News
Vendors

Tenable OT Security enhanced to offer comprehensive visibility, management of IT/OT devices

August 02, 2023
Tenable adds comprehensive web application, API scanning capabilities to its Nessus Expert

Exposure management company Tenable announced Tuesday new enhancements to Tenable OT Security, helping customers strengthen the security of their OT (operational technology) environments through the broadest and deepest visibility, granularity, management and control of IT/OT and IoT assets on the market. 

Tenable OT Security now features increased visibility of building management systems (BMS), including devices such as security cameras, HVAC systems, badge scanners and entrance security systems, lighting control, programming systems and other assets. 

”All too often, OT, IoT and BMS devices are overlooked, yet in today’s converged environments, security teams need a simple, unified view of their overall risk,” Marty Edwards, deputy CTO for OT/IoT at Tenable, said in a media statement. “Tenable OT Security addresses this, enhancing visibility to reduce the attack surface.”

Also included in the latest version are enhancements to the way users can manage their Active Queries for effective asset enumeration and fingerprinting, with the addition of an entirely new configuration interface. These Active Queries are generated by Tenable OT Security’s hybrid asset discovery approach which passively monitors networks to discover devices and classifies them as IT or OT. 

Once classified, it then queries IT devices with Tenable Nessus (included with the Tenable OT Security license), and safely communicates with OT devices through read-only queries in their native protocols. 

With the new Active Queries interface, users can ensure efficient use of resources and thorough asset detail access through:

  • Granular control over the types of queries, groups of assets queried, or restrictions to queries
  • Creation of specific IT or OT queries against specific asset groups, on set schedules
  • Centralization of all queries performed by Tenable OT Security along with their configuration into a single ‘Queries’ screen, using a Queries Management Table
  • Easier access of the Queries screen via the main navigation bar

Also included in the set of new features and enhancements to Tenable OT Security are:

  • Extended SNMP visibility – users can now collect limitless details from network devices supporting Simple Network Management Protocol (SNMP) in a customizable way; devices such as routers, switches, servers, workstations and more
  • New credentials management screen – Administrators and Supervisors are now able to configure device credentials when required
  • Centralized sensor management – sensors can now receive updates initiated within and sent directly from Tenable OT Security
  • Updated vulnerability plugin capabilities – Tenable OT Security now features more descriptive plugin information, previously only accessible through the manufacturer’s often gated vulnerability advisories

Additional enhancements are outlined in Tenable OT Security’s release notes. All versions of Tenable OT Security from 3.11 onward will be able to upgrade directly to the latest Tenable OT Security release.

In March, Tenable announced new capabilities within Tenable OT Security that will bring to market broader protection for OT, critical infrastructure, and ICS (industrial control systems) environments, regardless of the size of deployment or configuration of the environment. The functionality keeps the CISO’s organization front and center — making it even easier to secure and maintain governance of the entire attack surface, using the same tools and processes across their infrastructure, be it OT, IT, IoT, cloud, or other platforms.

Industrial Cyber News Desk
Industrial Cyber News Desk

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
MITRE's CREF Navigator aligns with DoD's CMMC to boost cyber resilience in defense industrial base
MITRE’s CREF Navigator aligns with DoD’s CMMC to boost cyber resilience in defense industrial base
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
ASIS Foundation reports on impact of autonomous vehicles on security and technology
ASIS Foundation reports on impact of autonomous vehicles on security and technology
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation