Tenable Announces Acquisition Plan of Apex Security for Expanded Exposure Management
Generative AI Tools and Autonomous Systems Are Rapidly Expanding the Attack Surface and Introducing New Risks
Tenable® Holdings, Inc., the exposure management company, has announced its intent to acquire Apex Security, Inc., an innovator in securing the rapidly expanding Artificial Intelligence (AI) attack surface. Tenable believes the acquisition, once completed, will strengthen Tenable’s ability to help organisations identify and reduce cyber risk in a world increasingly shaped by AI.
Generative AI tools and autonomous systems are rapidly expanding the attack surface and introducing new risks—from shadow AI apps and AI-generated code to synthetic identities and ungoverned cloud services. In 2024, Tenable launched Tenable AI Aware which already helps thousands of organisations detect and assess AI usage across their environments. Adding Apex capabilities will expand on that foundation—adding the ability to govern usage, enforce policy, and control exposure across both the AI that organisations use and the AI they build. This move reinforces Tenable’s long-standing strategy of delivering scalable, unified exposure management as AI adoption accelerates.
“AI dramatically expands the attack surface, introducing dynamic, fast-moving risks most organisations aren’t prepared for,” said Steve Vintz, Co-CEO and CFO at Tenable. “Tenable’s strategy has always been to stay ahead of attack surface expansion—not just managing exposures, but eliminating them before they can be exploited.”
“As organisations move quickly to adopt AI, many recognise that now is the moment to get ahead of the risk—before large-scale attacks materialise,” said Mark Thurmond, Co-CEO, Tenable. “Apex delivers the visibility, context, and control security teams need to reduce AI-generated exposure proactively. It will be a powerful addition to the Tenable One platform and a perfect fit for our preemptive approach to cybersecurity.”
Founded in 2023, Apex attracted early interest from CISOs and top investors, including Sam Altman (OpenAI), Clem Delangue (Hugging Face), and venture capital firms Sequoia Capital and Index Ventures. The company quickly emerged as an innovator in securing the use of AI by developers and everyday employees alike—addressing the growing need to manage usage, enforce policy, and ensure compliance at scale.
“The AI attack surface is deeply intertwined with everything else organisations are already securing. Treating it as part of exposure management is the most strategic approach. We’re excited to join forces with Tenable to help customers manage AI risk in context—not as a silo, but as part of their broader environment,” said Matan Derman, CEO and Co-Founder of Apex Security.
Following the acquisition close, Tenable expects to deliver integrated capabilities in the second half of 2025 as part of Tenable One—the industry’s first and most comprehensive exposure management platform. The financial terms of the deal were not disclosed. The deal is expected to close later this quarter.
