Usually our scans take anything from 15 minutes to a few hours to complete. However, this can be influenced hugely by a number of different factors, and there are many reasons why scans may take much longer than that to complete. Here are the most common:

Large number of targets
The biggest factor in any scan is simply how many targets you've added. If one target can take up to a few hours, then hundreds of targets could potentially take hundreds of hours. It's not normally that bad, as we can run many checks in parallel, but as a general rule, the more targets, the longer it takes.

High total number of ports & services
For each discovered service, a number of checks need to be carried out by our scanners. So if you've entered targets with a total of hundreds or thousands of open ports running services exposed to the internet, then our scans will take longer to do all the checks they need to do. If you only need to scan web ports (80 and 443) the 'Default Web Ports Only' advanced scan setting can be set to decrease scan runtimes. 

Intrusion prevention systems
In some rare cases, intrusion prevention systems can aim to confuse scanners by making ports which are closed appear to be open, which for the same reason above can cause extended scan times. Some firewalls and modern edge routers even have IDS technology built-in, so it may be worth double checking if your scan is taking a long time. We recommend whitelisting our scanners through any intrusion prevention systems, as these could hamper our efforts to detect open ports and services, and slow down our overall scans. 

Very large websites
Our web-application checks (whether they’re being run against authenticated or unauthenticated pages) are some of the most time-consuming elements of our scan. As such, websites with a very large number of webpages linked to the home page may experience longer scan times.

Unusual configurations
Some customers have unusual networking or server configurations that can lead to long running scans. For example, in one case a reverse proxy was set up to serve a single website from a large number of non-standard ports. This caused our scanner to scan the same website thousands of times. If this is happening on your targets, we'll do our best to let you know about it!

If you ever need to stop a scan, you can cancel scans on the scans page.

Did this answer your question?