Cybersecurity risk management company Tenable announced plans to acquire Vulcan Cyber for approximately $147 million in cash and $3 million in restricted stock units.

The acquisition, expected to close in the first quarter of 2025, will expand Tenable’s Exposure Management platform by integrating Vulcan Cyber’s risk prioritization, third-party data integration, and automated remediation capabilities.

The company said the acquisition would provide it with additional tools to help organizations consolidate security data, improve risk assessment and accelerate mitigation efforts across hybrid environments.

“This acquisition strengthens Tenable’s position by bringing expanded risk visibility, deeper third-party data integration and streamlined remediation workflows,” said Jason Merrick, senior vice president of products at Tenable. “Organizations are struggling to identify their sources of greatest risk.”

Merrick explained that Vulcan Cyber’s third-party data integrations are key to the acquisition.

“The integration of Vulcan Cyber’s capabilities into Tenable One will deliver unified, data-driven visibility across infrastructure, cloud environments and applications,” Merrick said.

By aggregating and normalizing asset data from more than 100 security tools, Vulcan Cyber will help accelerate the ability of Tenable One to identify, assess and remediate vulnerabilities across all assets.

The acquisition could also improve AI-powered risk prioritization by helping security teams focus on the most critical vulnerabilities based on real-world threat intelligence.

Automated remediation workflows will further improve security operations by ensuring that vulnerabilities are quickly identified and addressed.

Tenable plans to optimize remediation through automated campaigns, advanced tagging, and intelligent ticketing systems that deliver corrective actions directly to the appropriate security team members.

This automation will help organizations reduce response times and mitigate risks more effectively across their IT environments.

“Security teams today face an overwhelming number of alerts and vulnerabilities,” Merrick said. “By automating remediation workflows and embedding AI-driven risk prioritization, we can help organizations address their most pressing threats more efficiently.”

Tenable has focused on AI-powered security analytics since launching its Vulnerability Priority Rating (VPR) in 2019.

With Vulcan Cyber, the company will expand its AI capabilities to refine exposure scoring and optimize risk prioritization.

“By integrating AI models from Vulcan and Tenable throughout our portfolio, we will further enhance dynamic exposure scoring, continuing to provide organizations with the industry’s most accurate risk prioritization framework,” Merrick said.

He added Tenable plans to refine existing AI models and develop new capabilities.

“We are unifying data from Tenable’s platform, industry and community threat intelligence, customer environments and third-party sources,” Merrick said. “This data foundation enables us to refine existing AI models and develop new ones that are more advanced and more effective.”

Merrick emphasized that AI will play a central role in exposure management moving forward.

“These AI-driven advancements will strengthen security teams by reducing workload and increasing efficiency,” he said.