Every scan has to balance two things: how quickly it finishes and how thoroughly it checks for vulnerabilities. Scan priority lets you decide where that balance sits for your account, so you can lean towards faster results or deeper coverage depending on what matters most to you. You can change it whenever you like, and the change applies to your future scans.
Balanced Scan (recommended)
Strikes a balance between scan time and vulnerability detection.
Quick Scan
Shorter scan time, but may not find all vulnerabilities.
Managing this scan setting
🎫 Plan Availability: Scan Priority options are available on all plans
From the Scans page, navigate to the Settings tab. Underneath the Priorities section, you will have the option to select between the two scan options:
How do I know what scan priority I have set?
Your current priority is shown on the Scans overview page:
It's also shown on the scan details page for each individual scan, so you can see exactly which priority was used for that scan:
You can find the option to change the Scan Priority on the scan settings page:
👇
FAQs
Does 'Balanced scan' apply to all targets (internal and external)?
Balanced scans will only apply to external targets. The reason for this is as follows:
More in-depth scans could spike the CPU for internal targets. This will have a noticeable impact on system performance, potentially resulting in all resources being consumed and the system freezing or crashing.
Internal checks are more reliable in their results because the agent already has access to all elements of the operating system that it requires to validate results. Remote checks, on the other hand, need to account for network reliability and security controls, such as IPS or firewalls
What type of checks are covered by the balanced scan?
Applies to external infrastructure checks only.
Can you enable it at the scan level, or is it at the account level?
The setting is enabled at the account level, so it will impact all scans run (ad-hoc, scheduled, remediation, and ETS).
What happens if I change from balanced to quick scan?
If you run a quick scan on a target that has an issue found by the balanced scan, some of those issues will move to fixed (as they won't be detected by the quick scan).
What happens if I change scan priority before kicking off a remediation scan?
If the occurrence relied on a check from the balanced scan, we'll enable it for the remediation scan, regardless of whether you've changed to quick scan or not.
What is the difference in scan run times between these two scans?
Expect an increase of up to 30 to 40% moving from quick to balanced. With a balanced scan, the scanner waits longer for a response, and rather than fingerprinting only well-known ports it fingerprints the services on every port, including non-standard ones. Waiting longer and running more checks across more ports and services means scans take longer, but you get more complete coverage.
Could it impact the target's load?
Connections stay open for longer and we send more requests over a longer window, but the cap on simultaneous connections doesn't change with this setting, so the concurrent load on your target stays the same.
What scans does this impact?
Infrastructure vulnerability scans - including ad-hoc scans and scheduled scans





