Tenable OT Security 2026 版本说明

提示：您可以订阅以接收关于 Tenable 文档更新的提醒。

Tenable OT Security 4.5.61 SP (2026-03-06)

错误修复

错误修复	缺陷 ID
处理大量的并发网络对话（以使用动态资产组的事件策略作为评估标准）时，OT Security 可确保系统稳定性。	02420590 02429400
OT Security 现在会正确地从 4.2.33 升级到 4.5.54，而不会出现任何内存错误。	02410077
Rockwell Stratix 设备现在可正确显示 Cisco IOS 或交换机固件版本（通过 SNMP）而不是 CIP 固件版本。	02259051
如果在之前更新的过程中触发了新的更新，Tenable OT Security Enterprise Manager (EM) 更新将不再累积，也不会导致系统错误。	不适用
使用 SNMP v3 凭据进行的 Nessus 扫描现在可正常工作。	02410044
OT Security 现在可确保 syslog 文件包含重复网络的正确 IP 地址。	不适用

Tenable OT Security 4.6.34 (2026-04-16)

新功能

Core 基础设施和扩展性

大规模子网扩展：OT Security 现在支持多达 5,000 个子网，可适应大规模的企业部署。此更新可提高被动检测和入侵检测系统 (IDS) 检测的精细度。这种可见性可确保不会在达到架构限制的情况下监控复杂的网络环境。

集中式受监控子网管理：OT Security 现在包含新的“受监控的网络”页面，可帮助您管理受监控的网络。

批量操作：批量添加子网以减少手动配置时间。
精细控制：在创建期间切换各个子网的监控状态。
非活动子网：在列表中创建和管理子网，但无需启用监控功能。

有关更多信息，请参阅“受监控的网络”。

主动扫描和漏洞管理

Nessus 扫描凭据管理：OT Security 现在提供更灵活的主动扫描工作流，允许您在配置 Nessus 扫描时定义特定的凭据用途：

不使用凭据：在不提供凭据的情况下执行扫描。
尝试所有可用凭据：使用所有可用凭据，以确保最大程度地提高覆盖范围。
仅使用特定凭据：为高敏感度资产选择有针对性的凭据。

有关更多信息，请参阅“创建 Nessus 插件扫描”。

生态系统和集成

顺畅的 Tenable One 导航：通过 Tenable One 单点登录 (SSO) 或 SAML 访问 OT Security，其中现在包含“返回 Tenable One”链接。使安全分析人员能够在平台之间无缝切换，而无需重新进行身份验证。

维护和诊断

ICP 远程代理更新：允许直接从 ICP 远程更新 OT 代理。

如此一来，在部署最新的 OT 代理更新时，就可以减少对本地站点访问或手动干预的需求。有关更多信息，请参阅“更新 OT 代理”。

增强资产诊断：“资产诊断导出”现包含更深层次的元数据和精细资产信息，可为 Tenable 支持和工程团队提供更全面的快照，用于故障排除和资产验证。

改进

Enterprise Manager 中的 ICP-Access 系统日志

通过 OT Security EM 访问 ICP 仪表盘时，OT Security 在 ICP 上生成系统日志。

OT 代理 - 协议和查询限制基础设施

OT Security 现在支持对 OT 代理设置查询限制。

错误处理框架改进

OT Security 现在改进了系统稳定性，并为后端流程提供了具体的错误消息。

用户界面更新

OT Security 4.6 版本包含用户界面更新，可提高数据密度和可读性。

IoT 连接器改进

OT Security 现在包含以下 IoT 连接器改进：

IoT 连接器状态：状态指示器现在可以准确反映集成运行状况。
数据检索：IoT 代理现在可将数据返回到 OT Security，以进行 AvigilonES、Exacq Edge 和 Milestone 集成。
连接失败：OT Security 可确保在 AvigilonES、Exacq Edge 和 Milestone 集成的连接失败时，集成返回空值。
性能改进：OT Security 不仅可以更高效地处理大型 Milestone 集成，而且还能确保您可以同时运行多个集成。
数据库身份验证：使用 MSSQL 数据库的 Windows 身份验证（IoT 代理）现在可以正常工作。
设备匹配：改进了从 Avigilon 获取通用 ONVIF 设备时的制造商匹配机制。

新内容

漏洞

Tenable 会识别此版本中的多个新漏洞。请在此处查看自 4.5 版本（2025 年 12 月 18 日）发布的插件的完整列表。

新的 Tenable OT Security 设备指纹引擎 (DFE) 覆盖范围

供应商	产品
Starlink	Starlink 第三代卫星接收器
Schneider	Triconex 安全系统
Tripp Lite	SmartOnline UPS
Siemens	Power Meters 9000
CUE Systems	IPCUE 控制器
Honeywell	工业打印机
Konica Minolta	Bizhub 多功能打印机
Printonix	热敏标签打印机
HP Inc	LaserJet/DesignJet
Wachendorff Automation	网关/WebPanel
Schneider Electric	旧 Modicon 系列
Jinan USR	USR 串口转 WiFi 转换器
EndRun Technologies	Sonoma 网络时间服务器
TryStar	CyTime SER（序列事件记录器）

错误修复

错误修复	缺陷 ID
Siemens S7-1500 固件 2.9.4 上的状态或快照查询现在可正常工作。	不适用
Yokogawa Stardom 固件现在可显示正确的值。	02397709
OT Security 在 Nessus 扫描中禁用了插件 14788，以防止与 ICP 相关的传感器通道发生故障。	不适用

API 变更日志

有关 OT Security API 的更多信息，请参阅“API 文档”。

复制

Type DetailedPolicyFindingField was removed
Input field PolicyFindingsExpressionsParams.field changed type from DetailedPolicyFindingField to PolicyFindingFilterField
Input field PolicyFindingsSortParams.field changed type from DetailedPolicyFindingField to PolicyFindingFilterField
Input field PolicyFindingsSortParamsComplexFields.field changed type from DetailedPolicyFindingField to PolicyFindingFilterField
Input field RawPolicyFindingsComplexFieldParams.field changed type from DetailedPolicyFindingField to PolicyFindingFilterField
Input field RawPolicyFindingsComplexFieldParamsComplexFields.field changed type from DetailedPolicyFindingField to PolicyFindingFilterField
Input field RawPolicyFindingsComplexGroupingParams.field changed type from DetailedPolicyFindingField to PolicyFindingFilterField
Input field RawPolicyFindingsComplexGroupingParamsComplexFields.field changed type from DetailedPolicyFindingField to PolicyFindingFilterField
Enum value VersionMismatch was added to enum CannotUpdateDfeReason
Enum value VersionMismatch was added to enum CannotUpdatePluginSetReason
Enum value VersionMismatch was added to enum CannotUpdateSuricataRulesReason
Enum value ReadMonitoredSubnets was added to enum Capability
Enum value TOneLinks was added to enum Capability
Enum value WriteMonitoredSubnets was added to enum Capability
Enum value Cip1768Backplane was added to enum ConnectionType
Enum value EmptyMonitoredNetwork was added to enum ErrorCategory
Enum value UpdateUnavailable was added to enum ErrorCategory
Argument credentials: [ID!] added to field Mutation.editNessusUserScan
Argument credentialsMode: NessusUserScanCredentialsMode added to field Mutation.editNessusUserScan
Argument allowAutoInstallUpdates: Boolean! (with default value) added to field Mutation.editOtAgent
Argument credentials: [ID!] added to field Mutation.newNessusUserScan
Argument credentialsMode: NessusUserScanCredentialsMode added to field Mutation.newNessusUserScan
Enum value RollbackUpdate was added to enum OtAgentAction
Enum value autoInstallUpdates was added to enum OtAgentSelectField
Enum value scoutAvailableVersion was added to enum OtAgentSelectField
Enum value scoutBackupAvailable was added to enum OtAgentSelectField
Enum value scoutBackupVersion was added to enum OtAgentSelectField
Enum value scoutCheckedForUpdatesTs was added to enum OtAgentSelectField
Enum value scoutUpdatedTs was added to enum OtAgentSelectField
Argument policyEligible: Boolean added to field Query.assetGroups
Field Asset.lastSnapshot description changed from Latest time of the last snapshot made on the asset to The time of the last snapshot change detected on the asset
Type AssetLayoutSection was added
Field OtAgentAutoUpdate was added to object type Config
Type DisplayName was added
Field otAgentUpdateAvailable was added to object type FlagList
Field LeanAsset.lastSnapshot description changed from Latest time of the last snapshot made on the asset to The time of the last snapshot change detected on the asset
Type MonitoredNetwork was added
Type MonitoredNetworkCategory was added
Type MonitoredNetworkConnection was added
Type MonitoredNetworkEdge was added
Type MonitoredNetworkField was added
Type MonitoredNetworksExpressionsParams was added
Type MonitoredNetworksSortParams was added
Type MonitoredNetworksSortParamsComplexFields was added
Field addMonitoredNetwork was added to object type Mutation
Field bulkAddMonitoredNetwork was added to object type Mutation
Field deleteMonitoredNetworks was added to object type Mutation
Field disableMonitoredNetwork was added to object type Mutation
Field editMonitoredNetwork was added to object type Mutation
Field enableMonitoredNetwork was added to object type Mutation
Field logRemoteConnection was added to object type Mutation
Field credentials was added to object type NessusUserScan
Field credentialsMode was added to object type NessusUserScan
Type NessusUserScanCredentialsMode was added
Field autoInstallUpdates was added to object type OtAgentDetails
Field scoutAvailableVersion was added to object type OtAgentDetails
Field scoutBackupAvailable was added to object type OtAgentDetails
Field scoutBackupVersion was added to object type OtAgentDetails
Field scoutCheckedForUpdatesTs was added to object type OtAgentDetails
Field scoutUpdatedTs was added to object type OtAgentDetails
Type PolicyFindingFilterField was added
Field monitoredNetworks was added to object type Query
Field monitoredNetworksRaw was added to object type Query
Field scoutBinaryStatus was added to object type Query
Type RawMonitoredNetworksComplexFieldParams was added
Type RawMonitoredNetworksComplexFieldParamsComplexFields was added
Type RawMonitoredNetworksComplexGroupingParams was added
Type RawMonitoredNetworksComplexGroupingParamsComplexFields was added
Type ScoutBinaryStatus was added