Tenable OT Security 2026 Release Notes
Tip: You can subscribe to receive alerts for Tenable documentation updates.
Tenable OT Security 4.5.61 SP (2026-03-06)
Considerations
All OT Security 4.5 users must upgrade to the 4.5 Service Pack to resolve a critical issue affecting system stability and policy events. This issue occurs when the system processes high volumes of network conversations with event policies that depend on dynamic asset groups containing thousands of assets.
Bug Fix
| Bug Fix | Defect ID |
|---|---|
| OT Security ensures system stability when processing high volumes of concurrent network conversations evaluated against event policies using dynamic asset groups. | 02420590 02429400 |
| OT Security now correctly upgrades from 4.2.33 to 4.5.54 without any memory error. | 02410077 |
| Rockwell Stratix devices now correctly display the Cisco IOS or Switch firmware version (via SNMP) instead of the CIP firmware version. | 02259051 |
| Tenable OT Security Enterprise Manager (EM) updates no longer accumulate or cause a system error if you trigger a new update while a previous update is in progress. | NA |
| Nessus scans with SNMP v3 credentials now work as expected. | 02410044 |
| OT Security now ensures that syslog files include the correct IP addresses for duplicated networks. | NA |
(Early Access) Tenable OT Security 4.6.23 (2026-02-19)
New Features
Core Infrastructure and Scalability
Massive Subnet Scale Expansion — OT Security now supports up to 5,000 subnets to accommodate large-scale enterprise deployments. This increase improves the granularity of passive and intrusion detection system (IDS) detection. This visibility ensures you can monitor complex network environments without reaching architectural limits.
Centralized Monitored Subnet Management — OT Security now includes a new Monitored Networks page to help you manage your monitored networks.
-
Bulk Actions: Bulk-add subnets to reduce manual configuration time.
-
Granular Control: Toggle monitoring status for individual subnets during creation.
-
Inactive subnets: Create and manage subnets in your list without enabling monitoring.
For more information, see Monitored Networks.
Active Scanning and Vulnerability Management
Nessus Scan Credential Management — OT Security now offers a more flexible active scanning workflow allowing you to define specific credential usage when configuring Nessus scans:
-
Do Not Use Credentials: Perform scans without providing credentials.
-
Try All Available Credentials: Use all available credentials to ensure maximum coverage.
-
Use Only Specific Credentials: Select targeted credentials for high-sensitivity assets.
For more information, see Create a Nessus Plugin Scan.
Ecosystem and Integration
Seamless Tenable One Navigation — Accessing OT Security through Tenable One single sign-on (SSO) or SAML, now includes a Return to Tenable One link. enabling security analysts to pivot seamlessly between platforms without re-authenticating.
Maintenance and Diagnostics
ICP Remote Agent Updates — Allows remote updates of OT Agents directly from the ICP.
This reduces the need for local site visits or manual intervention when deploying the latest OT agent updates. For more information, see Update OT Agent.
Enhanced Asset Diagnostics — The Asset Diagnostics Export now includes deeper metadata and granular asset information to provide Tenable Support and Engineering teams with a more comprehensive snapshot for troubleshooting and asset verification.
Improvements
ICP-access System Logs from Enterprise Manager
When accessing the ICP dashboard through OT Security EM, OT Security generates a system log on the ICP.
OT Agent - Protocol and Query Restrictions Infrastructure
OT Security now supports query restrictions for OT agents.
Error Handling Framework Improvements
OT Security now includes improved system stability and provides specific error messages for backend processes.
User Interface Updates
OT Security 4.6 includes user interface updates for better data density and readability.
IoT Connector Improvements
OT Security now includes the following improvements for IoT Connectors:
-
IoT Connector Status — The status indicator now accurately reflects the integration health.
-
Data Retrieval — The IoT Agent now returns data to OT Security for AvigilonES, Exacq Edge, and Milestone integrations.
-
Connection Failures — OT Security ensures that the integration returns a null value when a connection fails for AvigilonES, Exacq Edge, and Milestone integrations.
-
Performance Improvements — OT Security shows improved processing for large Milestone integrations and ensures that you can run multiple integrations simultaneously.
-
Database Authentication — Windows authentication with MSSQL databases (IoT Agent) now works correctly.
-
Device Matching — Improved manufacturer matching when pulling generic ONVIF devices from Avigilon.
New Content
Vulnerabilities
Tenable identifies several new vulnerabilities in this release. See the complete list here for plugins published since the 4.5 release (December 18, 2025).
New Tenable OT Security Device Fingerprint Engine (DFE) Coverage
| Vendor | Product |
|---|---|
| Starlink | Starlink Gen 3 satellite dish |
| Schneider | Triconex Safety Systems |
| Tripp Lite | SmartOnline UPS |
| Siemens | Power Meters 9000 |
| CUE Systems | IPCUE Controller |
| Honeywell | Industrial Printers |
| Konica Minolta | Bizhub Multifunction Printers |
| Printonix | Thermal Label Printers |
| HP Inc | LaserJet / DesignJet |
| Wachendorff Automation | Gateways / WebPanels |
| Schneider Electric | Legacy Modicon families |
| Jinan USR | USR Serial to Wifi Converters |
| EndRun Technologies | Sonoma Network Time Servers |
| TryStar | CyTime SER (Sequence Event Recorder) |
Bug Fix
| Bug Fix | Defect ID |
|---|---|
| The state or snapshot queries on Siemens S7-1500 Firmware 2.9.4 now works correctly. | NA |
| Yokogawa Stardom firmware now shows correct values. | 02397709 |
| OT Security disabled the plugin 14788 in Nessus scans to prevent faults in the sensor tunnel with the ICP. | NA |
Filenames and Checksums
Filenames and MD5 or SHA-256 checksums are posted at OT Security Downloads page.