Exposure management company Tenable announced a new OT asset discovery engine that enables security teams to quickly bring risks associated with cyber-physical systems (OT, IoT and shadow IT) into a unified view of cyber exposure. With instant deployment and no additional IT overhead required, Tenable’s new VM-Native OT Discovery capability provides a fast, low-friction entry point for organizations to gain comprehensive IT/OT visibility and accelerate AI-driven exposure management.
According to Gartner, “Cyber and cyber-physical attacks are set to double over the next three years. Cohesive exposure management capability and visibility, across cyber and cyber-physical dimensions, is fast becoming an operational imperative.”
Security teams are increasingly responsible for protecting cyber-physical systems, including those present in critical infrastructure. However, gaining visibility often requires time-consuming deployments of specialized hardware, new agents, and bolted-on software. Tenable has eliminated this friction by integrating OT discovery directly into its core solutions for risk-based vulnerability management within the Tenable One Exposure Management Platform – no specialized hardware, additional agents or add-ons required.
From the factory floor to AI data centers, HVAC systems to office printers and badge readers, cyber-physical assets represent a rapidly growing and unruly attack surface, stretching far beyond traditional industrial and critical infrastructure. More than half of CISOs are now responsible for OT security,2 which has remained a dangerous blind spot where IT networks meet cyber-physical systems, and fears of operational disruptions have hindered cybersecurity progress. As a result of this convergence, 45% of modern OT compromises originate in IT environments.
Tenable early access customers from a variety of industries – including hospitality, financial services, education, food and beverage, and government agencies – uncovered a large number of unknown OT and IoT assets upon initial deployments, with most customers uncovering between 100 and 1000+ unique assets, including some with critical vulnerabilities.
The integrated OT discovery engine is designed to deliver immediate, practical gains across compliance, visibility, and operational alignment. It enables organizations to accelerate OT security compliance through instant deployment, removing the need to procure and install additional sensors, hardware, or specialized point solutions, and allowing teams to meet evolving cyber-physical regulatory and audit requirements with greater confidence.
It also eliminates persistent operational blind spots by providing immediate visibility into previously hidden assets and device attributes, including vendor, model, firmware, backplane details, and runtime state, without disrupting operations. At the same time, it breaks down long-standing security silos by unifying cyber-physical asset and exposure data within the Tenable One platform, giving security teams a comprehensive view of total cyber exposure across AI, IT, cloud, identity, and OT environments.
“Cyber-physical risk can’t remain a blind spot in exposure management. We’re giving organizations an immediate, low-friction way to bring OT into scope, so they can gain visibility, meet compliance requirements and start reducing risk from day one, without adding new infrastructure,” said Eric Doerr, Chief Product Officer at Tenable. “For existing customers with more complex use cases, we offer Tenable OT Security, a comprehensive OT solution that delivers visibility, security and control for proactive risk reduction across today’s rapidly converging OT/IT environment.”
This new OT Discovery engine is immediately available to all Tenable One, Tenable Vulnerability Management and Tenable Security Center customers.
Tenable also offers Tenable OT Security, a unified OT/IT security solution that delivers continuous monitoring and threat detection capabilities for cyber-physical systems as part of the Tenable One Exposure Management Platform. Tenable One customers benefit from complete data interoperability across solutions, with the ability to deploy any combination of tools across teams to suit the unique needs of their environment.
Last month, Tenable announced Tenable Hexa AI, the agentic AI engine of the Tenable One Exposure Management Platform that automates security workflows and transforms exposure intelligence into coordinated action to reduce cyber risk. AI-powered cyberattacks, rapid vulnerability discovery and the explosion of AI-driven tools are expanding the attack surface faster than security teams can keep up. At the same time, security operations now involve a growing mix of humans, automation and AI agents operating across fragmented tools and workflows.
