When it comes to website security, being able to scan a site for vulnerabilities in a timely manner can be the difference between being the victim of a successful security attack and protecting your business.
One of the most common causes for slow web vulnerability scanning times has to do with the response time between the scanner and the target website or application. Keep in mind; the average response time is an average of the total time it takes for a server to respond to a request made by the scanner.
A good server response time is considered to be anything less than 200ms (0.2 second) and a response time over 300ms (0.3 second) is viewed as being prohibitively large, thus causing scans to take a very long time to complete.
Any number of things can cause a high response time and extend the time it takes for your vulnerability scan to complete. There are a few things you can check when server response time is high and extending your scan time into oblivion:
Web Server Performance
Check things such as your CPU, hard disk access, memory, etc. An issue here can typically be resolved by upgrading your server.
Checking your CPU, memory and hard disk access is the first order of business. If queries are taking too long you should try optimizing your database.
Bandwidth and Network Performance
It’s possible your server is experiencing a bottleneck and that is slowing down your scan time. Test your server from different locations to confirm and resolve.
It’s possible your network firewall, Web Application Firewall (WAF), or Intrusion Detection System (IDS) are slowing you down and causing through the roof site response time.
You may not always need to scan the entire website and can instead break your scans up into smaller chunks. There are multiple filtering options available for reducing web scan times.
To learn how you can leverage the full potential of Acunetix Web Vulnerability Scanning, contact our team of Acunetix trained engineers today.
Fill out the form below to have an Acunetix expert reach out to you within the next 24 hours.