Tenable launches AI Exposure to boost enterprise AI security
Tenable has introduced Tenable AI Exposure, a new addition to its Tenable One platform, aimed at helping organisations manage risks associated with generative artificial intelligence tools such as ChatGPT Enterprise and Microsoft Copilot.
Tenable AI Exposure offers a suite of capabilities designed to provide visibility, management, and control over the security risks that stem from the use of enterprise AI platforms. The release aims to address the growing concerns among businesses as they rapidly adopt generative AI technologies to improve operational efficiency.
AI usage risks
As the adoption of generative AI becomes more widespread, businesses face challenges in tracking how employees use AI tools, understanding what sensitive data may be exposed, and assessing the potential for misuse by attackers. Tenable's new platform expansion is intended to give security teams a unified view and improved oversight into these risks across their organisations.
Steve Vintz, Co-Chief Executive Officer and Chief Financial Officer at Tenable, commented on the need for comprehensive solutions in this area.
Simply discovering shadow AI isn't enough. A true exposure management strategy requires an end-to-end solution that lets organisations discover their entire AI footprint, manage the associated risks, and govern its use according to their policies. That's exactly what we are delivering today. With Tenable AI Exposure, we're giving organisations the visibility and control they need to safely embrace the promise of generative AI without introducing unacceptable risk. This is a critical step in the evolution of exposure management.
Platform capabilities
Tenable AI Exposure is delivered as an agentless deployment, allowing companies to begin monitoring in a matter of minutes. The unified tool comprises three core elements: AI discovery, risk management and prioritisation, and governance of AI usage within enterprise IT environments.
The AI discovery feature consolidates intelligence from Tenable AI Aware, AI Security Posture Management (AI-SPM), and continuous monitoring functionalities. This enables organisations to identify sanctioned and unsanctioned AI applications in use, along with details on user interactions, data flows, and activity patterns that could increase their risk exposure.
Risk management and prioritisation uses AI-SPM to highlight and categorise threats. This includes monitoring for sensitive data leakage - such as personally identifiable information, payment card data, or protected health information - along with misconfigurations and unauthorised integrations with external tools. The prioritisation function helps companies focus on the exposures most likely to result in significant impact.
The governance element allows organisations to define and enforce policies around AI usage. Security teams can set guardrails to manage user behaviour and mitigate specific threats, including prompt injection attacks, jailbreak attempts, and the manipulation of generated outputs.
Integration and availability
By integrating Tenable AI Exposure into the Tenable One platform, customers are given a holistic view of risks across their attack surface, with combined visibility from both pre-existing and new AI-related tools offered by Tenable.
The inclusion of AI Aware, the AI-SPM function, and the new governance features is intended to aid organisations in addressing the security needs of their enterprise AI initiatives through a single dashboard, rather than relying on disparate security measures for separate components.
Currently, Tenable AI Exposure is accessible via a private preview programme available to select customers. The company expects that general availability of the solution will follow by the end of 2025.