Network security company Tenable Inc. today announced the launch of ExposureAI, a new layer of generative artificial intelligence capabilities across its portfolio of cybersecurity exposure management tools designed to aid customers in proactively defending themselves from cyberattackers.

To fuel ExposureAI, Tenable also introduced Exposure Graph, a Snowflake-powered data lake that maintains a large database of information on exposures, vulnerabilities, misconfigurations and identities. It represents more than 1 trillion unique security findings representing more than 1 trillion data points across information technology assets and security domains, in the public cloud and other environments.

The new generative AI capabilities are being added to Tenable One, the company’s exposure management platform, which provides professionals actionable insights into their network security posture. Generative AI is the same technology behind chatbots such as OpenAI LP’s ChatGPT, which is capable of understanding and replying in conversational speech using knowledge it has access to — for example from the new Exposure Graph.

In an interview with SiliconANGLE, Glen Pendley, chief technology officer of Tenable, explained that although the company has been working with machine learning and AI for a very long time for cybersecurity, the recent advances in generative AI have opened up a whole new way to help its customers understand exposure and vulnerabilities.

“One of the big, big things is you can leverage a generative AI to drive better explainability,” Pendley said. “There’s not enough security professionals in the world to begin with, and many of them don’t have tons of experience what they’re doing. So how can you lower the bar, and drive more insight into data that they have available, so they can make better informed decisions.”

For example, Tenable One provides an attack path application that sits atop all the data provided by the Exposure Graph and offers a broad, bird’s-eye view to predict how an attacker might penetrate a network from the edge and then “path” through it in order to reach sensitive data. The path system itself doesn’t know exactly what vulnerabilities might be attacked along the way, it’s datapoints just have a list of exposures and vulnerabilities and a network graph that can be displayed to the professional so that they can form their own conclusion.

The problem is that each exposure and vulnerability in the attack path comes with a very generic explanation that was written months before that may not have a lot of context for the customer. As a result, it might not make immediate sense to them to understand which vulnerabilities they should approach first.

“One of the things that we’re doing is when we identify an attack path end to end, all of the stuff associated with it, the vulnerabilities how its configured, who’s using the machine, how it can move laterally, we’re using gen AI to basically summarize that particular attack path,” Pendley said. From there the security professionals have a much clearer idea of what needs to be fixed and have a fuller explanation of how to break the chain and what their exposure risk is.

Tenable is using technology for security teams to search the Exposure Graph by allowing the generative AI to produce queries for them using natural language. Instead of having to go through numerous forms or drop-downs or write their own, they can just write conversational questions about their environment and the generative AI does the work for them.

For example, users could ask, “Where am I most at risk today?” From there the AI would be able to provide a presentable explanation in conversational language, along with actionable insights that could be acted upon including an explanation of the vulnerable systems and potential remediation efforts.

Pendley mentioned how many of the different cybersecurity products on the market today provide a terrible user experience. They’re a mishmash of dashboards, pie charts and graphs that serve very little value and expect the end user – often a security professional – to piece together the data that’s displayed into some sort of insight.

“You want to lower the bar for people to get value out of reading this stuff, but even using the product,” said Pendley. “So instead of saying, ‘You need to learn how to do it,’ you should be able to just have a normal conversation with the application.”

Image: Pixabay