Tenable to Acquire AI Security Startup Apex - Dark Reading

CYBER RISK NEWS News, news analysis, and commentary on the latest trends in cybersecurity technology. Tenable to Acquire AI Security Startup Apex Apex will enhance Tenable's AI Aware tool by mitigating the threats of AI applications and tools not governed by organizations, while enforcing existing security policies. Jeffrey Schwartz,Contributing Writer May 30, 2025 3 Min Read SOURCE: RAWPIXEL LTD VIA ALAMY STOCK PHOTO Tenable Security has announced plans to acquire Apex, an Israel-based startup specializing in security solutions driven by artificial intelligence (AI). Apex will be integrated into Tenable One, Tenable's software-as-a-service-based exposure management platform. Founded in 2023, Apex helps organizations discover ungoverned AI. Co-founders Matan Derman (CEO) and Tomer Avni (chief product officer) developed a platform designed to surface all AI activities, including shadow apps, AI-generated code, and fake identities. The boutique company of roughly 20 employees competes with Prompt Security, Lasso Security, and Aim Security. According to findings from Tenable Research last year, over one-third of security teams had AI applications in their environments that didn't appear to be officially sanctioned. Besides shadow AI and autonomously generated code, organizations must be on the alert for malicious AI code and libraries from prompt injections, says Eric Doerr, Tenable's chief product officer. Many organizations are under pressure to embrace the latest AI tools and platforms to automate as many processes as possible, and they are willing to overlook the risks. Organizations needed the ability to do something about ungoverned AI within their networks, Doerr says. Related:Emerging Chiplet Designs Spark Fresh Cybersecurity Challenges "The reality is they're rolling it out without knowing how to govern it or secure it, and CISOs are nervous about that," Doerr says. "They're looking to quickly get something in place that helps govern and manage this risk. And so that's the journey that got us to Apex. It was a very natural complement to what we had done with [Tenable's] AI Aware." Tenable released the AI Aware tool last year to help organizations analyze the activity of AI applications, libraries, code repositories, and infrastructure. Doerr says AI Aware is consistent with Tenable's various exposure management scanning tools. "We had thousands of customers take advantage of it, and they found lots of AI, some of which they knew about, some of which they didn't know about, in their environment," he says. Apex will enhance AI Aware by mitigating the threats and risks it finds, establishing best practices for AI security, and enforcing existing security policies. Apex's Derman said in a statement that joining Tenable will enable it to manage the risk of AI "in context — not as a silo, but as part of their broader environment." "Treating it as part of exposure management is the most strategic approach," he stated. The Apex deal marks Tenable's second acquisition in 2025. In January, Tenable acquired Vulcan Cyber, a move that fueled this month's release of connectors, enabling the Tenable One Exposure Management offering to integrate with numerous other platforms. Although Tenable has acquired nine companies in total since its founding in 2002, six of those acquisitions have occurred in the past three years. Last year, Tenable acquired Eureka, adding data security posture management to Tenable One. In 2023, Tenable acquired CNAPP provider Ermetic, and in 2022, two deals included Bit Discovery and Cymptom. Related:TransUnion's Real Networks Deal Focuses on Robocall Blocking Financial details about the Apex transaction were not disclosed. Tenable said it expects the acquisition to close during the second half of the year. About the Author Jeffrey Schwartz Contributing Writer Jeffrey Schwartz is a journalist who has covered information security and all forms of business and enterprise IT, including client computing, data center and cloud infrastructure, and application development for more than 30 years. Jeff is a regular contributor to Channel Futures. Previously, he was editor-in-chief of Redmond magazine and contributed to its sister titles Redmond Channel Partner, Application Development Trends, and Virtualization Review. Earlier, he held editorial roles with CommunicationsWeek, InternetWeek, and VARBusiness. Jeff is based in the New York City suburb of Long Island. Want more Dark Reading stories in your Google search results? ADD US NOW More Insights Industry Reports Frost Radar™: Non-human Identity Solutions 2026 CISO AI Risk Report The ROI of AI in Security Cybersecurity Forecast 2026 ThreatLabz 2025 Ransomware Report Access More Research Webinars Building a Robust SOC in a Post-AI World Retail Security: Protecting Customer Data and Payment Systems Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need Securing Remote and Hybrid Work Forecast: Beyond the VPN AI-Powered Threat Detection: Beyond Traditional Security Models More Webinars You May Also Like CYBER RISK US Cyber Pros Plead Guilty Over BlackCat Ransomware Activity by Alexander Culafi JAN 05, 2026 CYBER RISK Switching to Offense: US Makes Cyber Strategy Changes by Robert Lemos, Contributing Writer NOV 21, 2025 CYBER RISK Microsoft Exchange 'Under Imminent Threat,' Act Now by Arielle Waldman NOV 12, 2025 CYBERATTACKS & DATA BREACHES DeepSeek Breach Opens Floodgates to Dark Web by Emma Zaballos APR 22, 2025 Latest Articles in DR Technology CYBERSECURITY OPERATIONS AI Dominates RSAC Innovation Sandbox MAR 22, 2026 СLOUD SECURITY Native Launches With Security Control Plane for Multicloud MAR 19, 2026 СLOUD SECURITY Post-Quantum Web Could be Safer, Faster MAR 19, 2026 CYBER RISK Why Post-Quantum Cryptography Can't Wait MAR 12, 2026 Read More DR Technology Want more Dark Reading stories in your Google search results?