Indicator of Attack Detection Delays

Tenable Identity Exposure automatically adjusts the analysis window when it detects lost or delayed events—such as those caused by long GZ file replication times or a high volume of generated data.

While it typically analyzes data in 5-minute windows, it can extend the window up to one hour to account for late-arriving events. This adjustment may delay attack detection by up to one hour after the attack occurs.

Copyright © 2025 Tenable, Inc. All rights reserved. Tenable, Tenable Nessus, Tenable Lumin, Assure, and the Tenable logo are registered trademarks of Tenable, Inc. or its affiliates. All other products or services are trademarks of their respective owners.