Tenable.ot 3.9.25 Release Notes (2021-02-18)

To download Tenable.ot upgrade files, see: https://indegy.sharefile.com/d-sc680ed6f158c4fbc90641be0d38c4122.

For a list of previous versions that are possible to perform a direct upgrade from, see: https://indegy.sharefile.com/d-s250e007e51b849baa40e8bc1e2418cc5.

New Features

Vendor Support - Bachmann Secure Configuration Active Support

Tenable.ot now supports password protected Bachmann PLCs. This way users can protect their controllers with passwords, and also leverage Tenable.ot Active Query capabilities to monitor their PLCs.

Basic Active Support

Tenable.ot constantly increases coverage of detection of OT/IoT devices based on research. In this release we added Basic Active Support for the following devices, and more:

  • Sofrel Lacroix

  • Illustra Cameras

  • Netgear Switches

  • Sierra Wireless AirLink Access Points

Additional Intrusion Detection Rules of Recent Campaigns

In addition to the regular update of our signatures database with the latest Suricata signatures available publicly, we highlighted two sets of signatures as purpose-built groups (rule groups):

  • Rules released by FireEye to identify the use of Red Team tools that were stolen from them through a cyber attack, as described in a FireEye blog post.

  • Rules to identify the SolarWinds Orion attack based on the Sunburst malware, as made public by FireEye.

Bug Fixes

Bug Fix
Setup wizard won't load
Incorrect SID displayed in email report
WMI query fails on non-English machines
Pre-auth download links don't work on IEM (returns 401 unauthorized)
Event pcap not using self sniffing pcaps
Migration from some machines that were previously upgraded from 2.7 failed

Integrated Tenable Product Compatibility

The following table lists the Tenable product versions tested with this version of Tenable.ot.

Product Tested Version(s)
Tenable.sc 5.11 and later
Nessus 8.10.1 and later