Tenable unveils AI Exposure to manage enterprise generative AI risk
Tenable has announced the launch of Tenable AI Exposure, an expansion of its Tenable One platform, designed to enhance visibility and control over generative AI tools such as ChatGPT Enterprise and Microsoft Copilot within enterprise environments.
The introduction of generative AI platforms in various business operations has led to concerns about potential security risks, as organisations often lack the means to monitor and manage how these technologies are used and what data they may expose. Tenable's latest offering aims to address these challenges by providing a comprehensive suite of features intended to manage AI-related risk throughout the enterprise.
Enterprise AI risks
The increased adoption of generative AI technologies has introduced a complex layer of risk that is not always apparent to security teams. A significant issue is the so-called 'invisible' attack surface associated with the proliferation of multiple AI tools, with organisations struggling to track which platforms are in use and how sensitive data is being handled within these systems.
Tenable AI Exposure is presented as a solution to this issue, integrating into the existing Tenable One platform to offer an end-to-end approach. The platform is designed for agentless deployment, enabling rapid implementation and coverage across enterprise networks.
"Simply discovering shadow AI isn't enough. A true exposure management strategy requires an end-to-end solution that lets organisations discover their entire AI footprint, manage the associated risks, and govern its use according to their policies. That's exactly what we are delivering today," said Steve Vintz, Co-CEO and CFO, Tenable. "With Tenable AI Exposure, we're giving organisations the visibility and control they need to safely embrace the promise of generative AI without introducing unacceptable risk. This is a critical step in the evolution of exposure management."
Key features
The platform offers several core capabilities targeting the management and mitigation of AI-related risks.
Comprehensive AI Discovery: Tenable AI Exposure brings together insights from Tenable AI Aware, including scanning from AI Security Posture Management (AI-SPM) and continuous monitoring tools. This facilitates the discovery and identification of both authorised and unauthorised AI usage within an organisation, providing analysis of user interactions, data flows, and any risky activities.
AI Exposure Management and Prioritisation: By leveraging AI-SPM, the platform helps organisations to detect, prioritise, and manage the risks associated with AI, such as potential sensitive data leakage involving personally identifiable information (PII), payment card information (PCI), protected health information (PHI), misconfigurations, and unsafe integrations with external applications.
Governance and Control of AI Usage: Tenable AI Exposure supports enforcement of organisational policies and security protocols concerning AI tool usage. This functionality is designed to prevent risky behaviours and counter emerging threats such as prompt injections, jailbreak attempts, and malicious manipulations of AI outputs.
Integration and availability
The new offering will be integrated within the Tenable One platform, supplying customers with a unified perspective on cyber risk across their complete digital environment. The company points to the combination of Tenable AI Aware, AI-SPM, and governance functions as enabling a comprehensive capability to discover, manage, and secure enterprise AI deployments.
Tenable AI Exposure is initially available through a private customer preview programme, with broader general availability set for later in 2025.
