Tenable has formally launched a new legal entity in Saudi Arabia, marking a major expansion of its regional footprint and reinforcing its commitment to the Kingdom’s fast-advancing digital transformation under Vision 2030.
The new entity enables Tenable to better serve its growing customer base with local access to the Tenable One Exposure Management Platform and deeper collaboration on national cybersecurity programmes aligned with frameworks from the National Cybersecurity Authority.
The announcement comes alongside a regional visit by Tenable Co-CEO Mark Thurmond, who will deliver a keynote at Black Hat Middle East & Africa (MEA) 2025, focusing on the rising importance of Exposure Management — a unified approach to identifying, assessing, and prioritising cyber risk across complex, interconnected digital ecosystems.
Saudi Arabia’s rapid digital expansion, driven by giga-projects like NEOM and emerging AI hubs such as the “AI Zone” with companies like HUMAIN, has significantly widened the national attack surface. This acceleration brings both opportunity and elevated cyber risk.
Exposure Management unifies fragmented tools, data, and security teams to deliver a single view of risk — an essential capability for securing the massive IoT, cloud, and AI infrastructure powering Vision 2030.
David Cummins, Senior VP of EMEA at Tenable, emphasized that traditional security models cannot keep pace with the scale and speed of digital innovation in the Kingdom. With AI now reducing cyberattack development timelines from weeks to minutes, automated and pre-emptive security is becoming essential.
Tenable’s platform leverages AI to pinpoint the vulnerabilities that truly expose organizations to risk, automating remediation for routine tasks and strengthening protection for critical national infrastructure.
The establishment of the new entity also ensures tighter alignment with local regulations, including the Personal Data Protection Law (PDPL) and NCA Essential Cybersecurity Controls, enabling Saudi organizations to adopt advanced cybersecurity capabilities with full compliance and data sovereignty.
