Skip to main content

Scan lifecycle

Every scan moves through a predictable sequence from creation to results.
1

Waiting

The platform accepted the scan and placed it in the queue. We hold it here until workers are available and any required VPN/agent is ready.
2

Running

The scanner is actively probing the target. You can stop it from the UI, but stopping is permanent (there is no resume).
3

Wrap-up & results

Once the scanner finishes, we compile findings and metadata, then mark the scan as finished or the appropriate terminal status.
Schedule scans during off-peak hours to reduce queue time and keep throughput high.

Scan statuses (runtime)

These labels map to the runtime ScanStatus enum used by the platform.
Status labelWhat it meansTypical next step
WaitingScan is queued and not yet executingKeep the tab open; it should transition to Running automatically
RunningScanner is actively workingMonitor progress or stop if needed
FinishedScanner completed and results are readyReview findings and download the report
StoppedYou or the system stopped the runRerun after adjusting scope or timing
TimeoutScan exceeded the allowed durationNarrow scope or increase timeout where supported
Start ErrorScan failed before it could startContact support (internal tool issue)
AbortedPlatform terminated the scan unexpectedlyContact support
VPN ErrorRequired VPN connection could not be establishedVerify VPN agent status and credentials
Authentication ErrorProvided auth to the target failedUpdate credentials or verification tokens
Connection ErrorNetwork connection to target failedConfirm DNS/ports/firewall and try again
SkippedRun bypassed because a block/robot rule prevented executionAdjust robot rules or allowlisting, then rerun

Status flow

Waiting → Running → Finished
  ↘              ↘ Stopped
  Start Error    ↘ Timeout
                 ↘ Aborted / VPN Error / Authentication Error / Connection Error / Skipped
Running and Waiting are the only active states. Everything else is terminal. Finished, Stopped, and Timeout retain partial or full results. Aborted and VPN Error may also retain partial results if the scan ran for some time before stopping. Authentication Error, Connection Error, and Skipped produce no results. The scan never started.

Understanding scan results

When a scan completes, you’ll see:
Findings countNumber of vulnerabilities discovered
Severity breakdownDistribution by severity level
Scan durationHow long the scan took
CoverageWhat was tested
A completed scan with zero findings doesn’t mean the target is secure. It means the scanner didn’t detect vulnerabilities with its current checks.
Some tools don’t generate structured findings. They return tool-specific output instead: discovered hosts, raw console output, or takeover reports. See Tools for details on what each one returns.

Common issues

This usually means workers are busy or the required VPN/agent is starting. If it persists, stop and rerun during off-peak hours.
Large scopes can hit duration limits. Reduce target scope or split into smaller scans, then rerun.
Confirm DNS resolution, ports, firewall rules, and supplied credentials or verification tokens.
Ensure the VPN agent is online and the tunnel profile is valid. Restart the agent if needed.
If you stopped it manually, rerun when ready. For Aborted, contact support with the scan ID.