Tenable OT Security 2026 Release Notes
Tip: You can subscribe to receive alerts for Tenable documentation updates.
(Early Access) Tenable OT Security 4.6.23 (2026-02-19)
Core Infrastructure and Scalability
Massive Subnet Scale Expansion — OT Security now supports up to 5,000 subnets to accommodate large-scale enterprise deployments. This increase improves the granularity of passive and intrusion detection system (IDS) detection. This visibility ensures you can monitor complex network environments without reaching architectural limits.
Centralized Monitored Subnet Management — OT Security now includes a new Monitored Networks page to help you manage your monitored networks.
-
Bulk Actions: Bulk-add subnets to reduce manual configuration time.
-
Granular Control: Toggle monitoring status for individual subnets during creation.
-
Inactive subnets: Create and manage subnets in your list without enabling monitoring.
For more information, see Monitored Networks.
Active Scanning and Vulnerability Management
Nessus Scan Credential Management — OT Security now offers a more flexible active scanning workflow allowing you to define specific credential usage when configuring Nessus scans:
-
Do Not Use Credentials: Perform scans without providing credentials.
-
Try All Available Credentials: Use all available credentials to ensure maximum coverage.
-
Use Only Specific Credentials: Select targeted credentials for high-sensitivity assets.
For more information, see Create a Nessus Plugin Scan.
Ecosystem and Integration
Seamless Tenable One Navigation — Accessing OT Security through Tenable One single sign-on (SSO) or SAML, now includes a Return to Tenable One link. enabling security analysts to pivot seamlessly between platforms without re-authenticating.
Maintenance and Diagnostics
ICP Remote Agent Updates — Allows remote updates of OT Agents directly from the ICP.
This reduces the need for local site visits or manual intervention when deploying the latest OT agent updates. For more information, see Update OT Agent.
Enhanced Asset Diagnostics — The Asset Diagnostics Export now includes deeper metadata and granular asset information to provide Tenable Support and Engineering teams with a more comprehensive snapshot for troubleshooting and asset verification.
ICP-access System Logs from Enterprise Manager
When accessing the ICP dashboard through OT Security EM, OT Security generates a system log on the ICP.
OT Agent - Protocol and Query Restrictions Infrastructure
OT Security now supports query restrictions for OT agents.
Error Handling Framework Improvements
OT Security now includes improved system stability and provides specific error messages for backend processes.
User Interface Updates
OT Security 4.6 includes user interface updates for better data density and readability.
IoT Connector Improvements
OT Security now includes the following improvements for IoT Connectors:
-
IoT Connector Status — The status indicator now accurately reflects the integration health.
-
Data Retrieval — The IoT Agent now returns data to OT Security for AvigilonES, Exacq Edge, and Milestone integrations.
-
Connection Failures — OT Security ensures that the integration returns a null value when a connection fails for AvigilonES, Exacq Edge, and Milestone integrations.
-
Performance Improvements — OT Security shows improved processing for large Milestone integrations and ensures that you can run multiple integrations simultaneously.
-
Database Authentication — Windows authentication with MSSQL databases (IoT Agent) now works correctly.
-
Device Matching — Improved manufacturer matching when pulling generic ONVIF devices from Avigilon.
Vulnerabilities
Tenable identifies several new vulnerabilities in this release. See the complete list here for plugins published since the 4.5 release (December 18, 2025).
New Tenable OT Security Device Fingerprint Engine (DFE) Coverage
| Vendor | Product |
|---|---|
| Starlink | Starlink Gen 3 satellite dish |
| Schneider | Triconex Safety Systems |
| Tripp Lite | SmartOnline UPS |
| Siemens | Power Meters 9000 |
| CUE Systems | IPCUE Controller |
| Honeywell | Industrial Printers |
| Konica Minolta | Bizhub Multifunction Printers |
| Printonix | Thermal Label Printers |
| HP Inc | LaserJet / DesignJet |
| Wachendorff Automation | Gateways / WebPanels |
| Schneider Electric | Legacy Modicon families |
| Jinan USR | USR Serial to Wifi Converters |
| EndRun Technologies | Sonoma Network Time Servers |
| TryStar | CyTime SER (Sequence Event Recorder) |
| Bug Fix | Defect ID |
|---|---|
| The state or snapshot queries on Siemens S7-1500 Firmware 2.9.4 now works correctly. | NA |
| Yokogawa Stardom firmware now shows correct values. | 02397709 |
| OT Security disabled the plugin 14788 in Nessus scans to prevent faults in the sensor tunnel with the ICP. | NA |
Filenames and MD5 or SHA-256 checksums are posted at OT Security Downloads page.