Tenable’s $150M Vulcan Cyber Buy Boosts Exposure Management

Tenable plans to purchase an exposure management startup led by a former Israeli intelligence officer to more effectively integrate telemetry data from third-party security products.

See Also: August Spotlight | Automated Threat Intelligence Correlation

The Baltimore-area vendor said its proposed $150 million acquisition of Tel Aviv, Israel-based Vulcan Cyber will help CISOs gain a unified view of risk through its more than 100 third-party integrations across endpoint security, cloud security and threat intelligence, according to co-CEO and COO Mark Thurmond. He said Vulcan’s reputation in performance, scalability and integrations made them an appealing target.

“We are seeing this massive issue with our customers, where they’re just getting overwhelmed with the amount of individual point security products that they’ve been using,” Thurmond said. “We’re seeing, on average, in our big enterprise customers around the globe, well over 100 individual point security products. And every time we would go in and have conversations, this theme kept coming up.”

How Tenable, Vulcan Cyber Will Come Together

Vulcan Cyber, established in 2018, employs 124 people and raised $69 million of outside funding, having most recently closed a $34 million Series B extension in November 2023 led by Maor Investments and Ten Eleven Ventures. The company has been led since its inception by Yaniv Bar-Dayan, who spent five years as an intelligence officer in the Israel Defense Forces and nearly four years at Cyberbit (see: Tackling Vulnerabilities Qualitatively, Not Quantitatively).

Thurmond said large enterprises often use more than 100 security products, leading to inefficiencies and integration challenges. In addition, he said security insights from endpoint security, cloud security and threat intelligence tools are often fragmented, making comprehensive risk assessment difficult. Vulcan Cyber will help consolidate security tools into a unified platform and integrate third-party security data.

Tenable will not sell Vulcan Cyber as a standalone product but will fully integrate its capabilities into Tenable One by early spring, Thurmond said. While the Vulcan platform will no longer be independently available, Thurmond said current customers will continue to receive support for their deployments. The decision reflects a focus on creating a single platform rather than managing separate product lines (see: Tenable, Vulcan Cyber Lead Vulnerability Management Rankings).

“We are going to continue to support the Vulcan install base,” Thurmond said. “So, the customers they have today, we’ll continue to support those customers 100%. We will integrate the Vulcan platform into Tenable One. We will not sell Vulcan as a standalone platform. It will become part and fully integrated into Tenable One. That integration will happen in the beginning of Q2.”

Buying Vulcan Cyber will help Tenable ingest security data from competitors like Qualys, Rapid7, Wiz and CrowdStrike and unify threat intelligence across all assets for better risk assessment, Thurmond said. Vulcan’s automated remediation workflows will reduce manual workloads by streamlining security response, while the company’s AI skills will enhance predictive analytics for vulnerability management.

What Sets Vulcan Cyber’s Approach to Third-Party Tools Apart

Security teams have historically struggled to ingest and normalize data from third-party security tools due to compatibility and performance constraints, but Vulcan’s efficient adapters and integrations allow for data aggregation from third-party security tools at scale, he said. And enhanced prioritization will create a more accurate risk score, helping security teams focus on the most critical vulnerabilities first.

“The way they built their technology and the way they’ve actually built their adapters and integrators to third parties we felt like was the quickest, simplest, fastest way to possibly do it,” Thurmond told Information Security Media Group. “I think they did a magnificent job on the engineering side of the house there.”

Security teams often operate in siloed environments, making coordinated remediation difficult, but Thurmond said Vulcan Cyber’s automated ticketing and tagging system ensures that vulnerabilities are assigned to the right teams without delays. The ability to automatically assign, track and resolve security vulnerabilities is a major competitive advantage, ensuring critical security gaps are addressed faster (see: Vulcan Cyber Raises $34M to Safeguard Attack Path Management).

“The biggest issue that customers run into is all of this sometimes is in different hands of different siloed parts of the cybersecurity team,” Thurmond said. “And to be able to bring that all in under one team, and know the team members, they can actually look at it. They can fix exposures quickly. They can go in and out of these different environments seamlessly under one pane of glass.”

While Tenable has financial targets for the Vulcan Cyber acquisition, he said the company is prioritizing customer impact, ensuring the deal delivers measurable security improvements. Specifically, Thurmond said the primary measure of success will be: customer adoption of new security capabilities; migration of third-party assets into Tenable One; and the effectiveness of threat prioritization and automation.

“It’s really about going to that install base and now being able to truly deliver exposure management and ingesting that third party data and being able to do all this automated remediation of workflows,” Thurmond said. “That, to me, is how we’re going to really measure success.”