AI & TechArtificial IntelligenceCybersecurityNewswireTechnology

Tenable One merges code risks with exposure data

▼ Summary

– Tenable One now unifies application security risks, including static code vulnerability data, with all other exposure data for code-to-runtime visibility.
– Vulnerable code reaches production faster than reviews can keep up, a problem worsened by generative AI enabling developers to ship code 3-4 times faster with 10x the flaw rate.
– Siloed application security tools lack contextual infrastructure intelligence, creating a major blind spot for determining real-world threats from code vulnerabilities.
– Tenable One ingests, normalizes, and connects data from AI security tools, Tenable telemetry, and other security sources to deliver a complete view of enterprise risk.
– The platform shifts organizations from reactive scanning to proactive risk prioritization by linking code risks to runtime systems, cloud workloads, and attack paths.

Tenable has broadened its Tenable One Exposure Management Platform to unify application security risks with all other exposure data. By incorporating static code vulnerability data, Tenable One now provides complete visibility from code to runtime across the entire attack surface.

For years, security teams have faced a persistent challenge: vulnerable code reaches production faster than they can review it. This issue has intensified with the rise of generative AI, which enables developers to ship code three to four times faster but potentially introduces flaws at a rate ten times higher.

Application security teams and developers often rely on isolated tools that lack the contextual infrastructure intelligence needed to determine whether a code vulnerability presents a genuine threat. This fragmented approach creates a significant, exploitable blind spot.

Tenable One ingests, analyzes, and normalizes data from relevant application development and security sources, including AI application security tools like Claude Security. The platform then connects all ingested exposure data by unifying Tenable telemetry with data from other security tools such as endpoint protection, cloud security, vulnerability management, and operational technology security. It also incorporates vital business context from repositories like configuration management databases. This integration is designed to deliver the most complete view of enterprise risk and accelerate remediation prioritization and action.

With this expansion, Tenable One shifts organizations from reactive application scanning to proactive risk prioritization. It connects code risks directly to the runtime systems, cloud workloads, identities, and attack paths they endanger.

“Bringing application security data into Tenable One, we’re giving our customers the context they’ve been missing,” said Eric Doerr, Chief Product Officer at Tenable.

“Security teams don’t need to wade through a sea of vulnerabilities. With Tenable One, security teams know exactly where they are exposed the moment an exposure is created , whether an agentic AI security tool discovers a new zero-day in an open-source library or a human error introduces risk. For the first time, security teams can see code flaws and prioritize remediation actions alongside all other forms of risk for more effective risk reduction,” Doerr concluded.

(Source: Help Net Security)

Topics

exposure management platform 95% code security problems 92% generative ai impact 88% siloed security solutions 85% contextual infrastructure intelligence 82% data ingestion and normalization 80% ai application security 78% unified telemetry 76% business context integration 74% proactive risk prioritization 72%