Tenable Launches Agentic AI to Automate Cleanup of 'Zombie' Cloud Assets
Tenable has launched an agentic AI tool, Tenable Hexa AI, to help organizations identify and decommission "zombie" cloud assets that contribute to both security vulnerabilities and unnecessary infrastructure costs.
Tenable has introduced a new agentic AI capability, Tenable Hexa AI, designed to identify and remediate "zombie" cloud assets—unused or unmanaged infrastructure that persists within cloud environments Tenable Blog. As organizations prioritize rapid software development, ephemeral resources such as containers, serverless functions, and virtual machines are frequently deployed for testing or short-term projects but are rarely decommissioned, leading to a sprawling, forgotten attack surface Tenable Blog.
According to Tenable Research, approximately 49% of cloud infrastructure currently exists in an idle and untracked state Tenable Blog. These neglected resources often remain unpatched for six months or longer, creating significant security risks. Beyond the immediate vulnerability exposure, these assets represent persistent budget leaks, as organizations continue to pay for resources that are no longer providing value to the business Tenable Blog.
Tenable Hexa AI functions as an agentic engine integrated into the Tenable One platform, moving beyond simple chatbot functionality to perform complex, automated security tasks Tenable Blog. By leveraging the Tenable Exposure Data Fabric, the AI interprets user intent to automatically construct queries within the platform’s "Explorer" tool. This allows security teams to identify orphaned public IP addresses, dangling keys, and other abandoned infrastructure across AWS, Azure, and Google Cloud Platform (GCP) Tenable Blog.
The tool is designed to provide visibility into these environments by translating plain-language requests into actionable data queries. Once identified, these queries can be refined, saved as standing policies, and eventually used to trigger automated remediation workflows approved by the organization Tenable Blog. This process aims to shift security operations from periodic, manual audits to a continuous, automated "bounty-hunting" model for identifying and eliminating unnecessary cloud assets Tenable Blog.
The emergence of zombie assets highlights a growing challenge in cloud governance where the velocity of engineering often outpaces the ability of security teams to maintain oversight. By automating the discovery and cleanup of these resources, organizations can simultaneously reduce their attack surface and optimize cloud infrastructure costs Tenable Blog. As cloud environments continue to scale, the use of agentic AI to manage the lifecycle of ephemeral assets is becoming an increasingly critical component of proactive cloud security strategies.