TENEX.ai operates an AI-native cybersecurity platform that uses artificial intelligence to autonomously triage, investigate, and respond to cyber threats at machine speed, freeing human analysts to focus on complex, strategic security judgments. Pulse 2.0 interviewed TENEX.ai co-founder and CEO Eric Foster to learn more.
Eric Foster’s Background
Eric, can you walk us through your background and what led you to build TENEX.ai?
Foster said: “I’ve spent my entire career on both sides of the security table. Three times as a CISO, defending enterprises and watching my teams burn out triaging the same alerts over and over. And then on the provider side, most recently helping build CYDERES into one of the larger MDR practices in the market. So I’ve felt the pain as a buyer, and I’ve tried to solve it as an operator.”
“What led me to build TENEX.ai is the understanding that I wasn’t done in my mission to fight cybercrime, and the unwavering optimism that there had to be a better way. It was clear bolting AI onto a legacy services model designed decades ago wasn’t it — the only way to actually fix it was to start over. No legacy stack, no legacy headcount, no boats to burn. Defeating cybercrime — that’s why we started TENEX. Building the biggest security company on the planet, and the best AI security operations platform, are just incremental steps to that outcome.”
Problem In Cybersecurity Being Addressed
What problem did you see in cybersecurity that convinced you the industry needed an AI-native approach?
Foster shared: “The dirty secret of the MDR industry — at least the 1.0 MDR industry — is that it’s a people business dressed up as a technology business. Every legacy provider was hiring analysts as fast as they could, stacking them in front of dashboards, and calling the result ‘managed detection.’ The economics worked when threats moved at human speed. They stopped working the moment attackers started using AI.”
“Today an adversary can spin up a credible deepfake, generate working malware variants, and run a phishing campaign at machine speed for the cost of a few API calls. Defenders are still mostly doing it by hand. That asymmetry isn’t a tooling problem you patch with another SIEM plugin — it’s a structural one. You can’t out-hire the attackers. You have to out-build them. That’s the gap that convinced me that an AI-native SOC wasn’t a nice-to-have, it was the only honest answer.”
Moving From AI-Assisted To AI-Native
TENEX.ai talks about moving from ‘AI-assisted’ to ‘AI-native.’ What does that mean in practice?
Foster explained: “AI-assisted means you took your existing process and dropped a chatbot or a summarizer into it. The humans are still doing the work; the AI is just decorating the workflow. Every legacy MDR is doing some version of that right now. It’s better than nothing, but it doesn’t significantly change the unit economics and it doesn’t change the speed.”
“AI-native means built for AI, not bolted on. It’s exactly the difference between legacy tech companies bolting a TCP/IP stack onto their monolithic applications and calling themselves “internet enabled,” versus the companies that were architected for the internet from day one. The dotcom era was won by the internet-native companies — think Salesforce displacing SAP. This is the exact same dynamic. AI-native means built to take every advantage of AI where it makes sense. AI is the worker. The human steers it.”
“The platform triages, investigates, hunts, and responds on its own — and the human analyst is on the loop, focused on the judgment calls that actually require a human. We designed for AI from day one. Our patented machine vision watches how elite analysts work across every tool in the stack — not just ours — and turns that into playbooks, documentation, and machine instructions the AI can execute. The services layer is the data moat. That’s the part nobody else can copy by bolting on a model.”
Appointing Bashar Abouseido As President
You recently appointed Bashar Abouseido — former CISO at Charles Schwab for 12+ years — as President. Why was he the right leader for this moment?
Foster described: “For more than a decade, Bashar was responsible for protecting tens of millions of consumer accounts and trillions of dollars in client assets at one of the most targeted institutions in the world. He knows financial-sector threats at a depth almost nobody in this industry can match, and he knows what it takes to scale enterprise-grade security under real regulatory and board-level pressure. That experience is exactly what this moment demands of a President.”
“But the part that matters most to me is which side of the table he’s choosing. Bashar spent his career as the buyer — the CISO every MDR vendor in the world was trying to sell to. He joined because he believes, like I do, that AI is finally giving defenders the advantage after decades of the attackers having the upper hand. And he saw firsthand at TENEX that we have not only the strongest product in the AI‑SOC space, but the strongest team, strategy, and partner ecosystem — and now the funding to go win. When someone who has seen every pitch and every category chooses to come build it with you, that’s the most honest validation there is.”
Core Products
What are the core products TENEX.ai offers, and how do they differ from traditional MDR or SIEM tools?
Foster explained: “Our core offering is our AI Security Operations Platform, and we deliver it in three flavors. First, platform-as-a-service — it’s in use by some of the largest SOCs on the planet to give their analysts 10X automation. Second, the platform combined with our “overwatch” services, where our team operates as an extension of a company’s in-house team. And third, our award-winning AI MDR, which delivers true 24x7x365 security operations outcomes — human accountability with AI speed and accuracy.”
“Across all three, the platform does the operational work. It triages every alert in under a minute with a full reasoning chain, runs hypothesis-driven investigations on its own, proactively hunts for threats in telemetry that never even generated an alert, and responds in real time. Our human analysts sit on the loop, reviewing the AI’s work and owning the escalations that genuinely need human judgment.”
“The difference from a traditional SIEM is night and day. A SIEM is a database — it collects logs and fires alerts, and then a human has to go figure out what each one means. Legacy MDR just put more people in front of that firehose. We don’t ask a human to drink from it at all; the AI does the heavy lifting, so noise goes down, triage goes from hours to seconds, and analysts spend their time on the threats that matter instead of burning out on false positives. And because we’re platform-agnostic, we layer onto the SIEM investments customers already have — Google SecOps, Microsoft Sentinel — rather than forcing a rip and replace.”
Evolution Of The Company’s Technology
How has the technology evolved since launch, especially with the rise of AI-powered attacks?
Foster noted: “When we launched, the prevailing wisdom was that AI could maybe help summarize an alert or draft a report. We bet bigger — that AI could own the entire triage and investigation workflow end to end. In the time since, that bet has more than paid off. Our platform has gone from automating pieces of the analyst’s job to running the majority of SOC operations autonomously, with our analysts steering and accountable on the loop. Every single action our analysts take feeds back into the system, so the platform is measurably smarter and faster every quarter than it was the quarter before.”
“The attacker side has evolved just as fast, and that’s exactly why this matters. Adversaries now use AI to generate malware variants, automate reconnaissance, and run convincing deepfake and social-engineering campaigns at a scale no human team could keep pace with. You cannot fight machine-speed attacks with human-speed defense. The only durable answer is to meet AI with AI — and because we were built native for it, we’re not retrofitting that capability under fire. We’ve been compounding it since day one.”
Success Stories
What customer problems are you solving most often right now? Any success stories you can share?
Foster highlighted: “The most common issue is alert fatigue — and the burnout that comes with it. We’ll walk into an environment where a talented team is drowning: tens of thousands of alerts a day, the vast majority false positives, with real threats hiding somewhere in that noise. Their best people are spending their nights triaging junk instead of hunting actual adversaries. Bashar puts it better than I can: “Every CISO I’ve known has had to fight the same battle — explaining risk to the board, justifying resources, and watching their best people burn out triaging noise instead of stopping real threats.” That’s the problem we were built to end.”
“Without naming names, a typical story looks like this: a customer comes to us buried under alert volume that two or three analysts can’t keep up with, and within weeks the platform is autonomously triaging effectively all of it in under a minute each. Mean time to respond drops from hours to minutes. And here’s the part that matters most — nobody gets laid off. Those analysts stop being alert-sorters and become threat-hunters. The work gets more interesting, not less. That’s the outcome we’re proudest of: the AI doesn’t replace the team, it gives them their job back.”
Milestones
What milestones are you most proud of so far — product, customer, team, or market traction?
Foster cited: “I’m proud of all the milestones — but it’s important to remember they’re just that: milestones. It’s awesome that we were named the #1 fastest-growing company in all of cybersecurity. It’s awesome that we’ve built the best team and the best product, that we have incredible customer traction, and that we closed a record-breaking $250 million Series B.”
“But none of those things — not the funding, not the valuation, not the traction — are the goal. They’re markers along the way, and it’s worth celebrating the progress. What I’m most proud of is every single customer we make a difference for: every cyber threat we stop, every criminal we defeat, every company we protect. That’s the scoreboard that actually matters.”
Market Opportunity
How big is the market opportunity for AI-native security, and where does TENEX fit within it?
Foster assessed: “The way I understand the TAM: MDR as it’s defined today is roughly an $8 billion market, but the entire security services market — the whole detection-and-response function across every enterprise — is on the order of $80 billion, and it carries one of the highest growth rates in all of cybersecurity. So we’re not playing for a slice of a niche. We’re playing for the way security operations get run, period.”
“Here’s the more important point. Most of that spend still sits with legacy SIEM and first-generation, human-scaled MDR. As AI resets the economics of security operations, that spend doesn’t disappear — it shifts. It moves to whoever was built native for this moment. We intend to be the company it moves to: not a feature inside someone else’s platform, but the platform itself.”
Differentiation
What differentiates TENEX from competitors in MDR, SIEM, or XDR?
Foster affirmed: “I’m confident — and it’s not just my view. Customers, analysts, and prospects consistently tell us we have the leading AI‑security product, the right team, the right strategy, the right partners, and now the capital to scale. The reality is that legacy players can’t become AI‑native without disrupting the human‑scaled businesses they rely on, and pure‑software AI startups will never have the depth of data required to compete. Here’s why.”
“Most AI SOC efforts fail to show meaningful value. What we’ve built is not just the best solution — it’s the fastest path for security teams to get the full benefits of an agentic SOC today with the stack and team they already have.”
“First, architecture. We’re AI-native, built for this from day one, while the incumbents are bolting AI onto platforms designed for a human-scaled world. That shows up as speed and accuracy — sub-minute triage, far lower noise, and dramatically less operational burden on the customer’s team.”
“Second, our data moat. Because we actually operate the SOC, every action our elite analysts take trains the platform to get smarter. The pure-software AI players don’t have that — they build automation in a vacuum because they don’t run security operations. We’re the rare company with both the services DNA and the native-AI architecture.”
“Third — and this is the one I care about most — we’re human-led. AI-native, human-led, because one without the other isn’t enough. When AI handles the volume, our analysts don’t become optional; they become exceptional. AI didn’t come for the defenders’ jobs — it came for the parts of their jobs that were exhausting them. Human analysts make our AI smarter, and our AI makes our analysts faster. That flywheel is the whole game, and nobody else has both halves of it.”
Challenges Being Faced
What challenges do organizations face today that legacy security tools can’t keep up with?
Foster acknowledged: “The common thread is speed and scale that legacy tools were never designed for. Start with the attacks themselves: adversaries now use AI to generate malware variants faster than signature-based tools can catalog them, and to automate reconnaissance and attack execution at machine speed. A rules-based system written for yesterday’s threats is structurally a step behind.”
“Then there’s the rise of deepfake-enabled fraud and social engineering — synthetic voices and video convincing enough to authorize wire transfers or reset credentials. Legacy tooling has almost no answer for that. Same with identity-based threats: attackers increasingly don’t break in, they log in, using legitimate credentials. If your detection is built around malware and perimeter signatures, you simply don’t see it.”
“And underneath all of it is the human cost. Legacy tools generate tens of thousands of alerts a day and leave humans to sort them, which means alert fatigue and analyst burnout — your most experienced defenders quitting or missing the one real threat buried in the noise. You can’t out-staff that problem. The only way through is an architecture that absorbs the volume so your people can focus on what actually matters.”
Future Goals
What’s next for TENEX.ai? What should the industry expect from you in the next 12–18 months?
Foster emphasized: “Three vectors. First, platform reach. We started deep in the Google security ecosystem; we’re expanding aggressively across Microsoft and the broader market so customers can run the TENEX platform on whatever stack they already have. The goal is simple: no enterprise should have to rip and replace to get AI-native security operations.”
“Second, depth of autonomy. The platform already triages, investigates, and hunts autonomously today. Over the next year-plus, expect that envelope to keep widening — more of the SOC running autonomously, with our analysts steering at a higher and higher level. Every customer we add accelerates this, because every analyst action makes the platform smarter.”
“Third, scale. We’re investing the Series B into significant hiring and into building out internationally. We’re going to meet enterprise demand wherever it is.”
“But the honest answer to ‘what’s next’ is the same as what’s now: we’re going to keep stopping more threats, protecting more companies, and proving that AI-native, human-led security is simply the better way to do this. The milestones will follow from that.”
Additional Thoughts
Anything else you want readers to know about TENEX.ai’s mission or the future of AI-native security?
Foster concluded: “Just this. For as long as I’ve been in this industry, the attackers have had the advantage. They move faster, they scale cheaper, and defenders have been asked to hold the line by working harder and hiring more — a game you can’t win by playing it the old way. AI changes that math for the first time. For the first time, the defenders can move at the speed of the threat.”
“That’s the whole reason TENEX exists. Not just to build a big company — though we intend to — and not just to win a category — though we will. We exist to defeat cybercrime, to give defenders the advantage, and to give talented security people their careers back so they can do the work that actually matters. AI‑native, human‑led. The technology is finally good enough to deliver on a promise this industry has been making for twenty years. We’re going to be the ones who keep it.”
