Tenable Adds Multistep Reasoning and MCP Support to Hexa AI Agent

The rapid evolution of generative AI has turned vulnerability discovery into a near‑real‑time process, but many organizations still rely on manual remediation that can take weeks. Tenable’s Hexa AI, built atop the Tenable Exposure Data Fabric, seeks to close that timing gap by embedding AI‑driven orchestration directly into its platform. By leveraging large‑language models for context‑aware decision making, Hexa AI can interpret raw scan data, prioritize findings, and trigger downstream actions without human intervention, a capability that aligns with the broader industry push toward continuous, automated risk management.

The latest release adds two critical layers: multistep reasoning and support for the Model Context Protocol (MCP). Multistep reasoning lets Hexa AI execute chained actions—such as creating tickets, applying custom policies, and generating compliance reports—from a single request, effectively turning a detection into a complete remediation playbook. MCP, an open standard pioneered by Anthropic, provides a plug‑and‑play interface for third‑party tools, allowing security teams to build bespoke agents without writing custom code. Additionally, exposure‑path insights enable queries based on service accounts, privileged users, and AD groups, surfacing attack paths that traditional asset inventories miss.

For the market, Tenable’s move signals a maturation of AI‑augmented security solutions. By embedding guardrails, auditability, and identity‑focused analytics, Hexa AI addresses the trust deficit that has slowed enterprise adoption of autonomous agents. Competitors will likely follow suit, accelerating a shift toward AI‑first security orchestration platforms. Organizations that adopt these capabilities can expect faster remediation cycles, lower operational overhead, and stronger compliance postures—key differentiators in an increasingly threat‑rich landscape.