Skip to main content

Scans

A Scan is the core operation of the Scanning Solution. It represents the process of analyzing assets to identify security vulnerabilities, exposures, and informational findings using one of the available scanning products.

Every scan is a single, well-defined security assessment that runs at a specific time, with a specific configuration, and produces results that reflect the security posture of the scanned assets at that moment.

What a Scan Does

When a scan runs, the system:

  1. Connects to the selected assets (IPs, hosts, domains)
  2. Applies a predefined scanning strategy
  3. Executes security tests and detection logic
  4. Collects and evaluates results
  5. Produces findings and reports

The outcome of a scan is a set of results associated with the scanned assets, including:

  • Vulnerabilities (security issues that require remediation)
  • Informative results (configuration details, detected services, software versions, and observations)
info

A Scan is the central building block of the Scanning Solution — connecting assets, configurations and execution to deliver actionable security insights.

What a Scan Is Made Of

A scan brings together multiple components, each with a distinct role:

Targets

Targets define the assets to be scanned. They can include:

  • IP addresses
  • Hostnames
  • Domains Targets can be grouped for easier management.

Scan Profile (Configuration)

The scan profile specifies how the scan should be conducted, including:

  • Which test are run
  • Scan depth and aggressiveness
  • Performance and timing behavior

Scan profiles are product-specific and predefined. For certain products (such as PCI Compliance), the scan profile is fixed and cannot be changed.

Schedules

Schedules determine when and how often scans are executed. You can set up recurring scans (e.g., weekly, monthly) or run scans on-demand

Scanners

Scans are executed by scanners, which are the engines responsible for performing the actual scanning operations.

Depending on Product and your subscription, you may have access to different types of scanners:

  • From shared scanning infrastucture manager by the service provider
  • Internal scanners deployed within your own network environment

Scan Lifecycle

A scan goes through several stages from creation to completion:

  • New: The scan has been created but not yet started.
  • Queued / Requested: The scan is waiting to be picked up by a scanner.
  • Running: The scan is actively being executed.
  • Completed of Failed: The scan has finished or encountered an error.

Further Reading