Best Practices for Using Your Rescan Quota
Last updated: July 8, 2026
Introduction
Manual rescans are a limited resource included with your Pentest engagement. Using them strategically helps ensure you don't exhaust your available quota before all vulnerabilities have been verified.
Since Automated Rescans are unlimited, they're a great way to validate your fixes before requesting a Manual Rescan.
This article explains how to make the best use of your available rescans.
Manual Rescan Quota
The number of Manual Rescans included depends on your engagement.
Pentest Plan | Manual Rescans Included |
|---|---|
Pentest | 2 Manual Rescans |
Pentest Auto | 1 Manual Rescan |
Express VAPT | 1 Manual Rescan |
Once your Manual Rescan quota has been used, additional manual verification may require purchasing additional rescans or starting a new engagement.
Note: Need additional Manual Rescans? You can purchase extra Manual Rescans as an add-on to your existing Pentest plan. To explore available options or request additional rescans, please reach out to your dedicated Customer Success Manager (CSM).
Automated Rescans Are Unlimited
Automated Rescans do not consume your Manual Rescan quota.
You can run Automated Rescans as many times as needed on eligible vulnerabilities until you're confident the issue has been resolved.
Recommended Workflow
1. Fix the reported vulnerabilities
Implement the required code or configuration changes.
2. Run an Automated Rescan first
If the vulnerability supports automated validation, run an Automated Rescan to verify your fix.
This provides immediate feedback without consuming your Manual Rescan quota.
3. Repeat if necessary
If the vulnerability is still detected, make additional changes and run another Automated Rescan.
Since Automated Rescans are unlimited, you can repeat this process as often as needed.
4. Request a Manual Rescan
Once you've completed your fixes and are confident they're ready for verification, request a Manual Rescan for the selected Pentest findings.
This ensures your Manual Rescan quota is reserved for final verification by Astra's security engineers.
Best Practices
Use Automated Rescans to validate fixes before requesting a Manual Rescan.
Save Manual Rescans for vulnerabilities that require verification by Astra's security engineers.
Fix multiple vulnerabilities before requesting a Manual Rescan instead of requesting one after every individual fix.
Ensure you've fixed at least 50% of the Critical and High severity vulnerabilities before requesting a Manual Rescan.
Submit your Manual Rescan request within the eligible rescan window.
Frequently Asked Questions
Does an Automated Rescan use my Manual Rescan quota?
No. Automated Rescans are unlimited and do not affect your Manual Rescan allowance.
How many Manual Rescans are included?
Pentest plan: 2 Manual Rescans
Pentest Auto: 1 Manual Rescan
Express VAPT: 1 Manual Rescan
Can I run Automated Rescans multiple times?
Yes. You can run Automated Rescans as many times as needed for eligible vulnerabilities.
Why should I use an Automated Rescan before a Manual Rescan?
Running an Automated Rescan helps confirm that your fixes are working before consuming one of your limited Manual Rescans. This ensures your Manual Rescan quota is used only when you're ready for final verification by Astra's security engineers.