You can control and personalize the scanner speed. The crawler is a limiting factor for most scans, especially if scanning complex applications. As Crashtest Security attempts to get to every corner of your application, it works very thoroughly, which means sometimes it might take longer.
Crashtest Security provides several options for you to increase the speed of the scanner:
- Increase the throttle limit from 200 requests per second to a load your server can handle. This is especially helpful when scanning API and MPA scan target types. Ensure you add the Crashtest Security IP addresses to the allowlist of your firewall.
- Reduce the scope of the scan. You can use the Denied URLs feature to blocklist certain areas of your web application that might cause the crawler to run for a long time (e.g., forums, sites with a lot of selectable elements)
- This option works well in combination with option 2. While having an auto-duplication in the scanner, it might be helpful to group certain areas and URLs of your web application together. This is especially important for extensive web applications with similar pages (e.g., online shops). The Grouped URLs can be configured in the scan target preferences.