Tenable®, the Exposure Management company, today announced new capabilities within Tenable OT Security, providing broader protection for operational technology (OT), critical infrastructure and industrial control systems, regardless of size of deployment or configuration of environment. The new functionality keeps the CISO’s organization front and center — making it even easier to secure and maintain governance of the entire attack surface, using the same tools and processes across their infrastructure, be it OT, IT, IoT, cloud or other platforms.
When it comes to connected OT environments, attacks can easily propagate across IT to impact OT infrastructure and vice versa. Security teams familiar with protecting IT systems are increasingly responsible for protecting OT implementations too. However, without holistic visibility, security risks are nearly impossible to determine and track.
Tenable is uniquely positioned to help its clients meet their security requirements, offering a comprehensive solution for securing mixed environments. This latest update extends Tenable OT Security’s vulnerability detection capabilities even further with the upgrade to the OT active scanner and an even tighter integration with Nessus, Tenable’s industry-leading vulnerability scanning technology. Tenable OT Security now offers customers unprecedented scanning capabilities using the technology trusted by more than 40,000 security teams worldwide.
Key new capabilities include:
- Increased Asset Discovery and Visibility:
- Extended Active Query capabilities at the sensor layer to allow for deep asset visibility across network segments
- Upgraded management experience for Tenable OT Security sensors
- Added support for an extensive list of controllers, including Bosch PSI Controllers, Bachmann M1 and many more, greatly expanding Tenable’s asset discoverability capabilities
- Advanced Vulnerability and Threat Detection:
- Augmented scanning capabilities through seamless integration with Nessus, giving users the option to fully leverage Nessus’ smart scanning against confirmed IT devices, safely, without affecting productivity
- Dashboard widgets to Nessus’ plugin-based vulnerability detection for easy viewing of vulnerability data
- Improved Intrusion Detection System (IDS) Engine feed that can now be continuously updated on demand via cloud or offline
- Enhanced Dashboards and Reporting:
- Enhanced Enterprise Management Dashboards that now provide a centralized view of multiple connected operational sites, enabling quick and easy exporting of reports to share with business and operations stakeholders
- Dozens of user-configurable widgets that highlight common and most severe vulnerabilities, common policies and common plugin families
- Upgraded UI experience with the option of dark mode for comfortable viewing in low light environments
“We consistently hear from CISOs that they have been tasked with security for mixed environments that include both OT and IT technologies, but they don’t have the requisite visibility to secure either well. The new capabilities added to Tenable OT Security provide our customers with full visibility, security and control of all their environments and assets, in one consolidated view,” explains Amir Hirsh, General Manager, OT Security, Tenable. “Now, our customers can leverage the full strength of Tenable OT active scanning, tightly integrated with embedded Nessus scans for IT assets, to create a clear view of all assets, their vulnerabilities, risk score, attack path analysis and more.”
This latest update also features product localization capabilities including Chinese, Japanese, French and German language, helping to reduce training and support costs for companies operating in non-English speaking regions.
Tenable’s announcement follows a period of accelerated growth and recognition for Tenable OT Security, including the company’s inclusion as a leader in the Forrester Wave™ for Industrial Control Systems (ICS) Security Solutions and several seven-figure deals that help customers gain visibility across their OT and IT stacks.