Asset Deduplication FAQ

The following are frequently asked questions regarding asset deduplication in Tenable Exposure Management.

Do Tenable-native assets follow the same merge criteria as third-party data?

No. Tenable-native assets use a separate, internal merging logic that is not configurable or visible in the platform. The merge criteria documented in this guide apply only to assets ingested from third-party connectors.

Additionally, assets with different Tenable UUIDs are never merged, even if all other matching fields (such as hostname or IP address) align. This ensures accurate separation of Tenable-managed data and prevents unintended merging between unrelated records.

What happens when I add additional connectors with asset data?

If the deduplication criteria are met, the data merges from multiple connectors into a single asset.

If the criteria aren’t met, the platform treats the asset as unique and creates a new record in the inventory.

How does the system decide whether to merge asset data?

Tenable Exposure Management uses fixed matching criteria per asset class (e.g., device, website). If at least one combination of matching fields meets the merge conditions, the platform merges the data into a single asset.

Example for devices: If two connectors report the same hostname + IP + FQDN, the assets may be merged.

Can I customize the merge criteria?

No. The merge logic and field combinations are currently predefined and not configurable. Custom merge strategies may be introduced in future releases.

Can I choose which connector takes priority for conflicting data?

No. Tenable uses a fixed information order:

  1. Tenable-native sources take priority.

  2. Third-party connectors are prioritized by the order they were added to the system.

You can review the source of each field on the Connector Details tab of the Asset Details page.

What happens if multiple connectors sync at the same time?

The platform doesn’t queue syncs but processes them concurrently. The first successfully processed connector becomes the primary source for merge decisions if Tenable-native data is not available.

Why do I still see data from a removed connector?

If an asset was merged and the connector is deleted, Tenable Exposure Management retains the merged data if other sources still report matching values. Only data exclusively ingested by the deleted connector is removed during connector deletion.