Vulnerability scan rate limits

You can define the rate that different types of scans are performed to limit the number of requests that are sent to an external scanner. After you have defined rate limits, you can apply them to different scanners.

Define scan rate limits

You can define the rate that different types of scans are performed to balance the load in your scan queue. Conditions defined in the rate limit determine whether the rate limits are applied to queued entries.

Before you begin

Role required: sn_vul.admin

Procedure

  1. Navigate to Vulnerability > Vulnerability Scanning > Rate Limit Definitions.
  2. Click New.
  3. Fill in the fields on the form, as appropriate.
    Table 1. Rate limit definition
    Field Description
    Name Provide a descriptive name that identifies the conditions the queue entry must meet. For example, scans per minute
    Queue conditions Enter conditions used to determine whether a queued scan entry is subject to this rate limit. The conditions should not be specific to a particular scanner.
    Evaluation script Write a script with the logic to evaluate the queued entry. It is important that the script return true/false to define whether the entry is processed. Also, base the evaluation script on the queued entry being evaluated.
  4. Click Submit.

Apply scan rate limits to scanners

After you have defined scan rate limits using Rate Limit Definitions, you can apply rate limits to specific scanners.

Before you begin

Role required: sn.vul_admin

Procedure

  1. Navigate to Vulnerability > Vulnerability Scanning > Scanner Rate Limits.
  2. Click New.
  3. Fill in the fields on the form, as appropriate.
    Table 2. Scanner rate limit
    Field Description
    Scanner Select the scanner to which you want to apply a rate limit.
    Rate limit Select the rate limit you want to apply to this scanner.
    Threshold Enter the threshold that you want to subject the selected scanner to for the selected rate limit. For example, if the scanner allows 4 scans per minute, and the rate limit is defined as requests per minute, the threshold would be 4.
  4. Click Submit.