The traditional approach to cybersecurity-periodic scanning followed by manual patching-can no longer keep up with threats operating at machine speed. AI has compressed exploit windows from days to minutes, forcing organizations to adopt a new framework: exposure management.
According to Jason Merrick, SVP of Product at Tenable, exposure management is not a product but a program. It integrates cloud infrastructure, identities, and AI workloads into a unified risk reduction strategy.
At Snowflake Summit 2026, Merrick and Snowflake CSO Mayank Upadhyay discussed how data infrastructure and AI-era security are converging. Tenable chose Snowflake as its security data lake to manage data silos from multiple acquisitions.
Upadhyay highlighted the non-deterministic nature of agentic AI as the defining new attack surface. In response, Snowflake announced its intent to acquire Natoma, a company supporting over 100 SaaS applications, to create a managed control point giving developers a paved road to AI services while providing security officers with observability.
Both executives emphasized the need to use automation and AI to fight AI, moving from detection to preemption.