Tenable unveils AI Exposure tool for unified cyber risk

Tenable has announced general availability of Tenable One AI Exposure, an extension of its exposure management platform that covers AI protection, discovery and usage governance across enterprise environments.

The company said the release brings AI-related security risks into the same operational approach used for broader cyber exposure. Tenable positioned the product as a response to an "AI Exposure Gap" that it said many organisations struggle to see and manage.

Broader coverage

Tenable said the platform now unifies AI protection, discovery and usage governance across SaaS platforms, cloud services, APIs and agents. The company framed this as a single view of AI exposure across internal and external environments, including on-premises and cloud deployments.

Security teams often face gaps in visibility around where AI systems run and how staff use them. Tenable said many organisations cannot easily identify which data or processes AI systems touch. It also said teams often lack a clear view of ownership, access rights and user interaction patterns.

Tenable described this as a largely invisible attack surface that spans applications, infrastructure, identities, agents and data. It said the issue can create attack paths that security teams are not equipped to manage.

Discovery and context

Tenable said the product provides unified AI visibility. It said it continuously discovers sanctioned and shadow AI across internal, cloud and external environments. The company said coverage includes applications, workloads, APIs and agents.

The company also set out a contextualised exposure insight model. It said the platform correlates AI usage, infrastructure, identity and data. Tenable said this approach reduces noise and highlights potential AI attack paths. It also said it prioritises AI risk based on business impact.

Tenable also described governance and remediation functions. It said the product supports remediation of misconfigurations and closure of exposed services. The company also said it can enforce AI acceptable-use policies and limit data exposure. It said the platform generates audit-ready evidence for governance and compliance.

Operational model

Exposure management has grown as a security category that aims to tie together vulnerability data, asset inventories and misconfiguration findings. Vendors in the segment have also placed more emphasis on prioritisation and workflow integration across security and IT teams.

Tenable said the AI extension aligns with that approach by adding discovery and governance for AI systems and AI usage patterns alongside other attack surface data.

"Tenable One brings AI exposure out of silos and into a unified operational model for cyber risk where it can be seen, understood and reduced," said Eric Doerr, Chief Product Officer, Tenable. "By connecting the dots between AI risk and the larger business risk, Tenable delivers the visibility and context security leaders need for informed proactive defense."

Gartner mentions

Tenable referenced Gartner research on AI-powered exposure assessment. It also pointed to Gartner's Magic Quadrant work on exposure assessment platforms.

The company said it was named a Leader in Gartner's first Magic Quadrant for Exposure Assessment Platforms. Tenable also said Gartner named it "the company to beat for AI-Powered Exposure Assessment" in a separate report.

Tenable One AI Exposure now sits within the wider Tenable One Exposure Management Platform. Tenable said it will continue to expand how it correlates AI applications, infrastructure, identity, agents and data in order to pinpoint exposure and prioritise remediation work.