See how Tenable Hexa AI custom agents empower you to counter machine-speed threats by automating vulnerability remediation. Learn how the Model Context Protocol (MCP) automates execution of risk-driven patching workflows, shifting your strategy from reactive tracking to continuous exposure management.
Key takeaways
- Even in previews, powerful AI models like Claude Mythos show us how quickly adversaries could weaponize newly discovered vulnerabilities. Traditional, manual patching cycles can’t keep up with machine-speed threats.
- Tenable Hexa AI, the agentic engine of the Tenable One Exposure Management Platform, allows you to build custom agents to automate vulnerability prioritization and remediation at machine speed and scale.
- Because Tenable Hexa AI uses the Model Context Protocol (MCP), it can function as the orchestration layer linking any LLMs you’re using to your other security tools. In other words, with Tenable Hexa AI, you can use an LLM to trigger vulnerability remediation workflows that leverage custom agents alongside your preferred patching tools to eliminate manual delays and accelerate risk reduction.
Frontier AI models like Anthropic’s Claude Mythos have demonstrated the potential to collapse the window between vulnerability discovery and exploitation from days to hours. In internal testing, Anthropic says Mythos Preview provided a fully functional exploit kit fully autonomously for a 17-year-old remote code execution (RCE) vulnerability within “several hours.”
In an environment where attackers operate at machine speed, traditional 30-day patch cycles and manual ticketing systems are not just slow, they’re a liability.
As Tenable CTO Vlad Korsunsky recently wrote in a blog on Claude Mythos, closing your patch gap has never been more critical. Tenable Hexa AI is built to close this gap, accelerate exposure and vulnerability remediation cycles from human speed to machine speed, and automate a variety of complex, multi-step security tasks.
The power of custom Tenable Hexa AI agents
In our first blog on use cases for the Tenable Hexa AI agentic engine, we showed how you can use Tenable Hexa AI to identify assets impacted by the Axios npm supply chain attack. While rapid identification and prioritization form the bedrock of exposure management, the sheer volume of modern threats requires teams to scale their response by automating mitigation for the specific risks that actually impact their environment.
Tenable Hexa AI enables you to build custom agents to automate workflows tailored to your unique environment. By utilizing the Model Context Protocol (MCP), Tenable Hexa AI securely connects large language models (LLMs) like Claude with your internal tech stack and execution tools. With this capability, you aren’t just asking an LLM what is vulnerable; you’re mobilizing an agent to fix it.
Automating vulnerability prioritization and remediation with Tenable Hexa AI
Let’s look at a real-world workflow where we use an LLM (in this case, Claude) combined with a custom Tenable Hexa AI agent to conduct automated patching and instantly accelerate risk reduction.
Step 1: Command the agent using natural language
The workflow begins in Claude with a natural language prompt:
“Use Tenable Vulnerability Management and Tenable Patch Management to identify and patch any critical VPR vulnerabilities on the asset, rsac-svr-2022”
Tenable Hexa AI functions as the orchestration layer connecting your preferred LLM to your preferred patching tool, allowing you to trigger autonomous actions directly from your LLM.
Step 2: Prompt triggers agentic vulnerability prioritization
The prompt triggers the custom Tenable Hexa AI agent to immediately query Tenable, locate the specific asset, and filter the findings using Tenable’s Vulnerability Priority Rating (VPR).
In contrast with other vulnerability scoring systems, like CVSS and EPSS, which score based on theoretical risk and probability of exploitation, the Vulnerability Priority Rating pinpoints the roughly 1.6% of vulnerabilities that actually pose an immediate risk to your organization based on real-world exploitability data and potential business impact.
By using the Tenable Vulnerability Priority Rating as a strict filtering criteria, custom agents can then trigger automated workflows exclusively for your most critical CVEs.
A simple prompt in Claude triggers a custom Tenable Hexa AI agent to carry out the command.
Step 3: Agent automates patch deployment
Once the true priorities are identified, the Tenable Hexa AI agent directly triggers your patching tool of choice (in this example, Tenable Patch Management) to seamlessly deploy the fix to the asset, removing manual delays from the remediation cycle.
To deliver trusted execution alongside machine speed, the Tenable Hexa AI agent relies on Tenable’s Exposure Data Fabric, the industry’s richest repository of contextualized exposure data. The Exposure Data Fabric maps the interactions among vulnerabilities, identities, and assets to provide the deep environmental context that agents need to take safe, precise action. Limiting network changes strictly to material exposures earns the operational confidence from IT required to successfully scale automated VulnOps workflows.
With custom agents, you maintain total authority over the execution phase. You can build specific human-in-the-loop (HITL) checkpoints directly into the agent’s logic — choosing exactly when to unleash full automated execution and when to require a strategic manual sign-off — allowing you to confidently close the exploit window without risking operational disruption.
The custom Tenable Hexa AI agent automates patch deployment, eliminating manual delays.
Scaling vulnerability remediation efforts with agentic AI
The economics of cyberattacks have fundamentally shifted. With high-level exploits now costing attackers under $2,000 and taking less than one day to develop, the accelerating volume of AI-discovered vulnerabilities will quickly overwhelm even the most well-resourced security teams. To survive, defenders must shift their economics, too.
Tenable Hexa AI acts as the crucial force multiplier to make that shift possible. By integrating custom AI agents into your security workflows, you reduce the “cost per remediation.” This empowers a single analyst to automate repetitive tasks, efficiently triage patches, and manage exposures at a scale.
Ultimately, establishing these automated remediation pipelines allows defenders to operate at machine speed without burning out. You successfully transition your strategy from reactive tracking to proactive exposure management, permanently closing the gap between how fast vulnerabilities are found and how fast your organization can respond.
Ready to build your own custom automated workflows and beat the exploit clock?
Tenable Hexa AI is currently in private preview for select Tenable One customers. Contact your Tenable Account Team to join the private preview program.
Want to learn more? Download the Tenable Hexa AI data sheet to get the full technical breakdown of our agentic capabilities.
