Beating the Mythos clock: Using Tenable Hexa AI custom agents for automated patching

Blog / Products Subscribe Beating the Mythos clock: Using Tenable Hexa AI custom agents for automated patching Ziga Cerkovnik April 16, 2026 6 Min Read See how Tenable Hexa AI custom agents empower you to counter machine-speed threats by automating vulnerability remediation. Learn how the Model Context Protocol (MCP) automates execution of risk-driven patching workflows, shifting your strategy from reactive tracking to continuous exposure management. Key takeaways Even in previews, powerful AI models like Claude Mythos show us how quickly adversaries could weaponize newly discovered vulnerabilities. Traditional, manual patching cycles can’t keep up with machine-speed threats.   Tenable Hexa AI, the agentic engine of the Tenable One Exposure Management Platform, allows you to build custom agents to automate vulnerability prioritization and remediation at machine speed and scale.   Because Tenable Hexa AI uses the Model Context Protocol (MCP), it can function as the orchestration layer linking any LLMs you’re using to your other security tools. In other words, with Tenable Hexa AI, you can use an LLM to trigger vulnerability remediation workflows that leverage custom agents alongside your preferred patching tools to eliminate manual delays and accelerate risk reduction. Frontier AI models like Anthropic’s Claude Mythos have demonstrated the potential to collapse the window between vulnerability discovery and exploitation from days to hours. In internal testing, Anthropic says Mythos Preview provided a fully functional exploit kit fully autonomously for a 17-year-old remote code execution (RCE) vulnerability within “several hours.” In an environment where attackers operate at machine speed, traditional 30-day patch cycles and manual ticketing systems are not just slow, they’re a liability.  As Tenable CTO Vlad Korsunsky recently wrote in a blog on Claude Mythos, closing your patch gap has never been more critical. Tenable Hexa AI is built to close this gap, accelerate exposure and vulnerability remediation cycles from human speed to machine speed, and automate a variety of complex, multi-step security tasks.  The power of custom Tenable Hexa AI agents In our first blog on use cases for the Tenable Hexa AI agentic engine, we showed how you can use Tenable Hexa AI to identify assets impacted by the Axios npm supply chain attack. While rapid identification and prioritization form the bedrock of exposure management, the sheer volume of modern threats requires teams to scale their response by automating mitigation for the specific risks that actually impact their environment. Tenable Hexa AI enables you to build custom agents to automate workflows tailored to your unique environment. By utilizing the Model Context Protocol (MCP), Tenable Hexa AI securely connects large language models (LLMs) like Claude with your internal tech stack and execution tools. With this capability, you aren't just asking an LLM what is vulnerable; you’re mobilizing an agent to fix it. Automating vulnerability prioritization and remediation with Tenable Hexa AI  Let’s look at a real-world workflow where we use an LLM (in this case, Claude) combined with a custom Tenable Hexa AI agent to conduct automated patching and instantly accelerate risk reduction. Step 1: Command the agent using natural language The workflow begins in Claude with a natural language prompt: “Use Tenable Vulnerability Management and Tenable Patch Management to identify and patch any critical VPR vulnerabilities on the asset, rsac-svr-2022”  Tenable Hexa AI functions as the orchestration layer connecting your preferred LLM to your preferred patching tool, allowing you to trigger autonomous actions directly from your LLM. Step 2: Prompt triggers agentic vulnerability prioritization The prompt triggers the custom Tenable Hexa AI agent to immediately query Tenable, locate the specific asset, and filter the findings using Tenable’s Vulnerability Priority Rating (VPR).  In contrast with other vulnerability scoring systems, like CVSS and EPSS, which score based on theoretical risk and probability of exploitation, the Vulnerability Priority Rating pinpoints the roughly 1.6% of vulnerabilities that actually pose an immediate risk to your organization based on real-world exploitability data and potential business impact. By using the Tenable Vulnerability Priority Rating as a strict filtering criteria, custom agents can then trigger automated workflows exclusively for your most critical CVEs. A simple prompt in Claude triggers a custom Tenable Hexa AI agent to carry out the command. Step 3: Agent automates patch deployment  Once the true priorities are identified, the Tenable Hexa AI agent directly triggers your patching tool of choice (in this example, Tenable Patch Management) to seamlessly deploy the fix to the asset, removing manual delays from the remediation cycle. To deliver trusted execution alongside machine speed, the Tenable Hexa AI agent relies on Tenable’s Exposure Data Fabric, the industry’s richest repository of contextualized exposure data. The Exposure Data Fabric maps the interactions among vulnerabilities, identities, and assets to provide the deep environmental context that agents need to take safe, precise action. Limiting network changes strictly to material exposures earns the operational confidence from IT required to successfully scale automated VulnOps workflows. With custom agents, you maintain total authority over the execution phase. You can build specific human-in-the-loop (HITL) checkpoints directly into the agent’s logic — choosing exactly when to unleash full automated execution and when to require a strategic manual sign-off — allowing you to confidently close the exploit window without risking operational disruption. The custom Tenable Hexa AI agent automates patch deployment, eliminating manual delays.   Scaling vulnerability remediation efforts with agentic AI  The economics of cyberattacks have fundamentally shifted. With high-level exploits now costing attackers under $2,000 and taking less than one day to develop, the accelerating volume of AI-discovered vulnerabilities will quickly overwhelm even the most well-resourced security teams. To survive, defenders must shift their economics, too.  Tenable Hexa AI acts as the crucial force multiplier to make that shift possible. By integrating custom AI agents into your security workflows, you reduce the “cost per remediation.” This empowers a single analyst to automate repetitive tasks, efficiently triage patches, and manage exposures at a scale. Ultimately, establishing these automated remediation pipelines allows defenders to operate at machine speed without burning out. You successfully transition your strategy from reactive tracking to proactive exposure management, permanently closing the gap between how fast vulnerabilities are found and how fast your organization can respond. Ready to build your own custom automated workflows and beat the exploit clock? Tenable Hexa AI is currently in private preview for select Tenable One customers. Contact your Tenable Account Team to join the private preview program. Want to learn more? Download the Tenable Hexa AI data sheet to get the full technical breakdown of our agentic capabilities. Ziga Cerkovnik Principal Product Manager - Agentic AI, Tenable As principal product manager for agentic AI at Tenable, Ziga Cerkovnik leads product strategy and execution for Tenable Hexa AI, the agentic AI engine of the Tenable One Exposure Management Platform. He is responsible for shaping how autonomous AI agents help security teams translate exposure intelligence into coordinated action and measurable risk reduction — a vision brought to market with the public debut of Hexa at RSAC 2026. With nearly a decade of product leadership experience in cybersecurity, Ziga joined Tenable in 2020, owning roadmap and execution across flagship areas including vulnerability management, container security, and attack surface management. Prior to Tenable, he was Co-Founder and CTO of a fintech startup, and earlier built his cybersecurity foundation at RSA Security. Related articles April 14, 2026 Claude Mythos: Prepare for your board’s cybersecurity questions about the latest AI model from Anthropic With the Federal Reserve Chairman meeting with bank CEOs to discuss the security implications of Claude Mythos, you can bet that your board of directors will ask you about the impact of the AI model on your cybersecurity strategy. Here’s how to prepare. Vlad Korsunsky April 10, 2026 Crushing the Axios supply chain threat with Tenable Hexa AI: Use cases for agentic AI See how you can use Tenable Hexa AI to determine in minutes if you're impacted by the Axios npm supply chain attack. Learn how easy it is to automate configuration of scans, identify impacted assets, prioritize remediation, and more using agentic AI from Tenable. By James Davies March 25, 2026 Security for AI: A guide to managing the risks of vibe coding and AI in software development Get a template for an AI coding acceptable use policy with security controls and a list of 25 security questions to ask software developers and “citizen developers” about their AI use. Mitigate the security risks of vibe coding and using AI in software development with Tenable One. By Tomer Y. Avni Agents Risk-based Vulnerability Management Tenable Vulnerability Management Vulnerability Management Tenable One Tenable Vulnerability Management Cybersecurity news you can use Enter your email and never miss timely alerts and security guidance from the experts at Tenable. Email Address Submit