Tenable has partnered with Anthropic and launched Tenable Hexa AI, expanding its use of artificial intelligence in exposure management.
The partnership will bring Anthropic's Claude models into workflows across the Tenable One Exposure Management Platform, including new functions in Hexa AI. Tenable plans to use the technology for prioritisation, remediation orchestration and exposure analysis.
Hexa AI is now generally available to Tenable One Foundation and Tenable One Advanced customers. It is designed to automate security workflows and link vulnerability discovery with remediation across a company's attack surface.
The announcement comes as security vendors respond to a growing volume of detected exposures and a shrinking window between the discovery of a weakness and its potential exploitation. Tenable said newer large language models are helping uncover previously unknown vulnerabilities at a pace manual security processes struggle to match.
According to the company, Hexa AI draws on the Tenable Exposure Data Fabric, which combines telemetry from Tenable products, third-party data and research insights. That data is then used to rank exposures and support remediation through automated workflows.
Mark Thurmond, Co-CEO of Tenable, said the company had formed a close working relationship with Anthropic as the cyber security market adjusts to AI-driven changes in both attack and defence.
"The volume of exposures is increasing, the time between discovery and exploit is shrinking, and security teams need a fundamentally different approach. That's why Tenable has developed a deep working relationship with Anthropic," Thurmond said.
"With Claude-fuelled innovations we are accelerating R&D and our exposure management roadmap, while rapidly advancing solutions like Tenable Hexa AI so customers can strengthen their pre-emptive security programs, powered by agentic workflows," he said.
Anthropic said the partnership reflects a broader shift in how organisations are using AI in security operations. Claude models are being adopted by software vendors seeking to automate analysis and response work that has traditionally required human review across multiple tools.
"As AI reshapes cybersecurity, organisations need to integrate AI into their security operations," said Jason Clinton, Deputy CISO at Anthropic.
"We're excited to work with Tenable to apply Claude's capabilities to help customers better understand risk, prioritise action, and respond faster," he said.
Product details
Hexa AI includes multi-step reasoning, support for the Model Context Protocol and the option for customers to build custom agents and workflows. Tenable said the system can carry out end-to-end tasks from discovery to remediation without requiring security staff to manually move context between tools.
The company said automated remediation workflows can create and route tickets, generate custom policies and produce audit-ready reports. Users can also query their environments through identity attributes such as service accounts, privileged users and Active Directory groups to identify exposure paths that may not appear in traditional asset inventories.
The product also includes guided assistance for more complex Active Directory sensor configurations. Tenable said Hexa AI acts as an orchestration layer that connects to existing security and IT tools, allowing organisations to use Tenable's own agents or deploy custom ones.
Eric Doerr, Chief Product Officer at Tenable, said the company had focused on controls and oversight for autonomous systems.
"AI Agents operating without the right guardrails and harness can be unpredictable, brittle, or unsafe in real-world enterprise environments," Doerr said.
"This is where Tenable Hexa AI shines. It's an agentic force; a multi-domain, enterprise-ready AI engine built for end-to-end trust - one that wraps powerful models in the structure, controls and oversight they need to act reliably and safely at scale. It doesn't just suggest the next step; it orchestrates the entire workflow to neutralize risk before it can be exploited, with the guardrails that make that autonomy something enterprises can actually trust," he said.
Tenable said the system operates within what it describes as a complete agentic harness, designed to give security teams visibility, guardrails and auditability when automating exposure management tasks. The company is positioning the launch as part of a broader shift from identifying vulnerabilities to coordinating and executing remediation through AI-driven processes.