Tenable OT Security 2025 Release Notes
Tenable OT Security 4.3.74 (2025-08-19)

OT Security administrators must verify SSH or Cockpit access on Tenable Core virtual and physical appliances. Administrator accounts can become inaccessible if you do not periodically sign in and update your password. For more information, see Leveraging the Remote Unlock Feature in Tenable Core.

OT Agent for Windows
The OT Agent is a new, installable application for Windows that extends OT Security's visibility. It enables safe and active OT asset discovery in areas where deploying traditional sensors is not feasible due to scale or resource constraints. The lightweight OT agents running on Windows devices (for instance, engineering workstations, HMIs, and Windows-based gateways) help bridge visibility gaps by identifying critical OT/IoT systems and embedded devices. Every asset the agent discovers is associated with that agent as a discovery source. For more information, see OT Agents.
OT Agent Management
You can use the OT Agent management page in Data Collection > Data Sources > Agents to configure and initiate OT Agent assessments. Administrators and Supervisor accounts can use this page to assign IP ranges for OT Agent-based asset discovery, schedule executions, and designate credentials for use. For more information, see OT Agents.
Enhanced Findings and OT Data integration in Tenable One
OT Security now reports policy events into Tenable One as Findings, which are tracked against the asset(s) involved in the policy event. Earlier, policy events were viewable only within OT Security or a syslog server. Tenable One users can now filter for “Tenable.ot Violations” findings, if policy events are reported for your assets. To enable this feature, contact Tenable Support.
Asset Groups and Tags
You can now use asset groups in various areas of OT Security. Tags are a new form of asset groups that are usable and searchable outside the event policy editor. The new asset tagging feature extends tag functions to both the predefined groups and the existing group types (Selection, IP range, IP List). The Tags column is visible by default on the inventory view, but it remains empty until you enable the Display Tag option for the asset groups that are pre-defined or created by users. For more information, see Assets Groups and Tags.
Enterprise Manager - Centralized Content Updates
The OT Security EM (EM) users can now centrally manage and initiate content updates, such as plugins, IDS, DFE, for all managed ICPs within the ICPs page. These updates, including vulnerability plugin coverage, intrusion detection rules, and new or improved device detection profiles, are regularly provided through the Tenable online content feed. EM administrators can now schedule or perform on-demand updates to specific ICPs or multiple ICPs using bulk update operations. For more information, see Manage Data Updates.

Tenable Core Account Expiration Reset Service
When an administrative account expires, Tenable Core blocks access to the account and SSH. The new remote unlock utility restores access, allowing you to log in and update account settings. This utility allows an ICP to remotely unlock its connected sensors and an OT Security Enterprise Manager (EM) to remotely unlock its connected ICPs, in the event the SSH or Tenable Core (Cockpit) user gets locked out due to password expiration. For more information, see the Knowledge Base article: Leveraging the Remote Unlock Feature in Tenable Core.
System Log Pagination
The System Logs page loaded slowly for sites with thousands of system log events. Pagination of these logs now significantly improves the responsiveness of this page when there are many log events to display.
New on Inventory - Serial Numbers
The Inventory page now supports a new Serial Number column, which is also included in all CSV exports of the inventory. You can also use the Serial Number to search and filter the inventory table.
New on Inventory - Search by BACnet Instance ID
You can now use the quick search bar on the Inventory page to find specific Building Management System (BMS) controllers by searching for their BACnet Instance IDs.
New UX Elements - Responsive Side Panels
OT Security now includes a new responsive side panel that allows you to drill down and investigate while retaining the background context of the previous page. This allows you to see various findings and data without returning to the browser and restart from the scrolled list. This side panel is now available for the Vulnerability Findings page, allowing you to efficiently investigate while maintaining your current workflow.
Sensors Page Revamp
As part of the continuous user interface enhancements, the Data Sources > Sensors page now includes the new table and styling that match the Inventory and Findings pages.
New UX Elements - Context Sensitive Help Shortcuts
The header of several pages now include a shortcut icon that takes you directly to their corresponding product documentation in a new tab.
To view the documentation corresponding to your OT Security version, you can use the version switcher drop-down to choose the version you need.

Vulnerabilities
Tenable identifies several new vulnerabilities in this release. See the complete list here.
New Tenable OT Security Device Fingerprint Engine (DFE) Coverage
Vendor | Product |
---|---|
B&R Automation | Controllers |
Cisco | Catalyst Switches (improvements) |
Eaton | Power Xpert Gateways |
Indu-Sol | PROmesh P Series Industrial Switches |
Ingeteam | INGESYS IC Controllers |
Keyence | Safety Laser Scanners (SR-V Series) |
Lantronix | IntelliBox-I/O Serial-to-Ethernet Bridges |
Schneider Electric | PowerLogic ION Series |
Schneider Electric | PowerLogic ION 7300 Series |
Schneider Electric | PowerLogic EGX |

Bug Fix | Defect ID |
---|---|
The Events page no longer times out when loading millions of queries. | NA |
OT Security now ensures that the bind operation for Active Directory (AD) and Lightweight Directory Access Protocol (LDAP) no longer times out when the initial AD URLs fail to respond. | NA |
The System Log page's pagination now ensures responsiveness when there are many log events to display. | NA |
OT Security now ensures that all Nessus scans are preserved after an upgrade. | NA |

For more information about OT Security APIs, see the API documentation.
Enum value AbbRtu500 was removed from enum BasicCredentialsTypes
Enum value Gateway was removed from enum RelationshipType
Enum value tags was added to enum AggregationsAssetsField
Enum value tags was added to enum AssetField
Enum value NetworkMapper was added to enum AssetSourceType
Enum value EmLicenseInactive was added to enum CannotUpdateDfeReason
Enum value EmOldLicense was added to enum CannotUpdateDfeReason
Enum value EmLicenseInactive was added to enum CannotUpdatePluginSetReason
Enum value EmOldLicense was added to enum CannotUpdatePluginSetReason
Enum value EmLicenseInactive was added to enum CannotUpdateSuricataRulesReason
Enum value EmOldLicense was added to enum CannotUpdateSuricataRulesReason
Enum value findingId was added to enum ChildrenPolicyHitField
Enum value Windows was added to enum CoreOsVersion
Enum value BasicSchemaWithRole was added to enum CredentialSchemaType
Enum value EmLicenseInactive was added to enum ErrorCategory
Enum value EmOldLicense was added to enum ErrorCategory
Enum value FailedToAbortOtAgentScan was added to enum ErrorCategory
Enum value FailedToApproveOtAgent was added to enum ErrorCategory
Enum value FailedToDeleteOtAgent was added to enum ErrorCategory
Enum value FailedToEditOtAgentSchedule was added to enum ErrorCategory
Enum value FailedToLaunchOtAgentScan was added to enum ErrorCategory
Enum value FailedToUpdateOtAgent was added to enum ErrorCategory
Enum value IcpDisconnected was added to enum ErrorCategory
Enum value IcpFeedUpdateSkipped was added to enum ErrorCategory
Enum value NotDeletableWhileDefinedOnDuplicatedNetwork was added to enum ErrorCategory
Enum value FeedType was added to enum ErrorKey
Enum value Name was added to enum ErrorKey
Enum value OtAgentId was added to enum ErrorKey
Enum value Status was added to enum ErrorKey
Enum value tags was added to enum LinkField
Argument displayTag: Boolean added to field Mutation.newAssetGroup
Argument displayTag: Boolean added to field Mutation.setAssetGroup
Enum value tags was added to enum PluginsAssetsField
Enum value findingId was added to enum PolicyHitField
Enum value AgentGateway was added to enum RelationshipType
Enum value OtAgentPendingApproval was added to enum RemovableFlags
Enum value assetTags was added to enum findingField
Field tags was added to object type Asset
Field displayTag was added to object type AssetFunction
Field displayTag was added to interface AssetGroup
Field displayTag was added to object type AssetList
Field displayTag was added to object type AssetTypeFamilyGroup
Type BasicCredentialsWithRole was added
Type BasicCredentialsWithRoleTypes was added
Field OtAgentsAutoApprove was added to object type Config
Type FeedType was added
Field otAgentPendingApproval was added to object type FlagList
Type GlobalUpdates was added
Field displayTag was added to object type IpList
Field displayTag was added to object type IpRange
Field tags was added to object type LeanAsset
Field addBasicCredentialsWithRole was added to object type Mutation
Field bulkDeleteOtAgents was added to object type Mutation
Field bulkOtAgentsScheduleEdit was added to object type Mutation
Field createPairingKey was added to object type Mutation
Field deleteOtAgent was added to object type Mutation
Field editIcpFeedUpdateSchedule was added to object type Mutation
Field editOtAgent was added to object type Mutation
Field feedUpdateICPs was added to object type Mutation
Field otAgentAction was added to object type Mutation
Field setAssetGroupsDisplayTag was added to object type Mutation
Field setBasicCredentialsWithRole was added to object type Mutation
Field testAdHocBasicCredentialsWithRole was added to object type Mutation
Type OtAgentAction was added
Type OtAgentDetails was added
Type OtAgentDetailsConnection was added
Type OtAgentDetailsEdge was added
Type OtAgentExpressionsParams was added
Type OtAgentScanResult was added
Type OtAgentSelectField was added
Type OtAgentSortParams was added
Type OtAgentSortParamsComplexFields was added
Type OtAgentStatus was added
Field globalUpdates was added to object type PairedIcp
Type PairingKeyResponse was added
Type PolicyFinding was added
Type PolicyFindingConnection was added
Type PolicyFindingEdge was added
Type PolicyFindingField was added
Type PolicyFindingsExpressionsParams was added
Type PolicyFindingsSortParams was added
Type PolicyFindingsSortParamsComplexFields was added
Field displayTag was added to object type PortGroup
Field displayTag was added to object type ProtocolGroup
Field checkForAllOtAgentUpdates was added to object type Query
Field checkForOtAgentUpdates was added to object type Query
Field dfeLatestUpdateVersion was added to object type Query
Field nessusLatestPluginSetVersion was added to object type Query
Field otAgent was added to object type Query
Field otAgents was added to object type Query
Field otAgentsRaw was added to object type Query
Field policyFindings was added to object type Query
Field suricataLatestPluginSetVersion was added to object type Query
Field systemLogRaw was added to object type Query
Type RawOtAgentComplexFieldParams was added
Type RawOtAgentComplexFieldParamsComplexFields was added
Type RawOtAgentComplexGroupingParams was added
Type RawOtAgentComplexGroupingParamsComplexFields was added
Type RawSystemLogComplexFieldParams was added
Type RawSystemLogComplexFieldParamsComplexFields was added
Type RawSystemLogComplexGroupingParams was added
Type RawSystemLogComplexGroupingParamsComplexFields was added
Field displayTag was added to object type RecurringGroup
Field displayTag was added to object type RuleGroup
Field displayTag was added to object type ScheduleFunction
Field displayTag was added to interface ScheduleGroup
Field displayTag was added to object type SegmentGroup
Field displayTag was added to object type TagGroup
Field displayTag was added to object type TimeInterval
Field Version.idsRuleSetDate description changed from IDS rule set version to IDS rule set last update date
Field idsRuleSetSchedule was added to object type Version
Field idsRuleSetScheduleEnabled was added to object type Version
Field idsRuleSetVersion was added to object type Version
Field Version.nessusPluginSetDate description changed from Nessus plugin set version to Nessus plugin set last update date
Field nessusPluginSetSchedule was added to object type Version
Field nessusPluginSetScheduleEnabled was added to object type Version
Field nessusPluginSetVersion was added to object type Version
Field piiUpdateDate was added to object type Version
Field piiUpdateSchedule was added to object type Version
Field piiUpdateScheduleEnabled was added to object type Version
Field piiUpdateVersion was added to object type Version
Tenable OT Security 4.2.40 SP 3 (2025-05-28)

Tenable OT Security 4.2.38 SP 2 (2025-05-09)

OT Security updated the embedded version of Nessus to 10.8.4 in response to the recent security advisory.
Nessus is not vulnerable in earlier OT Security versions.
For more information, see the Tenable Product Security Advisory.

Bug Fix | Defect ID |
---|---|
Improved container log storage now ensures efficient disk usage and prevents machines from running out of space. | 02234368 |
OT Security now ensures that importing an updated asset details CSV file (via Data Sources > Update Asset Details Using CSV File) works as expected. | 01406014 |
OT Security ensures that IoT containers no longer hinder application startup or initialization. | 02236749 |

Filenames and MD5 or SHA-256 checksums are posted at OT Security Downloads page.
May 8, 2025

Tenable is thrilled to announce some significant enhancements to your cloud product Workspace! We've redesigned the workspace to provide you with better visibility and access to Tenable products:
-
Improved Product Overview — You can now easily see both the products you've purchased and a range of other products available for exploration.
-
Detailed Product Information — Access More Details to demo the product, giving you in-depth knowledge about each product.
-
Product Utilization — We’ve added a utilization feature that shows the percentage of how much you’re using the subscribed products. It allows you to quickly direct you to the License Information page.
-
Trial Status Visibility — If you are currently evaluating a product or have done so within the past year, you will now see the status of the trial (In Trial or Trial Expired) directly in your workspace.
These changes are designed to help you get the most out of your Tenable solutions and discover new ways to enhance your security posture. To learn more, access the Workspace page via any Tenable cloud application.
Tenable OT Security 4.2.33 SP (2025-04-22)

Bug Fix | Defect ID |
---|---|
Tenable OT Security now ensures that open ports referencing non-existent IPs no longer prevent an upgrade. | NA |

Filenames and MD5 or SHA-256 checksums are posted at OT Security Downloads page.
Tenable OT Security 4.2.32 (2025-04-16)

Advanced SNMP-based Network Discovery and Crawler
The SNMP Crawler enhances Layer 2 visibility, enabling security teams to gain a comprehensive understanding of OT network topology. Unlike many security vendors, OT Security leverages SNMP data to discover and map all connected devices and switches, even those that it cannot actively reach or passively monitor.
-
A new discovery engine in OT Security uses SNMP queries to discover new devices connected to a switch when SNMP credentials are available.
-
Under Related Assets, OT Security tracks assets and the devices they connect to. For example, a switch and the assets connected to it. OT Security also indicates the port to which the asset is connected.
-
You can use the Fetch Neighbors option on the SNMP query or Initial Enrichment for SNMP to obtain details from the nearby devices.
Intelligent Hardware Lifecycle Management
Manage the lifecycle of your hardware investments with a robust library of end-of-life plugins for OT/IoT devices in your environment, complementing existing software EOL tracking capabilities.
-
Extends vendor support to include Schneider and Siemens for lifecycle tracking. There are new vulnerability plugins reported on the assets for these vendors to indicate their support.
-
Includes a new device attribute filter for lifecycle in the Inventory page.
Flexible Windows-based OT Security Deployment (Beta)
The new sensor deployment option allows you to install OT Security sensors directly on Windows devices, eliminating the need for a dedicated appliance. This paves the way for future integrations, including potential Nessus compatibility.
-
An early-stage product that allows you to perform various OT queries such as discovery, identification, and backplane queries from a Windows computer to OT devices such as a PLC.
-
Provides operational visibility into segmented or isolated subnets, even in environments where only a PC is available or deploying OT Security appliances is not feasible.
Improvements to IoT Connectors
Gain deeper insights into IoT-related risks with advanced data extraction from connected IoT and Video Management Systems (VMS). Enhanced support for credentialed authentication on Windows and Ubuntu-installed IoT agents expands integration capabilities, improving asset visibility and large-scale management.
-
A significant number of performance improvements and stability fixes to the underlying IoT engine.
-
Support for VMS credentials, which effectively doubles the supported VMS matrix.
-
IoT Connectors also brings in details such as the asset names, models, and stream details.
Main Navigation Menu changes
A redesigned user experience simplifies navigation across OT Security. The latest navigation updates streamline how you access and manage critical OT Security data to speed up common workflows. Updates include a restructured main toolbar, an intuitive side panel for quick access to asset inventory, findings, and event details.
-
Includes a new Data Collection category consolidating Policies, Active Query Management, and the new Data Sources page.
-
Reorganization of Inventory pages as in-page tabs for quick access.
-
The Network Map page is now moved to the Network category for improved contextual visibility.

Less Rebooting Operations
-
OT Security will reboot less often for various configuration changes. Whenever a system restart is necessary, OT Security will opt for an application restart instead.
Support for Microsoft Hyper-V Deployments
-
You can now deploy OT Security as a virtual machine using a .zip file on Microsoft Hyper-V.
Supporting KVM, Proxmox, Nutanix, libvirt Deployments
-
OT Security can now be deployed using qcow2 image files to enable support for KVM-based virtualization platforms.
Tenable Software Updates
The embedded Tenable applications, Nessus, and Nessus Network Monitor are now upgraded to their latest releases.

Vulnerabilities
Tenable identifies several new vulnerabilities in this release. See the complete list here.
New Tenable OT Security Device Fingerprint Engine (DFE) Coverage
Vendor | Product |
---|---|
ABB | AC Series Drives |
Automated Logic Corp |
WebCtrl Industrial Gateways WebCtrl BMS Controllers Optiflex for WebCtrl |
Benning | Monitoring Control Unit (MCU) |
Cisco | Small Business Switches |
Dahua Security | Cameras and Video Recorders |
Ingeteam | INGECON Sun Solar Inverters |
Microhard | Cellular Modems |
Schneider | Powerlogic HDPM |
Schneider Electric |
ACM Power Meters PowerLogic EGX |
Siemens | Siprotec5 Ethernet Communication Modules |
Walchem | WMT Cooling Tower Controllers |

Bug Fix | Defect ID |
---|---|
OT Security does not update the Last Seen timestamp on assets that the IoT Connector reported as Offline. | N/A |
OT Security removed a limitation on the number of tags captured during a PLC Code Snapshot from the Rockwell ControlLogix devices. | N/A |
Reverting to a version earlier than 4.2 no longer fails because of Tenable Core dependencies. | N/A |
The SNMPv3 credentials now correctly fetch SNMP port state or SNMP-connected neighbors. | N/A |
Some vulnerability plugins now show the status correctly as active or fixed for a single asset. | 482636 |

For more information about OT Security APIs, see the API documentation.
Enum value discontinuedDate was added to enum AggregationsAssetsField
Enum value hardwareState was added to enum AggregationsAssetsField
Enum value lifecycleStatus was added to enum AggregationsAssetsField
Enum value replacementProduct was added to enum AggregationsAssetsField
Enum value discontinuedDate was added to enum AssetField
Enum value hardwareState was added to enum AssetField
Enum value lifecycleStatus was added to enum AssetField
Enum value replacementProduct was added to enum AssetField
Enum value OtAgent was added to enum AssetSourceType
Enum value ReadOtAgents was added to enum Capability
Enum value ReadOverlappingIps was added to enum Capability
Enum value WriteOtAgents was added to enum Capability
Enum value WriteOverlappingIps was added to enum Capability
Enum value EmUpdateRequired was added to enum ErrorCategory
Enum value LicenseInactive was added to enum ErrorCategory
Enum value discontinuedDate was added to enum LinkField
Enum value hardwareState was added to enum LinkField
Enum value lifecycleStatus was added to enum LinkField
Enum value replacementProduct was added to enum LinkField
Enum value id was added to enum LogRecordField
Argument options: AgentAddOptionsParams added to field Mutation.addAgentIotConnector
Argument options: AgentEditOptionsParams added to field Mutation.editAgentIotConnector
Enum value OtAgent was added to enum OpenPortsSource
Enum value discontinuedDate was added to enum PluginsAssetsField
Enum value hardwareState was added to enum PluginsAssetsField
Enum value lifecycleStatus was added to enum PluginsAssetsField
Enum value replacementProduct was added to enum PluginsAssetsField
Argument countTimeout: Int (with default value) added to field Query.origins
Argument filter: OriginExpressionsParams added to field Query.origins
Argument search: String added to field Query.origins
Argument slowCount: Boolean added to field Query.origins
Argument sort: [OriginSortParams!] added to field Query.origins
Enum value BACnet was added to enum RelationshipType
Enum value Gateway was added to enum RelationshipType
Enum value SnmpCrawler was added to enum RelationshipType
Input field queryNeighbors of type Boolean was added to input object type SnmpOptionsParams
Enum value assetDiscontinuedDate was added to enum findingField
Enum value assetHardwareState was added to enum findingField
Enum value assetLifecycleStatus was added to enum findingField
Enum value assetReplacementProduct was added to enum findingField
Type AgentAddOptionsParams was added
Field hasVmsCredentials was added to object type AgentConnector
Field version was added to object type AgentConnector
Field vmsConnectionStatus was added to object type AgentConnector
Field vmsDbIp was added to object type AgentConnector
Field vmsDbPort was added to object type AgentConnector
Field vmsPassword was added to object type AgentConnector
Field vmsUsername was added to object type AgentConnector
Type AgentEditOptionsParams was added
Type AgentVmsConnectionStatus was added
Field discontinuedDate was added to object type Asset
Field hardwareState was added to object type Asset
Field lifecycleStatus was added to object type Asset
Field replacementProduct was added to object type Asset
Type AssetRelationshipBacnetDetails was added
Type AssetRelationshipGatewayDetails was added
Type AssetRelationshipSnmpCrawlerDetails was added
Field version was added to object type ExacqConnector
Field FlagList.graphQLToggle is deprecated
Field FlagList.graphQLToggle has deprecation reason Deprecated since 4.2, flag not used anymore
Directive deprecated was added to field FlagList.graphQLToggle
Field FlagList.initialized is deprecated
Field FlagList.initialized has deprecation reason Deprecated since 4.2, flag not used anymore
Directive deprecated was added to field FlagList.initialized
Field FlagList.ipChange is deprecated
Field FlagList.ipChange has deprecation reason Deprecated since 4.2, flag not used anymore
Directive deprecated was added to field FlagList.ipChange
Type HardwareState was added
Field version was added to interface IotConnectorInfo
Field discontinuedDate was added to object type LeanAsset
Field hardwareState was added to object type LeanAsset
Field lifecycleStatus was added to object type LeanAsset
Field replacementProduct was added to object type LeanAsset
Field version was added to object type MilestoneConnector
Field version was added to object type MobotixConnector
Field bulkEditSensors was added to object type Mutation
Directive deprecated was added toArgument location of field initSystem in type Mutation
Directive deprecated was added toArgument time of field initSystem in type Mutation
Field reloadAuthProviderAfterChange was added to object type Mutation
Field supportActive was added to object type Origin
Type OriginExpressionsParams was added
Type OriginSelectField was added
Type OriginSortParams was added
Type OriginSortParamsComplexFields was added
Type SensorsBulkAction was added
Field queryNeighbors was added to object type Snmp
Field id was added to object type SystemLog
Field SystemLog.timeStamp is deprecated
Field SystemLog.timeStamp has deprecation reason Use lowercase timestamp instead
Directive deprecated was added to field SystemLog.timeStamp
Field timestamp was added to object type SystemLog

Filenames and MD5 or SHA-256 checksums are posted at OT Security Downloads page.
Tenable OT Security 4.1.45 SP (2025-03-19)

Bug Fix | Defect ID |
---|---|
OT Security now ensures that assets are no longer incorrectly classified as Dahua IP Camera. | NA |
Creating new or duplicate Network Baseline Deviation policy now works as expected. | NA |
The Executive Report function now generates reports without any issues. | NA |
During upgrades, OT Security ensures that the current Influx process completes loading before running more Influx setup scripts. | NA |
OT Security ensures that BACnet assets with missing instance IDs now display them as expected. | NA |
Tenable OT Security 4.1.38 (2025-02-20)

Overlapping IP Address Support
-
In networks that reuse the same IP address ranges, OT Security prevents unintended asset merging by using sensors to differentiate them.
-
Each instance of a network reusing IP ranges requires a dedicated sensor. For example, three production lines with identical IP configurations would need three separate sensors to ensure asset distinction for each process line.
For more information, see Duplicated Internal Networks.
IEC Substation Visibility
-
You can now import substation configuration data to enhance the asset inventory, enabling OT Security to deliver critical security insights into substation misconfigurations. For more information, see SCD Files.
Improved Nessus VM Scan Controls
Tenable now introduces the following new configuration options for user-defined Nessus Scans in OT Security. When creating a scan, you can adjust its speed, verbosity, and intensity. For more information, see Nessus Plugin Scans.
-
Thorough Tests
-
When performing a scan, Nessus can run additional in-depth checks on the system. Enabling this option enhances the thoroughness of the scan but also increases its duration.
-
Periodic use of Thorough scans benefits the "AI Aware" functionality in OT Security.
-
-
Higher Verbosity
-
Some plugins can produce a more data-rich output during a scan. However, you must enable this setting for the plugin to include the additional data in their plugin output.
-
When you select this option, the scan output includes the informational plugins: 56310, 64582, and 58651.
-
-
Scan Performance
-
Tenable now enables administrators to customize individual Nessus scan performance. These settings include the number of plugins evaluated against a target at the same time, concurrent scan target count, and timeout in seconds.
-
Lowering the max checks and max hosts values can reduce the impact of a scan. However, it can also increase the scan duration.
-
AI Aware Detections
Tenable's new AI detection features help you monitor your artificial intelligence applications and services. OT Security obtains data from your credentialed scans and then shows them on the Findings or Vulnerabilities workbenches.
Compliance Dashboard: NERC-CIP support
The Compliance dashboard now supports mapping controls within NERC CIP that are detectable with OT Security.
Enterprise Manager — Centralized Updates
Starting with the OT Security EM 4.1 release, system administrators can remotely upgrade their paired ICPs (running version 4.0 or later) to the same version as the EM. For more information, see ICP Updates.
This feature was added in OT Security 4.0 but functional from version 4.1.

CVSSv3 Scores on Findings — The Findings and Vulnerabilities tables now includes an additional column for CVSSv3.
Inventory "Select All" — The Select All checkbox is reinstated to the Inventory page for easier multiple selection.
Sensor Active Queries— Bulk Configuration —You can now bulk select and enable or disable the sensor active query behavior.
Network Ports Configuration — Configure network ports through the Tenable Core Cockpit interface on port 8000. You can now review and configure the roles of each network interface outside the application. For example: enabling split ports.

Vulnerabilities
Tenable identifies several new vulnerabilities in this release. See the complete list here.
New Tenable OT Security Device Fingerprint Engine (DFE) Coverage
Vendor | Product |
---|---|
Moxa | MGate 5000 Series |
Sprecher Automation | RTU |
Elspec | G5 Digital Fault Recorder |
Wiesemann & Theis | ComServer |
Honeywell | Experion C300PM, C300OM |
Wago | Controllers 750, PFC |

For more information about OT Security APIs, see the API documentation.
Field ntpChange was removed from object type FlagList
Field ntpFault was removed from object type FlagList
Field ntpServersUnreachable was removed from object type FlagList
Field emSetSystemTime was removed from object type Mutation
Argument keepNetworkConfig: Boolean! was removed from field Mutation.factoryReset
Field setSystemTime was removed from object type Mutation
Input field origins of type [String!] was added to input object type AssetDiscoveryOptionsParams
Enum value Scd was added to enum AssetSourceType
Enum value AlreadyExists was added to enum ErrorCategory
Enum value ContentTooBig was added to enum ErrorCategory
Enum value FailedToAllocateOverlapping was added to enum ErrorCategory
Enum value NotContainingAnyAssets was added to enum ErrorCategory
Enum value OverlappingNetsAlreadyInOrigin was added to enum ErrorCategory
Enum value Processing was added to enum ErrorCategory
Member IEC61850SubscribeFailure was added to Union type EventDetails
Member IEC61850UnauthorizedWrite was added to Union type EventDetails
Enum value IEC61850 was added to enum ExclusionType
Enum value IEC61850SubscriptionFailure was added to enum IDSSrcDstEvent
Enum value IEC61850UnauthorizedWrite was added to enum IDSSrcDstEvent
Enum value awaitingFirstUse was added to enum IcpSensorField
Enum value origin was added to enum IcpSensorField
Argument origins: [String!] added to field Mutation.editNessusUserScan
Argument settings: NessusUserScanSettingsArgs added to field Mutation.editNessusUserScan
Argument origin: ID added to field Mutation.editSensor
Argument origins: [String!] added to field Mutation.newNessusUserScan
Argument settings: NessusUserScanSettingsArgs added to field Mutation.newNessusUserScan
Argument origin: String added to field Mutation.testAdHocBasicCredentials
Argument origin: String added to field Mutation.testAdHocPasswordOnlyCredentials
Argument origin: String added to field Mutation.testAdHocSnmpV2Credentials
Argument origin: String added to field Mutation.testAdHocSnmpV3Credentials
Argument origin: String added to field Mutation.testCredentials
Enum value cvss3Score was added to enum PluginField
Enum value cvss3Score was added to enum PluginsAssetsField
Enum value IEC61850SubscriptionFailure was added to enum PolicyEventType
Enum value IEC61850UnauthorizedWrite was added to enum PolicyEventType
Argument origins: [String!] added to field Query.getDiscoveryEstimation
Argument dbOnly: Boolean added to field Query.nessusUserScan
Argument dbOnly: Boolean added to field Query.nessusUserScans
Enum value SensorAwaitingFirstUse was added to enum RemovableFlags
Enum value pluginCvss3Score was added to enum findingField
Field origins was added to object type AssetDiscovery
Field scdSubscriptionsRecoByIedCsvIsRunning was added to object type FlagList
Field scdSubscriptionsRecoCsvIsRunning was added to object type FlagList
Field sensorAwaitingFirstUse was added to object type FlagList
Type IEC61850Exclusion was added
Type IEC61850SubscribeFailure was added
Type IEC61850UnauthorizedWrite was added
Type IcpUpdateStatus was added
Type IecReportClient was added
Type IecReportClientConnection was added
Type IecReportClientEdge was added
Field bulkEditSensorActive was added to object type Mutation
Field createOrigin was added to object type Mutation
Field deleteOrigin was added to object type Mutation
Field deleteOverlappingNetworks was added to object type Mutation
Field newIEC61850Exclusion was added to object type Mutation
Field scdMisconfigRecommendationByIedCsv was added to object type Mutation
Field scdMisconfigRecommendationCsv was added to object type Mutation
Field scdSubscriptionsRecommendationByIedCsv was added to object type Mutation
Field scdSubscriptionsRecommendationCsv was added to object type Mutation
Field updateOverlappingNetworks was added to object type Mutation
Field updateOverlappingPool was added to object type Mutation
Field origins was added to object type NessusUserScan
Field settings was added to object type NessusUserScan
Type NessusUserScanSettings was added
Type NessusUserScanSettingsArgs was added
Type NetworkUpdateInput was added
Type Origin was added
Type OriginConnection was added
Type OriginEdge was added
Field cvss3Score was added to object type Plugin
Field iecCanUploadScd was added to object type Query
Field iecReportsByAssetId was added to object type Query
Field iecScdsInfo was added to object type Query
Field isAssetIec was added to object type Query
Field origin was added to object type Query
Field origins was added to object type Query
Field overlappingPool was added to object type Query
Field scdRecommendationsCount was added to object type Query
Field scdRecommendationsCountByIed was added to object type Query
Field itemsCount was added to object type RuleGroup
Type ScdInfo was added
Type ScdInfoConnection was added
Type ScdInfoEdge was added
Type ScdRecommendations was added
Type SensorActiveAction was added
Field origin was added to object type SensorDetails
Field updateStatus was added to object type Update
Type thoroughTestsType was added
Type verbosityType was added

Filenames and MD5 or SHA-256 checksums are posted at OT Security Downloads page.