In this article, you will learn how to speed up the scanner.
Please keep in mind that for most of the scans the crawler is limiting factor, especially if you are scanning complex application. As we are are trying to get to every corner of your application, it works very thoroughly and this means sometimes it might take longer.
The good news is, we provide you wither several opportunities to increase the speed of the scanner:
- You can increase the throttle limit from 200 requests per second to a load that your server is capable of handling. This is especially helpful when you are scanning the scan target types: API and MPA. Please also make sure, you add the Crashtest Security IPs to the whitelist of your firewall.
- A second way of increasing the speed of the scans is to reduce the scope of the scan. You can use the "Denied URLs" feature to black-list certain areas of your web application that might cause the crawler to run for a long time (e.g. forums, sites with a lot of clickable elements)
- The third option works well in combination with number 2. While having an auto-duplication in the scanner, it might be usefull to group certain areas & URLs of your web application together. This is especially important for large web application with a lot of similar pages (e.g. Online shops). The Grouped URLs can be configured in the scan target preferences.