SecurityScorecard uses a continuous scanning cadence to assess a company’s digital footprint. Scanning runs continuously to enable faster detection and improve coverage of potential security issues, helping customers maintain a more up-to-date view of their security posture and cyber risk.
How scanning works
With continuous scanning enabled:
A company’s entire digital footprint is scanned on an ongoing basis
Scans target known assets in the footprint rather than using a broad IPv4 dragnet approach
The upgraded scanning infrastructure provides more precise and consistent coverage
This allows SecurityScorecard to detect changes in a company’s attack surface more quickly as assets and configurations evolve.
FAQs
Q. When do scans run?
There is no fixed scan time. Scanning runs continuously rather than on a set daily schedule.
Q. Are all issue types scanned on the same cadence?
Most issue types are scanned continuously, though scan frequency varies by issue type.
For details on how our scoring works, see our Scoring Methodology Whitepaper.
Q. Does continuous scanning result in more issue findings?
It can. Faster scanning increases the likelihood of detecting issues if they are present. Any newly detected issues appear in the platform under their respective issue types and can be reviewed in the History page for your scorecard.
Q. Will SecurityScorecard scan and show more assets (IPs and domains) with this scanning cadence?
No. SecurityScorecard scans a company’s existing digital footprint to detect potential issue findings. The scanning cadence does not expand or add new assets to a scorecard.
A company’s digital footprint can change over time as assets are added or removed, and this change can be reviewed in the Attribution Log.
Q. Do scores update faster with this scanning cadence?
No. Score calculation timing remains the same. Main scorecards typically update within 2-3 days. For more information, see What is a Scoring Date?
Q. Does the scanning cadence impact issue decay periods?
No. Issue decay periods remain unchanged.
Q. Do custom scorecards use the same scanning cadence?
Yes, all scorecards are scanned using the same cadence.
Q. Does the scanning cadence increase load on customer web applications?
No, the scanning cadence does not increase load on customer environments.