence and vulnerability severity are a great start, but limiting yourself to them doesn’t give you the full context you need to prioritize properly. 
   
• Slow remediation response - Both proactive and reactive security teams devote massive amounts of time to responding to critical vulnerabilities. Resources are spread thin, making it more important than ever for teams to confidently identify the most high risk exposures when recommending remediation efforts.

Need to shift from a vulnerability to an exposure mindset

Knowing the struggles that you are dealing with today can help illuminate the benefits of exposure management. The missing links between a vulnerability and an exposure are the additional layers of context. Having multidimensional context enables you to understand not just the vulnerabilities themselves but their potential impact within the broader attack surface. This approach provides a more comprehensive view of an organization's security posture by considering factors such as threat intelligence, asset criticality, identities and access, as well as other pieces of context. With this additional information, you spend significantly less time sorting through stacks of similar vulnerabilities and you can be more focused on identifying key issues that pose risk - exposures.

For those who have never heard of exposure management or are just getting started, there are many benefits to this discipline. When it comes to Tenable’s approach, we adopt that same mentality with our exposure management platform. The goal is simple: exposure management empowers organizations to prioritize remediation efforts more effectively. It surfaces information that helps develop strategies to address not only the vulnerabilities themselves but the emergence of exposures that could lead to significant breaches.

The jump from vulnerability to exposure

Bridging the gap from vulnerability management to exposure management requires connecting context across the entire attack surface. Vulnerability management provides context that predicts the likelihood of an attack and displays key drivers, age of vulnerability and threat sources. These attributes are helpful, but we can go much further to improve our prioritization effectiveness. This requires having broader visibility and deeper insights across the attack surface to understand the bigger picture of exposures.

Specifically, security teams need additional context around:

• Asset context - There are many levels to an asset that can help drive prioritization decisions. It’s key to understand the criticality of an asset related to its type, function, owner name and its relationships to other assets. Even knowing if the asset is accessible from the internet or not will shape how its remediation is prioritized.
   
• Identities - Identities serve as the cornerstone for successful attacks, so it’s key to contextualize them for exposure management. Understanding user-privilege levels, entitlements and user information can help prevent attackers from gaining privilege escalation and moving laterally. Focusing prioritization efforts on vulnerable assets with domain and admin-level privileges is a critical best practice in order to reduce the likelihood of a breach.
   
• Threat context - Having various levels of threat context is also important to prioritize exposures. We know that threats change over time, so leveraging dynamic scoring like VPR or Asset Exposure Score (AES) can show indicators of risk. We can also bring in context from attack path modeling to influence remediation decisions based on the attacker’s perspective by understanding the number of critical attack paths or choke points in your environment.

When security analysts have this additional information, they can now truly understand the breadth and depth of the exposure. This is how prioritization is done in this new world of exposure management.

Introducing Exposure Signals

To help make it easier for you to shift to this exposure management mindset, we have developed a new prioritization capability called Exposure Signals. Available in Tenable One, Tenable’s exposure management platform, Exposure Signals allows security teams to have more comprehensive context in a centralized place for a focused view of risk. 

There are two ways to use these new Exposure Signals. The first is to access a comprehensive library of high-risk, prebuilt signals. Easy to refer to, they signal potential risk in your environment and create a great starting point for you to get your exposure management juices flowing. For example, you can easily see and refer to: 

• Domain admin group on internet-exposed hosts with critical vulnerabilities
• Devices exposed to the internet via RDP with an associated identity account with a compromised password
• Cloud assets with critical severity findings and asset exposure score above 700

Exposure Signals allow you to track the number of violations that signal high-risk scenarios in your environment. View this list on a regular basis to see how it changes over time with its unique trendline. Take exploration into your own hands by viewing the impacted asset and its contextual intelligence in our Inventory Module. 

The second way to use Exposure Signals is by creating your own signals using a query builder or natural language processing (NLP) search powered by ExposureAI. That way, you can go as broad or as precise as needed. For example, let’s say there is a new zero day vulnerability that sweeps the industry, similar to Log4Shell. You can easily create a signal to target which assets have the vulnerability, are internet facing and have domain admin-level privileges. We are stringing these components together so that you can understand your true risk and better direct your prioritization efforts.

To learn more about Tenable One and Exposure Signals, check out our interactive demo:

"Humanity pushes back! The Survey Corps develops a risky gambit— have Eren in Titan form attempt to repair Wall Rose, reclaiming human territory from the monsters for the first time in a century. But Titan-Eren's self-control is far from perfect, and when he goes on a rampage, not even Armin can stop him! With the survival of humanity on his massive shoulders, will Eren be able to return to his senses, or will he lose himself forever?"-- Page [4] of cover.

Kyle Barnes has been plagued by demonic possession all his life and now he needs answers. Unfortunately, what he uncovers along the way could bring about the end of life on Earth as we know it.

"Nothing about Saitama passes the eyeball test when it comes to superheroes, from his lifeless expression to his bald head to his unimpressive physique. However, this average-looking guy has a not-so-average problem— he just can't seem to find an opponent strong enough to take on! An emergency summons gathers Class S heroes at headquarters … and Saitama tags along. There, they learn that the great seer Shibabawa left the following prophecy: "The Earth is in danger!" What in the world is going to happen?!" -- Description provided by publisher.

Nothing about Saitama passes the eyeball test when it comes to superheroes, from his lifeless expression to his bald head to his unimpressive physique. However, this average-looking guy has a not-so-average problem-he just can't seem to find an opponent strong enough to take on! When aliens invade Earth, a group of Class-S heroes finally finds a way to fight back and go on the offensive. Inside the enemy mother ship, Saitama fights Boros. Faced with the alien's frightful power, he decides to get serious! What is the Earth's fate?!

"Hero hunter Gato intensifies his onslaught, so of course Saitama decides now is the perfect time to join a combat tournament. Meanwhile, Class-S hero Metal Bat takes an assignment guarding a Hero Association executive and his son, and before long trouble appears!" -- Description provided by publisher.

Class-S hero King is known as the strongest man on earth, but when a mysterious organization sends an assassin after him, the shocking truth about King is revealed.

"Nothing about Saitama passes the eyeball test when it comes to superheroes, from his lifeless expression to his bald head to his unimpressive physique. However, this average-looking guy has a not-so-average problem— he just can't seem to find an opponent strong enough to take on! Time bomb Garo, a monster admirer, finally explodes, attacking the Hero Association! Meanwhile, Miss Blizzard visits Saitama at his apartment. Because of his lower rank, she plans to make him one of her subordinates, but … ." -- Page [4] of cover.

"Kyle is faced with the most emotional exorcism he's performed yet … as he begins to learn more about his abilities and what's really happening around him. The pieces are starting to fall into place as secrets are revealed that will change everything." -- Description provided by publisher.

Kyle Barnes has been plagued by demonic possession all his life. In light of recent revelations, he finally feels like he's starting to piece together the answers he's looking for. But while he feels a new sense of purpose is Reverend Anderson's life falling apart?

"Answers are given, secrets are revealed, and the Barnes family has never been in more danger. Allison learns that there's something very special about her daughter, bu where's Kyle? Will Anderson risk everything to save him?' -- Page 4 of cover.

"Set in the years leading up the Hugo and Nebula Award-winning Dune— 'Dume: House Atreides transports readers to the far future on the desert planet Arrakis where Pardot Kynes seeks its secrets. Meanwhile, a violent coup is planned by the son of Emperor Elrood; an eight-year-old slave Duncan Idaho seeks to escape his cruel masters; and a young man named Leto Atreides begins a fateful journey. These unlikely souls are drawn together first as renegades and then as something more, as they discover their true fate— to change the very shape of history!" -- Description provided by publisher.

"The one who wields the fire power is destined to save the world, but Owen Johnson has turned his back on that life. But after the Dragon's Claw's attack, Owen and his family are reeling from the loss— and more danger lurks on the horizon!" -- Description provided by publisher.

"The Joker is dead. There is no doubt about that. But whether Batman finally snapped his scrawny neck or some other sinister force in Gotham City did the deed is still a mystery. Problem is, Batman can't remember … and the more he digs into this labyrinthine case, the more he starts to doubt everything he's uncovering. So who better to set him straight than … John Constantine? The problem with that is as much as John loves a good mystery, he loves messing with people's heads even more. So with John's 'help', the pair will delve into the sordid underbelly of Gotham as they race toward the mind-blowing truth of who murdered The Joker." -- Page [4] of cover.

In 2021, General Secretary Xi Jinping solemnly declared that China's poverty alleviation battle has achieved a comprehensive victory. However, there is still a long way to go to solve the problem of unbalanced and insufficient development, narrow the development gap between urban and rural areas, and achieve comprehensive human development and common prosperity for all people.

NEW YORK TIMES BESTSELLER • From Linda Howard comes a thrilling and sensual new novel of romance, suspense, intrigue . . . and memories that can kill. Lizette Henry wakes up one morning and makes a terrifying discovery: She doesn't recognize the face she sees in the mirror. She remembers what she looks like, but her reflection is someone else's. To add to the shock, two years seem to have disappeared from her life. Someone has gone to great and inexplicable lengths to keep those missing years hidden forever. But the past always finds a way to return. Strange memories soon begin to surface and, along with them, some unusual skills and talents that Lizette hasn't a clue about acquiring. Sensing that she's being monitored, Lizette suddenly knows how to search for bugs in her house and tracking devices in her car. What's more, she can elude surveillance-like a trained agent. Enter a mysterious and seductive stranger named Xavier, who claims he wants to help-but who triggers disturbing images of an unspeakable crime of which Lizette may or may not be the perpetrator. With memories returning, she suddenly becomes a target of anonymous assassins. On the run with nowhere to hide, Lizette has no choice but to rely on Xavier, a strong and magnetic man she doesn't trust, with a powerful attraction she cannot resist. As murky waters become clear, Lizette confronts a conspiracy that is treacherous and far-reaching and a truth that, once revealed, may silence her and Xavier once and for all.

Thrilled that their playwright friend’s Broadway debut was a rousing success, Nic and Nigel are trying to enjoy the A-list after-party with their pal Harper. Unfortunately, all the champagne and repartee in the world aren’t enough to overlook the churlish behavior of Harper’s theater-critic husband, Dan. Nic is shocked the next morning when she learns that Dan’s been murdered. Nigel thinks the world may be a better place without him. Still, Harper is their friend and they’re intent on helping her any way they can. Invigorated by the thrill of the hunt and fortified by a flood of cocktails, catching the killer becomes the Martinis’ top priority . . . with their behemoth Bullmastiff Skippy along for the ride. Includes cocktail recipes!

"Kelsey Cambridge, director of the Barton Farm living history museum, must save the Farm's reputation when a wedding planner is pushed from the bell tower of the Farm's picturesque church"-- Provided by publisher.

Mystery author Rachel Goldman is getting used to the idea that her fictional creation Duffy Madison has somehow taken flesh-and-blood form and is investigating missing person cases not far from where Rachel lives. Wait. No. She’s not getting used to it at all, and the presence of this real-life Duffy is making her current manuscript—what’s the word?—lousy. So she doesn’t want to see Duffy—the living one—at all. To make matters worse, when he shows up at her door and insists on talking to her, it’s about the one thing she doesn’t want to do: Find a missing person. But the man Duffy seeks this time around might be able to solve Rachel’s problem. He might just be the man Duffy was before he became Duffy five years ago. The only problem is she could be letting Duffy lead her into danger yet again… Entertaining and witty, the second in E.J. Copperman's Mysterious Detective Mystery series Edited Out will delight his fans, both new and old.

TORONTO – The Canadian Securities Administrators (CSA), the Canadian Investment Regulatory Organization (CIRO), and the Ombudsman for Banking Services and Investments (OBSI) remind investors that they all offer investors services related to claims or complaints free of charge.

"Collects Spider-Woman (2020) #6-10. Road trip— to space! After learning some startling secrets about her family, Jessica Drew goes on a mission to find the one person who might know more: the High Evolutionary! But she's going to need her BFF by her side— and that means it's Captain Marvel team-up time! Before long though, those closest to Spider-Woman will abandon her. Only one person will come to her aid: Octavia Vermis! Octavia has a cure for Jessica, and the prescription is crime! Is Jess willing to resort to theft to gather all the tools needed to fix what's wrong? In the shadow of Knull's invasion, Spider-Woman must put everything on the line— and then cross it! Even if Jess can find the cure for what ails her, will she still have a life worth saving?" -- Page [4] of cover.

On the very day of his wedding to the beautiful Mercedes, a young merchant sailor named Edmond Dantès is falsely imprisoned for life, laying to waste his plans of marriage and hard-earned fortune. Following several long years in prison he has managed to escape and reinvent himself as the mysterious Count of Monte Cristo. It is the reign of Napoleon Bonaparte and the Count has been plotting his revenge on the three men who had him falsely imprisoned. With a new identity, an incredible education abroad and a vast fortune, he has returned completely unrecognizable to those who had committed their crimes against him.

"Bruce Wayne's latest ward, Tim Drake, has all the makings of becoming the greatest Robin yet. He's intelligent, athletic, and levelheaded, and his detective skills rival those of his mentor. However, every Boy Wonder who has come before has endured tragedy, and Tim may be no exception when his parents are marked for death by the sinister Obeah Man. Will the Dark Knight stop the Obeah Man in time, or must Tim face a deadly rite of passage in order to be worthy of inheriting the mantle of Robin?"--Provided by publisher.

Selina Kyle returns to Gotham City as new socialite Holly Vanderhees, but she needs to outsmart rival Batwing to rise to the top of the city's criminal underbelly.

"Starting off with an attack on S.T.A.R. Labs in Gotham City by a giant robot that steals an entire room of the laboratory— Batman is going to have to stop it before it can cause more harm … and with Lex Luthor freshly back in Gotham— he knows where to start his search. Will Batman be able to topple the billionaire before he leaves Gotham?" -- Provided by publisher.

"Rumors of Heine's bloody connection to their father initially causes the princes' trust in their tutor to waver. When the truth of how Heine came to be the royal tutor is fully brought to light, will the darkness of years past yield to a brighter future— together?" -- Description provided by publisher.

"Harvey Dent is dead. Or is he? A gang of thieves thrusts Gotham City into a state of fear when they are mysteriously well armed with military-grade weapons: flamethrowers, grenade launchers, and even tanks. And this gang claims it is funded by none other than former district attorney Harvey Dent. Bruce Wayne, balancing his two lives, must find the truth by tapping his growing network of agents, including Alfred Pennyworth, Jim Gordon, Waylon 'Killer Croc' Jones, and the savvy new Catwoman. Bruce is distracted by the seemingly impossible return of another figure believed dead: his grandfather Adrian Arkham. He must also comfort his longtime friend, Gotham City Mayor Jessica Dent, who is scarred both physically and mentally from her experience with the Riddler, which resulted in the gruesome death of her brother. But is Harvey back, plotting revenge on a city he proclaims to be guilty? When Batman discovers the truth behind these many mysteries, his entire world unravels … ." -- Page [4] of cover.

"Giant, sprawling future Gotham City is under martial law, protected and regulated by a private security force led by the infamous Peacekeepers. Their mandate is to maintain the safety of the citizens of Gotham, regardless of any Constitutional rights, and to hunt down, incarcerate, or kill all masked vigilantes, villains, and criminals in the city limits. It's a dangerous and violent look at a possible future Gotham City and the heroes and villains who live there!" -- Provided by publisher.

"Batman: White Knight Presents: Harley Quinn takes place two years after Batman: Curse of the White Knight. Azrael has wiped out criminals in Gotham, Jack Napier (formerly The Joker) is dead, Bruce Wayne (Batman) is in prison, and Harley Quinn is adjusting to life as a single mother, raising the twins she had with Jack. But as new villains arise, Harley is forced to dance with madness once again and confront her own past with The Joker and Batman while helping the Gotham City police and an eager young FBI agent uncover the truth behind a series of gruesome murders. This collection also features a chapter from Harley Quinn's newest digital first series, Harley Quinn Black + White + Red, told in a traditional black-and-white format with the color red uniquely shaping Harley Quinn's story." -- Provided by publisher.

"Welcome to the possible future state of Gotham. The Magistrate, a freelance military and surveillance corporation, has been hired by Gotham's leadership to turn the old city into a futuristic surveillance state free of vigilante-based crime/heroics. Batman, horrified to see what his city was becoming, fought tooth and nail against Magistrate— and they killed him for it. Or did they? Bruce Wayne survived this assassination attempt, and has been laying low for years now trying to sort out how to beat Magistrate. The only problem? He doesn't think he can anymore. They're too big, they're too powerful. And the latest horrific revelation? They have eyes everywhere. It's left to Batman for one last mission. Destroy their command center, expose the drones, and free the city. Whatever the cost." -- Provided by publisher.

"Sail the Pacific Islands in search of destiny and the demigod Maui in this retelling of Disney Moana. Moana is a spirited teenager who loves the ocean, yet she is forbidden to travel beyond the reef that surrounds her island home of Motunui. But she feels called to something more, and wants to discover who she was meant to be. When darkness begins to consume the island, and nature is out of balance, Moana knows the solution lies beyond the safety of the reef. Following the messages of her ancestors, and with encouragement from the ocean itself, Moana sails into the open sea to find the demigod Maui and right a wrong from his past. Together they face rough waters, monstrous creatures, and the unknown, in a mission to stop the darkness from spreading, and restore life to the islands! Become a master wayfinder in this action-packed story as Moana's love for the sea turns her into a hero among her people, the gods, and the ocean." -- Provided by publisher

"Considered by many historians to be the greatest American president, Abraham Lincoln led the Union at the greatest turning point in the nation's history. Abraham Lincoln: Defender of the Union! tells the story of one of America's most admired figures in graphic novel format. From his childhood on a farm in Kentucky to the battlefields of the Civil War, Abraham Lincoln served the United States with resolve, intelligence, and courage unlike that of any other president. Readers of all ages will be entertained and educated by the full-color illustrations and historically accurate narrative of this graphical biography." -- Provided by publisher.

"A fascinating and entertaining biography of Alexander Hamilton, in graphic novel format. Alexander Hamilton: The Fighting Founding Father!tells the story of one of the most ambitious and controversial figures in American history in a graphic novel format. From a rough childhood on the Caribbean island of Nevis to the highest levels of American politics, Alexander Hamilton's life was filled with adventure, conflict, and controversy. Full-color illustrations and an entertaining narrative make this graphical biography of America's first Secretary of the Treasury accessible for readers of all ages." -- Provided by publisher.

"Benjamin Franklin has been called one of the most accomplished and influential Americans in history, and his role in shaping the United States has had a lasting impact that is still felt today. Franklin's research into topics as varied as electricity, meteorology, demography, and oceanography were as wide-ranging and important as his travels, which took him across the globe as a diplomat." -- Provided by publisher.

IntroductionThe members of the Canadian Securities Administrators (the CSA or we) are publishing for comment proposed amendments to National Instrument 94-101 Mandatory Central Counterparty Clearing of Derivatives (National Instrument 94

Ethiopia possesses abundant water resources and hydropower potential, yet less than 5 percent of irrigable land in the Blue Nile basin has been developed for food production, and more than 80 percent of Ethiopians lack access to electricity. Consequently, the Ethiopian government is pursuing plans to develop hydropower and irrigation along the Blue Nile River in an effort to tap into this underused potential.

Tenable®, the exposure management company, today announced the availability of Tenable Enclave Security, a solution that supports the needs of customers operating in highly secure environments, such as those that are classified or otherwise air-gapped. Backed by Tenable Security Center, Tenable Enclave Security protects IT assets and modern workloads with risk assessment and contextual insight so organizations can identify exposures before they cause damage.

Federal agencies face unique security and compliance regulations when deploying cloud solutions, and Tenable Enclave Security is key to supporting public sector customers, as well as commercial organizations with strict data residency, security or privacy requirements. 

Built to support the strictest security requirements, including FedRAMP High and Impact Level 5, Tenable Enclave Security empowers agencies to know, expose and close IT and container exposures from a single, highly secure platform. This consolidated approach also eliminates tool sprawl, reduces costs and boosts efficiency for public sector organizations.

“As a leader in vulnerability management and cloud security and a longtime partner of governments all around the world, we’re perfectly positioned to tap into our expertise and deliver mission critical capabilities to assist government agencies as they transform their IT strategy and safely embrace modern workloads to speed innovation,” said Robert Huber, chief security officer and president, Tenable Public Sector, Tenable. “With Tenable Enclave Security, agencies are now able to gain a fuller understanding of their exposure and risk with the ability to continuously discover, assess and prioritize vulnerabilities across IT assets and container images, all from a single, highly secure framework.”

Tenable Enclave Security will immediately enable organizations to: 

• Meet cloud security and data residency restrictions: Tenable Enclave Security enables customers to meet stringent cloud security and data residency requirements, such as FedRAMP High or Impact Level 5. It can meet customers’ needs wherever they reside, with the ability to be deployed on-prem, in a virtual private cloud or commercial cloud.
• Secure containers before they hit production: As agencies modernize their infrastructure, containers create a more efficient manner to create applications and modernize existing ones. Tenable Enclave Security empowers organizations to quickly assess the risk in their container images, expose their vulnerabilities and understand the breadth of impact.
• Centralize security tools: Unlike siloed solutions with fragmented visibility, Tenable Enclave Security provides protection for IT assets and modern workloads from a single deployment architecture. 

For more information on Tenable Enclave Security, please visit: https://www.tenable.com/products/enclave-security 

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, the exposure management company, today announced that it has been ranked first for 2023 worldwide market share for device vulnerability management in the IDC Worldwide Device Vulnerability Management Market Shares (doc #US51417424, July 2024) report. This is the sixth consecutive year Tenable has been ranked first for market share.

According to the IDC market share report, Tenable is ranked first in global 2023 market share and revenue. Tenable credits its success to its strategic approach to risk management, which includes a suite of industry-leading exposure management solutions that expose and close security gaps, safeguarding business value, reputation and trust. The Tenable One Exposure Management Platform, the world’s only AI-powered exposure management platform, radically unifies security visibility, insight and action across the modern attack surface – IT, cloud, OT and IoT, web apps and identity systems.

According to the IDC market share report, “The top 3 device vulnerability management vendors remained the same in 2023 as previous years, with Tenable once again being the top vendor.”

The report highlighted Tenable’s use of generative AI, noting, “ExposureAI, available as part of the Tenable One platform, provides GenAI-based capabilities that include natural language search queries, attack path and asset exposure summaries, mitigation guidance suggestions, and a bot assistant to ask specific questions about attack path results.”

Tenable’s latest innovations in the vulnerability management market – Vulnerability Intelligence and Exposure Response – were also highlighted in the report, stating, “Vulnerability Intelligence provides dynamic vulnerability information collected from multiple data sources and vetted by Tenable researchers, while Exposure Response enables security teams to create campaigns based on risk posture trends so remediation progress can be monitored internally.”

The report also spotlighted the Tenable Assure Partner Program and MDR partnerships, noting, “Tenable has made more of a strategic effort to recruit managed security service providers (SPs) and improve the onboarding experience for them, as well as their customers. Managed detection and response (MDR) providers have been adding proactive exposure management because it helps shrink the customer attack surface, helping them provide better outcomes. Sophos and Coalfire are recently announced partners adding managed exposure management services to their MDR and pen testing services, respectively.”

“At Tenable, we build products for a cloud-first, platform centric world, meeting customers' evolving risk management needs,” said Shai Morag, chief product officer, Tenable. “We leverage cutting edge technology, innovating across our portfolio to help customers know, expose and close priority security gaps that put businesses at risk.” 

"The device vulnerability management market is characterized by a focus on broader exposure management, with a number of acquisitions to round out exposure management portfolios," said Michelle Abraham, senior research director, Security and Trust at IDC. "Vendors are advised to enhance their offerings with additional security signals and automated remediation workflows to stay competitive in this evolving landscape."

To read an excerpt of the IDC market share report, visit https://www.tenable.com/analyst-research/idc-worldwide-device-vulnerability-management-market-share-report-2023 

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, the exposure management company, today announced new data security posture management (DSPM) and artificial intelligence security posture management (AI-SPM) capabilities for Tenable Cloud Security, the actionable cloud security solution. By extending exposure management capabilities to cloud data and AI resources, Tenable Cloud Security reduces risk to two of the biggest emerging threats.

Today’s cloud environments are more complex than ever. The challenge of managing this complexity has led to preventable security gaps caused by misconfigurations, risky entitlements and vulnerabilities, leaving sensitive data and AI resources vulnerable. In fact, Tenable Research found that 38% of organizations are battling a toxic cloud trilogy – cloud workloads that are publicly exposed, critically vulnerable and highly privileged. 

Tenable Cloud Security exposes risk from across hybrid and multi-cloud environments, including vulnerabilities, misconfigurations and excess privilege, that affects data and AI resources. Integrating DSPM and AI-SPM into Tenable Cloud Security enables users to automatically discover, classify and analyze sensitive data risk with flexible, agentless scanning. With Tenable Cloud Security’s intuitive user interface, security leaders can easily answer tough questions – such as “What type of data do I have in the cloud and where is it located?,” “What AI resources are vulnerable and how do I remediate the issue?” and “Who has access to my sensitive cloud and AI data?”

“Data is constantly on the move and new uses for data in today’s AI-driven world have created new risks,” said Liat Hayun, vice president of product management for Tenable Cloud Security. “DSPM and AI-SPM capabilities from Tenable Cloud Security bring context into complex risk relationships, so teams can prioritize threats based on the data involved. This gives customers the confidence to unlock the full potential of their data without compromising security.”

“The importance of cloud data has made communicating data exposure risk one of the biggest security challenges for CISOs,” said Philip Bues, senior research manager, Cloud Security at IDC. “Tenable is at the forefront of this emerging DSPM-CNAPP conversation, enabling customers to contextualize and prioritize data risk and communicate it, which is pertinent to almost every domain in CNAPP.”

AI-SPM features enable customers to confidently forge ahead with AI adoption by enforcing AI and machine learning configuration best practices and securing training data. With the combined power of AI-SPM and Tenable Cloud Security’s market-leading cloud infrastructure entitlement management (CIEM) and Cloud Workload Protection (CWP) capabilities, customers can manage AI entitlements, reduce exposure risk of AI resources, and safeguard critical AI and machine learning training data to ensure data integrity. 

Available to all Tenable Cloud Security and Tenable One customers, these new features enable customers to:

• Gain complete visibility and understanding of cloud and AI data - Tenable Cloud Security continuously monitors multi-cloud environments to discover and classify data types, assign sensitivity levels and prioritize data risk findings in the context of the entire cloud attack surface. 
• Effectively prioritize and remediate cloud risk - Backed by vulnerability intelligence from Tenable Research, context-driven analytics provides security teams with prioritized and actionable remediation guidance to remediate the most threatening cloud exposures.
• Proactively identify cloud and AI data exposure - Unique identity and access insights enable security teams to reduce data exposure in multi-cloud environments and AI resources by monitoring how data is being accessed and used and detect anomalous activity. 

Join the upcoming Tenable webinar, “Know Your Exposure: Is Your Cloud Data Secure in the Age of AI?” on October 22, 2024 at 10 am BST and 11 am ET, by registering here. 

Read today’s blog post, “Harden your cloud security posture by protecting your cloud data and AI resources” here. 

With a Net Promoter Score of 73, Tenable Cloud Security helps customers around the world expose and close priority threats. More information about DSPM and AI-SPM capabilities available in Tenable Cloud Security is available at: https://www.tenable.com/announcements/dspm-ai-spm

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for approximately 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

In this groundbreaking book, authors Russell Friedman and John W. James show listeners how to move on from their unsuccessful past relationships and finally find the love of their lives. Demonstrating revolutionary ideas that have worked for thousands of their clients at the Grief Recovery Institute, Friedman and James give listeners the strategies they need to effectively mourn the loss of the relationship, while opening themselves up to love in the future. With compassionate guidance, Friedman and James help listeners to close a chapter of their romantic past so that they can be ready to begin again.

Western Jane Candia Coleman is a natural storyteller whose characters come from the lands between the southwestern valleys of Arizona and the Gila Mountains of New Mexico. The night Billy the Kid died is hauntingly depicted in Corrido for Billy. Lady Flo is a memoir, based on historical fact, of the black wife of an Irish nobleman. Moving On depicts a young girl abandoned by her family who finds her way with an itinerant Jewish peddler. And Are You Coming Back, Phin Montana? is the winner of the 1995 Spur Award for Best Western Short Fiction. Each story embodies the finest elements of Western fiction imitations of hope, vulnerability, and courage.

Mr. Docker, a new science teacher, is a crazy inventor who blows things up, uses potatoes for power, and has A.J. and his friends wondering whether science is for nerds or is the coolest subject ever

Valentines Day is just around the corner, and Mr. Louie, the hippie crossing guard, wants everyone to fall in love. So he puts a secret love potion in the water fountain. Will A.J. have to kiss Andrea?

Mr. Macky dresses up as Abraham Lincoln to get the students at Ella Mentry School excited about their Presidents' Day oral reports.

La National Gallery presenta «Van Gogh: Poetas y amantes» Con motivo de su 200 aniversario,...

Dear reader, The fact that Jacob Zuma is the twelfth president of ANC and Jacob had twelve sons makes me sigh because folks may lie but numbers dont. Besides, Jacobs successor was Joseph while Jacob Zumas brother is Joseph, now this offsets my axis. My reasons to conduct an audit on these signs of fate finds more evidencecould Jacobs life be the pieces of the puzzle of Jacob Zumas that weve been looking for? What you see right now is the answer. Dear Jacob is a radical connection between these two Jacobs: the grandson of Abraham and the honorable president of the Republic of South Africa, Mr. Jacob G. Zuma. This is billion miles ahead of inspiration, a healthy root of the political expertise and leadership evolution. But here I focus on presenting Jacob as Jacob Zuma, human yet divine, dejected, rejected, and despised, but chosen. In this letter, the worst and the best moments of Jacob are prognostic to the life of Jacob Zuma, but negativity is to me a myth because positivity is my path. The story that brings nemesis to the enemies of positive reception is found from Genesis 25:19 and beyond in the King James Bible. I have cared for the meanings on the wall because words can start a war. Not only will you see Jacob Zuma different after reading this book, but you should be able to predict the next events that might occur as the clock of life moves toward the beginning.

At the turn of the 20th century, Jewish families scattered by migration could stay in touch only through letters. Jews in the Russian Empire and America wrote business letters, romantic letters, and emotionally intense family letters. But for many Jews who were unaccustomed to communicating their public and private thoughts in writing, correspondence was a challenge. How could they make sure their spelling was correct and they were organizing their thoughts properly? A popular solution was to consult brivnshtelers, Yiddish-language books of model letters. Dear Mendl, Dear Reyzl translates selections from these model-letter books and includes essays and annotations that illuminate their role as guides to a past culture.

Ce document présente une analyse des chaînes de valeur agroalimentaires de manioc, de riz, de lait et de poisson le long du corridor économique entre les capitales provinciales de Bukavu (Sud-Kivu) et Kalemie (Tanganyika) situées dans la partie orientale de la République démocratique du Congo (RDC). Les principales données utilisées pour cette étude proviennent d’enquêtes menées en 2021 auprès d’environ 3000 acteurs conomiques familiaux, y compris des agriculteurs, des transformateurs et des intermédiaires, actifs dans une ou plusieurs des quatre filières ciblées.