Tenable Integrates AI into VPR for Precise, Real-Time Risk Detection
Tenable has upgraded its Vulnerability Priority Rating (VPR) system by incorporating generative artificial intelligence. This enhancement delivers sharper, real-time risk identification to help security teams focus on vulnerabilities that truly threaten business operations. The update addresses common challenges in vulnerability management by offering contextual threat intelligence and prioritisation tailored to current attack patterns.
Sharper Risk Focus
Since its launch in 2019, Tenable's VPR has helped reduce noise by highlighting the most critical vulnerabilities, unlike the broader Common Vulnerability Scoring System (CVSS), which rates around 60% of vulnerabilities as high or critical. The original VPR cut that down to 3%. Now, with AI-driven enhancements, only about 1.6% of vulnerabilities are flagged as posing real business risk, using real-time data and improved analytics.
Jorge Orchilles, Senior Director of Readiness and Proactive Security at Verizon, explains the impact: "Our biggest problem was noise. We had thousands of vulnerabilities, and no clear way to know which ones posed a genuine threat. Tenable VPR changed that by showing us what attackers are actually exploiting right now. It lets us focus our resources on the handful of issues that truly matter, which has made a real, measurable difference in how quickly we can get critical patches out."
AI-Driven Insights and Explainability
The updated VPR uses generative AI to produce clear threat summaries and actionable remediation advice. These AI-powered insights help teams quickly understand why a vulnerability matters, how it’s being exploited, and what immediate steps to take. This clarity supports faster patching and more strategic resource allocation.
Eric Doerr, Chief Product Officer at Tenable, sums up the value: "Tenable VPR brings precision and depth to threat intelligence, context, and explainability in cyber operations. With these insights, organisations can clearly see why an exposure matters, where vulnerabilities lie, and how to close priority risks."
Industry and Regional Context
The enhanced VPR also factors in industry and regional threat context, allowing teams to filter and prioritise vulnerabilities based on their specific environment. This targeted approach ensures security efforts focus on exposures most relevant to the organisation’s sector and geography, improving alignment between cybersecurity and business objectives.
By providing precise, context-rich data, Tenable aims to shorten mean-time-to-remediation and help teams deploy security resources where they have the greatest impact. The latest VPR update builds on its reputation for reducing noise and prioritising threats, now with AI-driven explainability and customised risk metrics to speed up responses to emerging threats.
Your membership also unlocks:
