SINGAPORE, April 16 2026 – Tenable Holdings Inc. (NASDAQ: TENB) has introduced a new operational technology (OT) asset discovery engine designed to help organisations gain immediate visibility into cyber-physical systems and strengthen enterprise-wide exposure management.
The new VM-Native OT Discovery capability integrates directly into Tenable’s core exposure management platform, enabling security teams to identify and manage risks across IT, OT, IoT and shadow IT environments without requiring additional hardware, agents or specialised deployments.
The launch comes at a time when cyber-physical systems are emerging as a critical attack surface for enterprises. Assets ranging from industrial equipment and HVAC systems to office devices and data centre infrastructure are increasingly interconnected, expanding the scope of potential vulnerabilities.
Industry estimates suggest that cyber and cyber-physical attacks could double over the next three years, underscoring the need for more integrated security approaches.
At the same time, organisations are facing growing complexity in managing these risks. More than half of chief information security officers are now responsible for OT security, yet visibility into these environments remains limited. Nearly 45 per cent of OT compromises are estimated to originate from IT environments, highlighting the risks associated with converging systems.
Simplifying OT visibility and deployment
Tenable’s new OT discovery engine is designed to remove traditional barriers associated with securing cyber-physical systems.
Unlike conventional approaches that rely on specialised sensors or additional software layers, the solution enables instant deployment within existing Tenable platforms. This allows organisations to quickly gain foundational visibility into OT environments without disrupting operations or increasing IT overhead.
The engine provides detailed insights into asset attributes, including vendor, model, firmware, and operational status, enabling security teams to identify previously unknown devices and assess associated risks.
Early deployments across sectors such as hospitality, financial services, education and government have revealed significant numbers of previously undiscovered OT and IoT assets, in some cases ranging from hundreds to over a thousand devices, including systems with critical vulnerabilities.
A key feature of the solution is its ability to unify cyber-physical asset data within the broader Tenable One Exposure Management Platform.
By integrating OT visibility with data from cloud, identity, AI and traditional IT environments, the platform provides organisations with a consolidated view of their total cyber exposure. This approach is intended to support more informed risk management and accelerate the adoption of AI-driven security strategies.
The capability also supports regulatory compliance by enabling organisations to align with evolving cyber-physical security requirements without the need for complex infrastructure investments. The introduction of VM-Native OT Discovery reflects a broader shift towards unified exposure management, as organisations seek to manage increasingly complex and interconnected attack surfaces.
With the rapid growth of AI-driven applications and data infrastructure, the need for comprehensive visibility across cyber-physical systems is expected to intensify. From factory operations to AI data centres, the convergence of IT and OT environments is redefining how enterprises approach cybersecurity.
Tenable’s expanded capabilities aim to provide organisations with a faster entry point into this evolving security landscape, enabling them to identify risks, meet compliance requirements, and strengthen resilience across their operations. As cyber-physical systems continue to proliferate, the ability to manage risk across converged environments will become a defining factor in enterprise cybersecurity strategies.
Solutions that simplify deployment, enhance visibility and integrate data across domains are likely to play a critical role in helping organisations transition towards more proactive and AI-enabled security models.