Scan Limiting

this section explains how limits are applied to domains/ips for a scan limits applied to seeds used to create a scan are covered in seeds and ips what is scan limiting? every licence plan has a domain/ip limit applied to each scan type the impact of scan limiting is domains and ips within the licence plan scan limit are fully processed and results are shown in the scan report domains and ips above the scan limit will not be fully processed and their results will not be included in the scan report the scan would then show that the limit has been reached how does limiting work? the scan limit is not just the seeds you use as the start point for the scan, it is based on all discovered domains and ips during the scan activity, which includes both in and out of scope domains and ips the overall scan size is a sum of the in scope and out of scope domains and ips the overall scan size is shown on the scans page and the scan overview shows the totals for in scope and out of scope if your scan has been limited then these numbers won't reflect all of the domains and ips that could be discovered, it will show how many were found before the scan stopped when it reached the scan limit to make your scan smaller, consider splitting the scan seed domains and ips across more than one scan scan limiting by scan type how scan limiting affects your organisation will be dependent on the types of scans that your organisation runs for own monitoring scans, the limit is applied across all scans limiting is applied when the total number of nodes across all of the organisation's own monitoring scans has been reached any future own monitoring scans will be limited for ad hoc scans, the limit is applied per scan limiting is only applied to the scan that is being run, irrespective of the size of any previous scans future scans are not impacted if a previous ad hoc scan has reached the limit for 3rd party scans, the limit is applied per scan, apart from organisations on enterprise plans limiting is only applied to the scan that is being run, irrespective of the size of any previous scans, and future scans are not limited for enterprise scans, please refer to the contract agreement if you are unsure, please contact the support team from within hexiosec asm or email support\@hexiosec com monitoring usage the owner and admin roles are responsible for monitoring scan usage across their organisation usage information for all scan types can be accessed by the admin role from the usage page, under the organisation icon approaching/reaching limits when your organisation is getting close to, or reaches, its scan limit you will be alerted via warnings/alerts within hexiosec asm and in the scan and report notification emails the warnings and alerts will be visible to all users in your organisation when the domain and ip limit has been reached, limited out of scope domains and ips can be made in scope, but will not be processed until the organisation is below its limit the scan will appear to run but will show that the nodes were not scanned; please note that the scan results will be incomplete if the limited scan is of the type where a limit is applied per scan (e g ad hoc scans) then you may want to take a look at the domains in the scan report to see if you can split them out across more than one scan to mitigate the impact of limiting, scans can be deleted and will be placed into a soft delete state for 30 days, to allow recovery, before being hard deleted the impact on scan limits will not take effect until the scan is hard deleted the scan limit can be increased by upgrading the organisation licence plan, please follow the upgrade link within hexiosec asm or contact us at support\@hexiosec com changes to limits when changing licence plan if the scan limit is reduced as a result of changing a license plan, then previously included nodes may be marked as limited and excluded from future scan results if the scan limit is increased, nodes will be added to the scan until the limit is met in both cases, the scan results will not change immediately , but will update when the scan is next run