Tenable has expanded its Tenable One exposure management platform with the introduction of Tenable AI Exposure, a comprehensive solution aimed at securing enterprise use of generative AI. Announced at Black Hat USA 2025 on 12 August, the new capabilities go beyond AI discovery to address risk management and policy enforcement for platforms such as ChatGPT Enterprise and Microsoft Copilot.
Addressing the hidden risks of AI adoption
The rapid adoption of generative AI in businesses is creating a new layer of security concerns. While these tools can significantly improve productivity, they can also expose sensitive data and be exploited by attackers. Many security teams lack the visibility to monitor employee use, assess data exposure risks, or identify potential manipulation.
Tenable AI Exposure is designed to fill this gap by providing a unified solution that covers the full lifecycle of AI security challenges. According to the company, this includes the discovery of AI usage, assessment of associated risks, and enforcement of governance policies.
“Simply discovering shadow AI isn’t enough. A true exposure management strategy requires an end-to-end solution that lets organisations discover their entire AI footprint, manage the associated risks, and govern its use according to their policies. That’s exactly what we are delivering today,” said Steve Vintz, Co-CEO and CFO of Tenable. “With Tenable AI Exposure, we’re giving organisations the visibility and control they need to safely embrace the promise of generative AI without introducing unacceptable risk. This is a critical step in the evolution of exposure management.”
Comprehensive features for enterprise AI security
Tenable AI Exposure offers agentless deployment, enabling coverage within minutes. The solution brings together several capabilities, including comprehensive AI discovery, exposure management, and governance controls.
Its AI discovery function unifies insights from Tenable AI Aware, AI Security Posture Management (AI-SPM), and continuous monitoring. This allows organisations to identify both authorised and unauthorised AI use, map user interactions, track data flows, and detect potentially risky activities.
The exposure management component leverages AI-SPM to identify, prioritise, and address risks, including those from sensitive data leaks involving personally identifiable information (PII), payment card information (PCI), and protected health information (PHI). It also detects misconfigurations and insecure integrations with external tools.
Governance controls help organisations set and enforce security guardrails, preventing risky behaviours and countering emerging threats such as prompt injections, jailbreaks, and malicious output manipulation.
Unified risk visibility across the enterprise
By integrating Tenable AI Exposure into the broader Tenable One platform, organisations can view AI-related risks in the context of their entire attack surface. This unified perspective, combined with Tenable AI Aware and AI-SPM, offers customers an end-to-end approach to discovering, managing, and securing enterprise AI usage.
The company believes this advancement will enable businesses to confidently harness generative AI while keeping potential security risks in check.
