Tenable has become the latest cybersecurity company to add a generative AI module to its products.
At this week’s Black Hat conference in Las Vegas, the company announced the launch of ExposureAI, a chatbot within its Tenable One Exposure Management Platform. The data repository of ExposureAI is held in a scalable data lake from a cloud provider called Snowflake.
Tenable customers’ telemetry data is held in that data lake, but in encrypted form with a unique key. Data is not shared with other customers. But Tenable says that, for queries, it does hold data representing more than 1 trillion unique exposures, IT assets, and security findings such as vulnerabilities, misconfigurations, and identities across IT, public cloud, and OT (operational technology) environments.
The company says ExposureAi allows infosec staff to
- ask questions using natural language search queries to analyze assets and exposures across their environments, understand relevant contextual information, and prioritize remediation efforts. For example, the company said, the system could be asked, “How many assets in our environment have log4j installed?” and ExposureAI can translate the question into a SQL-like query in the background to pull the relevant data;
- get specific mitigation guidance providing security teams with clear visibility and succinct analysis of complex attack paths, specific assets, or security findings. For example, an attack path analysis in ExposureAI could describe the attacker’s tactics, techniques and procedures (TTPs) from the initial entry point all the way to the asset target;
Example of how ExposureAI explains an attack path from entry point to critical asset. Tenable graphic - get actionable insights and recommended actions based on the highest impact exposures, empowering security teams to proactively address risks and reduce their organization’s overall exposure.
Asked how the company ensures query returns from ExposureAI aren’t nonsense, Tenable said in an email that it “invests time and resources to ensure the fidelity of data via sensor types and feedback loops.”
The company wasn’t clear when ExposureAi will be available to customers after being put on display at Black Hat. “It will be rolled out over time” to all Tenable One enterprise customers, the company said in an email.
“AI is a part of our DNA,” Glen Pendley, Tenable’s chief technology officer, said in a statement. “Now we’re using generative AI to put more power than ever in the hands of security teams to inform their exposure management programs and root out cyber risk wherever it exists.”
In some ways, ExposureAI is similar to Microsoft Security Co-Pilot, announced in March. Powered by ChatGPT4, it also allows analysts to ask natural language questions.
DARPA AI Cyber Challenge
Also at Black Hat, the U.S. government’s Defence Advanced Projects Research Agency (DARPA) announced the AI Cyber Challenge (AIxCC), a two-year competition urging developers to create a new generation of AI-based cybersecurity tools.
AIxCC will have a Funded Track and an Open Track. Funded Track competitors will be selected from proposals submitted to a Small Business Innovation Research solicitation. Up to seven small businesses will receive funding to participate. Open Track competitors will register with DARPA via the competition website, but don’t get DARPA funding.
Teams on all tracks will participate in a qualifying event during the semifinal phase, where the top scoring teams (up to 20) will be invited to participate in the semifinal competition. Of these, the top scoring teams (up to five) will receive monetary prizes and continue to the final phase and competition. The top three scoring competitors in the final competition will receive additional monetary prizes.
AIxCC competitions will be held at DEF CON, with additional events at Black Hat USA 2025.
The Open Source Security Foundation (OpenSSF), a project of the Linux Foundation, will serve as a challenge advisor to guide teams in creating AI systems capable of addressing vital cybersecurity issues, such as the security of our critical infrastructure and software supply chains.
