Tenable.ot 3.13.21 Release Notes (2022-02-28)

You can download the Tenable.ot update files from the Tenable downloads page.

Note: Starting with version 3.13, Tenable.ot only supports Tenable Core. Tenable.ot no longer supports Atomic OS. If you are unsure of what OS you have or how to upgrade to Tenable Core, contact Tenable support.

New Features

Migration to Plugins-based Vulnerabilities Detection

Starting with v. 3.13, Tenable.ot bases vulnerabilities detection on plugins, as in all other Tenable products. Plugins are written in a proprietary scripting language, called Nessus Attack Scripting Language (NASL), and contain vulnerability information, a generic set of remediation actions and the algorithm to test for the presence of the security issue.

You can obtain the newest set of plugins and install them at any time in two ways:

  • Cloud update - for systems that are connected to the internet, plugins are periodically and automatically downloaded. You can also initiate this update on demand.

  • Offline update - You can also upload a file containing the plugins data to the system via the user interface. You can obtain the URL for this file from Tenable.ot.

The migration to plugins will affect the risk score of assets.

To learn more about plugins, visit: /nessus/Content/AboutNessusPlugins.htm.

Event Clusters

Tenable.ot groups into a cluster the events that were triggered by the same policy and that are adjacent in time and have identical characteristics. This reduces the number of records in the user interface and simplifies both initial policies tuning and incident response in case of an event.

Tools for Policies Tuning

Tenable.ot calculates and presents the following data and for each policy:

  • Number of generated events - you can now see this information for the last 24 hours or last 7 / 30 days.

  • Number of created exclusions.

New Dashboard Widgets

Tenable.ot added the following widgets in connection to the migration to plugins-based vulnerabilities detection:

  • Most common vulnerabilities

  • Most common plugin families

  • Vulnerabilities by severity

  • Most severe vulnerabilities

Tenable.ot also added the following widget:

  • Most common policies

Uploading Asset Data via the UI

You can now upload a CSV file with data of assets that do not exist in Tenable.ot to leverage its asset management capabilities.

Detection of NUCLEUS:13 Exploitation Attempts

Tenable.ot added Suricata signatures for flagging exploitation attempts of NUCLEUS:13 vulnerabilities.

Uploading an HTTPs Certificate via the UI

You can now upload an HTTPs certificate via the user interface, as opposed to only generating a self-signed certificate.

Bachmann M1 Standard Passive Support

Tenable.ot added standard passive support for Bachmann M1 controllers to facilitate, among others, the detection of common code and controllers' state changes.

Localization

You can now change the user interface's language to both Japanese and Chinese.

Settings Redesign

Tenable.ot redesigned the local settings section and the systems actions page to improve usability.

Downloading Diagnostics via the CLI

You can now download a diagnostics file via the command line interface (CLI) when the user interface is not accessible.

Deprecated Features

  • Risk tab - due to migration to the plugins-based vulnerabilities detection, Tenable.ot replaced both the CVEs and old vulnerabilities sub-tabs with a single new vulnerabilities tab.

  • Tenable.ot did not yet translate vulnerabilities whose origin is not a CVE to plugins, which means that you are temporarily unable to see them in v. 3.13, even if they were detected in earlier versions.

  • The SNMP agent on Tenable.ot is no longer available. You must use the SNMP Agent on Tenable core.

Integrated Tenable Product Compatibility

The following table lists the Tenable product versions tested with Tenable.ot 3.13.21.

Product Tested Version(s)
Tenable.sc 5.11 and later
Nessus 8.10.1 and later