SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
Security operations center ai agent routing alerts cloud identity industrial ops
#
Digital Transformation
#
Cloud Security
#
IoT Security

Tenable launches Hexa AI to automate cyber workflows

Tue, 24th Mar 2026
Author image
By Joseph Gabriel Lagonsin, News Editor

Tenable has launched Tenable Hexa AI, an agentic artificial intelligence engine within its Tenable One exposure management platform.

The product is designed to automate security workflows as cyber teams contend with a growing mix of human, software and AI-driven activity.

The new engine is intended to help security teams coordinate actions across fragmented tools and workflows, a challenge that has intensified as AI-driven attacks rise and organisations add more automated systems to their security operations.

Tenable Hexa AI sits within the Tenable One platform and uses the company's Exposure Data Fabric, which brings together contextual data on vulnerabilities, identities, assets, configurations and AI systems. That context allows the system to assess which issues matter most, check the current state of an environment and organise the steps needed to reduce exposure.

The launch comes as cyber security vendors increasingly position AI systems not just as analytical assistants, but as tools that can manage sequences of tasks across different parts of a customer's technology estate. For companies, the appeal is reducing the manual work involved in moving from detection to remediation across IT, cloud, operational technology, identity and AI environments.

Coordination focus

Tenable framed the problem as one of coordination rather than visibility alone, arguing that security teams are struggling to keep pace as the attack surface expands while workflows remain split across multiple tools and operating models.

According to the company, the engine acts as an orchestration layer that can coordinate and execute multi-step workflows using contextual logs held within its data platform. It supports both pre-built agents for repeatable tasks and custom agents that organisations can adapt to their own environments, while keeping humans involved in oversight.

The out-of-the-box agents highlighted by Tenable include asset management, visual reporting and operational health checks. These tasks are intended to reduce administrative work and allow staff to spend more time investigating and fixing exposures.

Eric Doerr, Chief Product Officer at Tenable, said the shrinking interval between the discovery of a security issue and its exploitation has increased the need for automation.

"There has never been a greater need to have an agentic system preemptively fixing issues before they are exploited. As AI-based attacks accelerate, the window from discovery to exploitation has effectively vanished," Doerr said.

"Tenable Hexa AI marries an agentic orchestration engine to the powerful contextual exposure data fabric of Tenable One, automating complex tasks and orchestrating fixes across the enterprise, neutralising exposures before they're exploited."

Customer example

Tenable also cited early customer use in routine operational processes, pointing to potential time savings in tasks that are often repetitive and labour-intensive.

"Tenable Hexa AI has fundamentally shifted how we deploy our security resources, powering and scaling efficiency across workflows," said Tarek Houni, Head of Exposure Management at a French-based international manufacturing company.

"Reclaiming two days a month on a single process like asset tagging is a massive win for our team. That is two days our team no longer spends on tedious upkeep and can instead redirect entirely toward investigating exposures, closing critical gaps, and actively reducing our organisational risk," Houni said.

The product enters a market where cyber security suppliers are racing to embed generative and agent-based AI into their platforms. The promise is not only faster detection of threats and weaknesses, but also a way to streamline the actions that follow, such as validating assets, updating configurations, assigning remediation work and tracking whether fixes have been completed.

For Tenable, the release also reflects a broader strategic shift in security software towards exposure management, a category that aims to give companies a consolidated view of weaknesses across different systems and prioritise them by likely business risk. In practice, that means linking information from areas that have often been managed separately, including cloud infrastructure, identity systems, endpoints, industrial settings and now AI deployments.

In this part of the market, differentiation is increasingly less about identifying vulnerabilities and more about helping customers act on them efficiently. By introducing an orchestration engine that can use both standard and customised agents, Tenable is seeking to position its platform more firmly in that operational layer.

The system is intended to support human-in-the-loop practices, a point likely to matter for security teams wary of giving autonomous tools too much freedom in sensitive environments. Organisations can set guardrails around custom agents while still using automation to reduce repetitive work.

Tenable serves more than 40,000 customers globally, and the latest addition is intended to help those organisations move from reactive incident handling towards a more continuous approach to reducing cyber exposure.

Related stories
Automotive microcontroller market set to hit USD $15.1bn
Vodafone & Google Cloud launch AI & security tools
BlackBox Hosting partners Everpure for sovereign cloud
Locai Labs deploys AI coding assistant at First Light Fusion
Infosecurity Europe adds AI summit amid cyber defence shift

Top stories

AI tools widen cyber attack threat, Flashpoint warns
AI flaws & supply-chain risks top new pentesting report
Exclusive: Google Cloud on the road to autonomous SecOps
Zapier expands AI governance controls for enterprise users
Avatier launches offline card after Stryker cyberattack