Artificial Intelligence & Machine Learning , Governance & Risk Management , Next-Generation Technologies & Secure Development

Tenable CEO on Using AI to Spot Exploitable Vulnerabilities

Amit Yoran on How Hackers, Defenders Can Use Generative AI to Increase Speed, Scale
Amit Yoran, chairman and CEO, Tenable (Image: Tenable)

Hackers use generative AI to churn out code that exploits vulnerabilities, while defenders use it to get more context around flaws discovered in their ecosystem, said Tenable CEO Amit Yoran.

See Also: Close the Gapz in Your Security Strategy

The company can use generative AI to identify and prioritize all the instances of MOVEit in a customer's environment or to locate privileged users that have externally facing systems with a critical vulnerability, Yoran said. But criminals can execute spear-phishing campaigns at rapid speed and scale with generative AI by fusing exploit codes with data about millions of users curated from social media and data leaks (see: Tenable CEO on What's New in Cyber Exposure Management).

"The cybercriminal element is highly creative and highly motivated because there's real dollars on the line," Yoran said. "This is their livelihood. And so we see them embracing technologies without a lot of concern about regulatory implications or privacy implications. So, they can embrace these technologies, use them and apply them real fast."

In this video interview with Information Security Media Group, Yoran also discussed:

  • How the Active Directory threat landscape changed in the past year or two;
  • How the new TSA cybersecurity regulations affect Tenable's OT customers;
  • How generative AI can benefit security research conducted by Tenable.

Yoran previously served as RSA's president after joining the firm through its acquisition of NetWitness, the network forensics company he founded and led as CEO. Prior to NetWitness, he served as founding director of the United States Computer Emergency Readiness Team program in the U.S. Department of Homeland Security. Yoran was also founder and CEO of Riptech, one of the first managed security service providers, which Symantec acquired in 2002.

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.