Scanning sites and site apps takes a long time. Factors that affect the scanning speed are:
1. Web server performance and response time
2. Website size
3. Background database speed
4. Scan the number of simultaneous scanning sites
5. Number of vulnerability detections
6.Acunetix server performance
Slow scanning will cause the report to be sent on time, and the developer will not be able to do anything else. How do I use Acunetix website vulnerability scanning software to shorten the scan time? please look below!
1.Decomposition of the scanning task
Select advanced options - the new scan wizard - select the scan after the scan file, complete the crawl to select the scanned file
2. Select the crawl data for reuse
It takes a long time to crawl the data on a large web application. However, because most of the application structure does not change often, it is not necessary to crawl the site every time you enable scanning software. In other words, after completing the initial crawling, select "Web Scan" from the left column and right click on "Site Structure" to save the .cwl file for later use.
The next time you scan with the scan wizard, you can import the crawl file, which can save you time.
3. Select a specific vulnerability to scan
When scanning, you do not need to run a "default" scan every time. Using the Acunetix website vulnerability scanning software, you can select specific types of vulnerabilities and centrally scan them. This option is particularly convenient when the development team verifies that it has fixed vulnerabilities such as cross-site scripting (CSS) or SQL injection.
4. Do not repeat the entire application or re-detect the repair of specific vulnerabilities
If you have confirmed that a specific vulnerability has been fixed, you do not need to scan all. Right-click an alert file, select "Retest alert (s)"
5. Monitoring the average response time
The reason for the slow scan may be that the server responds to Acunetix requests for a longer time. In general, about 200 milliseconds is a relatively fast response time. Right-click Scan Thread 1 at the top of the scan to determine the response time and open the Statistics tab in the right pane
The average response time is long:
• There was a network connection problem between Acunetix vulnerability scanning software and web applications
• The application server is overloaded
• Server specifications are low, RAM, hard disk speed, network card problems
• Shared hosting environments are slower than specialized servers
• Detect the number of simultaneous connections
The more software that seems to be scanning software at the same time, the faster the scan software runs, but it is not.
By default, Acunetix vulnerability scanning software can use 10 connections to scan web applications. This can be adjusted based on the web application load. If the server can handle more requests, it will increase the number of connections, scanning speed will be accelerated. If the server discovers that some of the 10 connections are difficult and the performance of the application is declining, it is necessary to reduce the number of simultaneous connections to reduce server pressure. This will also speed up the scan time.
The number of simultaneous connections can be configured in the Configuration - Scan Settings - HTTP option
IMPORTANT: You can increase the number of simultaneous connections only if the application server can handle more Acunetix requests. If the application server can not handle more requests, it may significantly reduce the speed of the scan, the application performance may also decline or even cause DoS.
6. In the peak period using the scheduler to scan
Users do not use the site to scan and can not achieve the best results. This time scanning will not only interfere with the user experience, but also slow down the scanning speed. At this point, you can use the built-in scheduler to schedule automatic scanning.
First, go to Configuration - Application Settings - Dispatcher to set the time to not scan.
Next, open the Acunetix Dispatch program in the tool - the scheduler to open the dispatcher web interface in the browser. Then, create a new scan period and select "Non-Scan Period" from "Advanced Options". In this way, you can automatically scan in the selected period, in the non-scan period is automatically suspended scan.
© Copyright 2000-2023 COGITO SOFTWARE CO.,LTD. All rights reserved
