The Tenable One Exposure Management Platform is already transforming how organizations practice preventive cybersecurity. Now, with the introduction of ExposureAI, users can unleash the full potential of generative artificial intelligence to stay one step ahead of attackers.
Today, we unveiled ExposureAI in the Tenable One Exposure Management Platform, giving you new generative AI capabilities that will boost your preventive cybersecurity by elevating your cyber expertise. ExposureAI will help you accelerate how you search, analyze and make decisions so you can stay ahead of attackers.
Generative AI tools will change the way cybersecurity teams operate at a time when you’re facing unprecedented pressure as cyber defenders:
- More than 117,000 hosts and 600 new domains are created every minute
- 230 million cloud misconfigurations on average need to be addressed each day
- More than 480 new CVEs on average are published each week
- More than 95 million Active Directory accounts are attacked each day
We believe the future of preventive security is Exposure Management, powered by AI.
Search, explain and drive action faster with ExposureAI
ExposureAI will provide new insights to make exposure management more accessible, turning all analysts into expert defenders. Delivering the best AI-based capabilities requires having the best data, and we have the largest repository of contextual exposure data in the world. Specifically, ExposureAI leverages 1 trillion unique exposures, assets and security findings encompassing:
- 60 billion exposure events
- 800 million different security configurations
- 1 billion assets
This massive data platform that fuels the ExposureAI engine is called the Tenable Exposure Graph, our Snowflake-powered data lake.
ExposureAI will enhance exposure management programs in three important ways over the coming weeks and months:
Search
Finding needles in a haystack is hard, and so is searching for specific exposure and asset data. It often requires figuring out what filters are available, understanding which assets and exposures are supported by those filters, and running through an iterative exercise to whittle down the data until you discover exactly what you need. More skilled users could also take advantage of APIs and scripts to automate some of those tasks. But either approach takes significant time and resources.
ExposureAI introduces new ways to discover the data you’re looking for. Now, you will simply be able to ask questions using natural language search queries to accelerate the search process. Need to know your exposure to Log4Shell? No need to toggle through nested filters to create the query. Just type in, “How many assets have log4j installed,” and ExposureAI using generative AI will translate the question into a SQL-like query in the background to pull the relevant data. Are you focused only on users with keys to the kingdom? Just modify your query accordingly: “How many assets with Domain Administrator access have log4j installed?”
Example of natural language search queries in Tenable One
Sample results from natural language search query
Explain
Understanding exposures in the proper context can also be challenging and time intensive. Many factors must be considered as part of the analysis, such as exposure details, asset or resource characteristics, user entitlements, external accessibility and attack path details. Let’s use attack path analysis to illustrate this point. Typical attack path analysis solutions provide comprehensive insight from the threat actor’s perspective pertaining to specific attacker entry points, asset targets and threats. This information is generally displayed in a visual format to easily show and toggle between all potential paths with asset and user relationships. To understand the full attack sequence, analysts need to click on each node for step-by-step details, which requires elevated expertise to interpret the results and is extremely time consuming.
Attack Path Analysis in Tenable One uses ExposureAI to help eliminate that manual analysis by incorporating generative AI to summarize the complete attack path in a written narrative. Each narrative describes the attacker's tactics, techniques and procedures (TTPs) from the initial entry point all the way to the asset target. ExposureAI translates the attack path visualization details for faster explanation and analysis so that users can quickly make judgments on each attack path. This enables security generalists who don’t have PhDs in attack path analysis to understand powerful attacker-centric context into different exposures and use those insights to take precise and effective action.
Example of how ExposureAI explains an attack path from entry point to critical asset
Action
Making decisions regarding what security issues to address first is an age-old challenge. As mentioned above, organizations are bombarded with vulnerability and misconfiguration overload. Prioritizing and taking action to remediate high-risk exposures often requires you to know exactly where to look. And given today’s highly dynamic threat landscape, it’s important that practitioners constantly stay updated as threats evolve.
ExposureAI will help security teams be much more proactive in addressing emerging cyber risks. By using generative AI to continuously analyze exposure and asset data, ExposureAI will surface high-risk exposure insights and recommend actions, such as addressing software vulnerabilities, cloud misconfigurations, web app flaws and identity weaknesses. That’ll help you stay ahead of emerging threats. Stay tuned for more about this use case in the coming months.
Join Us at Black Hat USA 2023!
If you’re attending Black Hat USA 2023, please stop by booth #1632 to see ExposureAI demos of Tenable One and attend talks with our subject matter experts about generative AI.
Stay tuned for more information in the coming weeks. We’ll be providing additional product details in upcoming Tenable webinars, Tenable Community posts and Tenable Product Education videos.