Tenable Holdings, Inc., the exposure management company,
today announced its intent to acquire Apex Security, Inc., an innovator in securing the rapidly
expanding AI attack surface. Tenable believes the acquisition, once completed, will strengthen
Tenable’s ability to help organizations identify and reduce cyber risk in a world increasingly
shaped by artificial intelligence.
Generative AI tools and autonomous systems are rapidly expanding the attack surface and
introducing new risks — from shadow AI apps and AI-generated code to synthetic identities and
ungoverned cloud services. In 2024, Tenable launched Tenable AI Aware which already helps
thousands of organizations detect and assess AI usage across their environments. Adding Apex
capabilities will expand on that foundation — adding the ability to govern usage, enforce policy,
and control exposure across both the AI that organizations use and the AI they build. This move
reinforces Tenable’s long-standing strategy of delivering scalable, unified exposure
management as AI adoption accelerates.
“AI dramatically expands the attack surface, introducing dynamic, fast-moving risks most
organizations aren’t prepared for,” said Steve Vintz, Co-CEO and CFO, Tenable. “Tenable’s
strategy has always been to stay ahead of attack surface expansion — not just managing
exposures, but eliminating them before they can be exploited.”
“As organizations move quickly to adopt AI, many recognize that now is the moment to get
ahead of the risk — before large-scale attacks materialize,” said Mark Thurmond, Co-CEO,
Tenable. “Apex delivers the visibility, context, and control security teams need to reduce AI-
generated exposure proactively. It will be a powerful addition to the Tenable One platform and a
perfect fit for our preemptive approach to cybersecurity.”
Founded in 2023, Apex attracted early interest from CISOs and top investors, including Sam
Altman (OpenAI), Clem Delangue (Hugging Face), and venture capital firms Sequoia Capital
and Index Ventures. The company quickly emerged as an innovator in securing the use of AI by
developers and everyday employees alike — addressing the growing need to manage usage,
enforce policy, and ensure compliance at scale.
“The AI attack surface is deeply intertwined with everything else organizations are already
securing. Treating it as part of exposure management is the most strategic approach. We’re
excited to join forces with Tenable to help customers manage AI risk in context — not as a silo,
but as part of their broader environment,” said Matan Derman, CEO and Co-Founder of Apex
Security.
Following the acquisition close, Tenable expects to deliver integrated capabilities in the second
half of 2025 as part of Tenable One — the industry’s first and most comprehensive exposure
management platform. The financial terms of the deal were not disclosed. The deal is expected
to close later this quarter.