Tenable acquires Apex Security to strengthen AI attack surface management and proactive cyber risk control

Tenable to Acquire Apex Security, Strengthening AI Risk Management

Tenable has announced plans to acquire Apex Security, aiming to enhance its exposure management capabilities focused on the artificial intelligence (AI) attack surface. This move comes as organisations increasingly adopt AI technologies, which introduce new cyber risks that require advanced management tools.

Tenable’s integration of Apex Security’s technology will expand its exposure management platform beyond simply detecting and assessing AI usage. It will enable organisations to govern AI applications, enforce policies, and control exposure risks related to both commercial and custom-built AI systems.

Addressing New Risks in AI Adoption

The rise of generative AI and autonomous systems has broadened the cyberattack surface. Organisations now face challenges like shadow AI apps, AI-generated code vulnerabilities, synthetic identities, and unmanaged cloud services. Tenable’s expanded offering responds to these challenges by adapting cyber risk management to the pace of AI-driven digital transformation.

Steve Vintz, Tenable’s Co-CEO and CFO, emphasized the need for proactive risk management, stating, “AI dramatically expands the attack surface, introducing dynamic, fast-moving risks most organisations aren't prepared for. Tenable's strategy is to stay ahead of attack surface expansion — not just managing exposures, but eliminating them before they can be exploited.”

Proactive AI Risk Control

Mark Thurmond, Co-CEO at Tenable, highlighted the importance of early action: “As organisations adopt AI quickly, many realise now is the time to get ahead of the risk before large-scale attacks occur. Apex provides the visibility, context, and control security teams need to reduce AI-generated exposure proactively. It’s a powerful addition to Tenable One and aligns perfectly with our forward-looking cybersecurity approach.”

Apex Security’s Role and Support

Founded in 2023, Apex Security has won support from CISOs and influential investors, including Sam Altman of OpenAI and Clem Delangue of Hugging Face, along with Sequoia Capital and Index Ventures. The company focuses on securing AI use among developers and staff, addressing policy enforcement, usage management, and compliance challenges linked to AI adoption.

Matan Derman, CEO and Co-Founder of Apex Security, remarked on the acquisition’s strategic fit: “The AI attack surface is deeply intertwined with existing security concerns. Treating it as part of exposure management is the most strategic approach. We’re excited to join Tenable to help customers manage AI risk holistically — not as a silo but within their broader security environment.”

What’s Next for Tenable and Apex Security?

Once the acquisition closes, expected later this quarter pending approvals, Tenable plans to integrate Apex’s capabilities into the Tenable One platform by the second half of 2025. Tenable One is an exposure management platform that offers visibility, context, and management across various attack surfaces, including IT infrastructure and cloud environments.

The financial details of the deal have not been disclosed.

Further Learning

For managers interested in strengthening AI risk control and cybersecurity strategies, exploring specialized AI security courses can provide valuable insights. Check out Complete AI Training’s latest AI courses for practical guidance on managing AI risks effectively.