Application Security Platform
Scan Optimization and Troubleshooting

Reduce scan times

This document is for:
Invicti Platform

This document outlines best practices for optimizing scans in the Invicti Platform to reduce scan duration and improve overall efficiency, including:

Utilize custom scan profiles

Custom scan profiles let you control the specific checks included or excluded during the scanning process. This customization helps streamline the scan by focusing only on the areas you specify.

Follow the instructions in our Custom scan profile documentation to create and configure a custom scan profile. The document also contains instructions for running a scan using the custom scan.

Monitor the average response time and scan duration

Monitoring the average response time of your scans and analyzing scan durations helps you understand if there might be a need to optimize your scan configurations or allocate resources more effectively.

Follow these steps to check the average response time:

  1. Select Scans > All scans from the left-side menu.
  2. Click anywhere in the white space surrounding the scan entry you wish to review.

  1. On the Scan Summary tab, check the Scan duration and Average Response Time.

It is a useful metric for diagnosing performance issues during scanning and ensuring scans are efficient and non-disruptive.

Scan during off-peak hours

Using the Excluded hours setting allows you to schedule scans to avoid peak business hours, ensuring they run when system activity is minimal. This helps prevent interference with critical operations and can potentially shorten overall scan durations.

Learn how to assign an excluded hours profile to a target by following the steps in this document.

After the profile is assigned, all future scans of this target will run according to the excluded hours profile you specified. For example, if you initiate a scan during the workday with the excluded hours set to 'Except working hours,' then the scan will be in 'Queued' status for the remainder of the workday and begin scanning after working hours.

If the available excluded hours profiles do not meet your needs, you can create a custom profile and assign it to your targets.

Set Excluded paths

Setting Excluded Paths can reduce scan times by narrowing the scan’s focus to relevant areas and avoiding unnecessary checks of known safe or irrelevant paths. By concentrating resources on critical or high-risk areas, the scan becomes faster and less resource-intensive. You can set excluded paths in the Crawling options of the Target settings.

Increase scan speed

If you have previously reduced the scan speed, and the server can handle the bigger load, follow the steps below to increase the scan speed. 

The default scan speed is set to Fast.

  1. Select Targets from the left-side menu.
  2. Click on the target to edit it.
  3. In the Target Information section, set the Scan Speed slider to the Fast setting.

  1. Save target configuration.

Retest only fixed vulnerabilities

Retesting only fixed vulnerabilities reduces scan times by focusing on specific issues that have been addressed rather than rescanning the entire web application. This targeted approach eliminates the need for a full scan, which saves time and resources. It allows for quicker verification of fixes and avoids the processing overhead associated with a comprehensive scan.

For information on how to retest specific vulnerabilities, refer to our Retest vulnerabilities documentation.


Share This Article