OT Connectors

The following is not supported in Tenable FedRAMP Moderate environments. For more information, see the Tenable FedRAMP Product Offering.

OT connectors import asset and vulnerability data from your industrial environment (Tenable OT Security) into your Tenable Vulnerability Management dashboard.

This integration allows you to view risk across both traditional IT assets (servers, laptops) and operational technology (OT) assets (such as PLCs, HMIs, and robotics).

You can manage OT connectors from the Tenable Vulnerability Management Sensors page. For information on managing your Tenable OT Security connectors, see Manage OT Connectors.

Strategic Benefits

Integrating your OT environment provides distinct governance advantages:

  • Unified Risk Scoring — By syncing OT assets into Tenable Vulnerability Management, you can apply the same risk metrics (such as the Vulnerability Priority Rating, or VPR) to your industrial controllers that you use for your IT infrastructure.

  • Centralized Reporting — Executive dashboards can generate reports that encompass the entire attack surface, rather than keeping OT risks in a separate report.

  • Asset Inventory — The connector creates a comprehensive global inventory. This allows you to search for a specific vulnerability (for example, "Log4j") and see its presence across both corporate and industrial networks simultaneously.

Security and Architecture

The OT connector is designed to respect the sensitivity of industrial control systems:

  • One-Way Data Flow — The integration acts as a one-way synchronization. The on-premises Tenable OT Security console pushes data out to the cloud. Tenable Vulnerability Management does not send active scan commands back to the OT network.

  • Passive Visibility — The data displayed in the cloud is "read-only." It reflects the state of the asset as seen by local OT sensors (which use passive network monitoring). This ensures that the cloud platform never disrupts sensitive manufacturing processes.

Data Synchronization

Once you establish the connector, Tenable Vulnerability Management continuously synchronizes the following data attributes:

  • Asset Details — The device type (such as PLC, RTU, or HMI), firmware versions, and vendor information.

  • Vulnerability Data — The CVEs detected on the industrial equipment.

  • Risk Scores — The calculated risk priority of each industrial asset.