Tenable Expands Generative AI Capabilities for Faster Attack Path Analysis and Mitigation Guidance

Tenable®, the Exposure Management company, today announced innovative enhancements to ExposureAI, the generative AI capabilities and services within its Tenable One Exposure Management Platform. The new features enable customers to quickly summarize relevant attack paths, ask questions of an AI assistant and receive specific mitigation guidance to act on intelligence and reduce risk. The platform’s generative AI-powered search and chat applications are fueled by Google Cloud – including Gemini models in Vertex AI.

Organizations face a high volume of exposures and more complicated threat actor tactics, techniques and procedures (TTP's) across the modern attack surface today. They are also facing a global cyber workforce shortage of 5.5 million trained professionals, according to the most recent data from ISC2¹. Even the most seasoned security experts struggle to sort through, understand and prioritize complex attack paths. 

As a result, 44% of IT and cyber leaders say they are either very confident or extremely confident that they can leverage generative AI to improve their organization’s cybersecurity strategy². Tenable Attack Path Analysis, part of the Tenable One platform, leverages generative AI-based capabilities to help organizations enhance their preventive security. This includes explainability functionality that provides specific mitigation guidance with clear visibility and succinct analysis of complex attack paths, specific assets or security findings. 

These new AI capabilities enable virtually anyone in the security team to digest and take action on the most complex attack paths across various exposures to stay steps ahead of attackers. Added functionality includes:

• Attack Path Summary: Security practitioners can view a summary generated for each attack path in a single pane of glass that provides comprehensive descriptions of the entire attack path and gives direction on how an attacker can leverage a live attack path within the environment.

• AI Assistant: Users can ask Tenable’s AI assistant specific questions about the summarized attack path, as well as each node along the attack path. Questions like: What can you tell me about this asset? How many domain admins have access to this asset? Which patch can I apply to mitigate the vulnerability in this attack path?What is the number of attack paths this patch mitigates?

• Mitigation Guidance: This feature automatically provides specific mitigation guidance for each attack path. Security and IT practitioners no longer need to spend time sifting through options to determine which patch or version number to apply, or which user group has unauthorized access. 

[Watch the Tenable ExposureAI APA demo here: https://youtu.be/olNpjnw2vDQ] 

“When cyber teams examine the risk to their infrastructure and data, often the biggest challenge is deciphering the immediate course of action,” said Glen Pendley, Chief Technology Officer, Tenable. “ExposureAI, with Google Cloud, takes the guesswork out of the process and saves invaluable time in recommending the exact path to remediation.”

“Generative AI is a game changer for cyber defenders; helping them to better protect their organizations against increasingly sophisticated and relentless threats,” said Eric Doerr, Vice President of Security Engineering at Google Cloud. “Integrating our security-specific gen AI models into partner solutions, such as in Tenable’s Exposure Management platform, will further empower defenders to address pressing security challenges and mitigate disruptive cyber risks.”

Tenable One combines vulnerability management, cloud security, OT security, external attack surface management (EASM), identity security, web application, and API scanning data to discover weaknesses before attackers can exploit them. It continuously monitors environments delivering the broadest exposure management coverage available. For more information or to register for a product demo, please visit: https://www.tenable.com/products/tenable-one 

Read today’s blog post titled: Introducing Tenable AI Assistant: Your Generative AI Analyst to Achieve Proactive Security

About Tenable

Tenable® is the Exposure Management company. 전 세계 약 43,000개의 조직이 Tenable을 사용하여 사이버 위험을 이해하고 낮추고 있습니다.Nessus®의 개발사인 Tenable은 취약성에 대한 전문성을 확장하여 모든 컴퓨팅 플랫폼에서 디지털 자산을 확인하고 보호할 수 있는 세계 최초의 플랫폼을 제공했습니다.Fortune 500 기업의 약 60%, Global 2000 기업의 약 40% 및 대규모 정부 기관이 Tenable의 고객입니다.Learn more at tenable.com.

_____________________

¹ 2023 ISC2 Cybersecurity Workforce Study https://www.isc2.org/Insights/2023/10/ISC2-Reveals-Workforce-Growth-But-Record-Breaking-Gap-4-Million-Cybersecurity-Professionals 

² Based on 761 respondents in a commissioned study conducted by Forrester Consulting on behalf of Tenable, October 2023