Is there any downtime when a vulnerability scan or a Pentest is happening?

We've not had a situation where Astra's vulnerability scanner or Pentest has caused any downtime. This is because:

• Our vulnerability scanner sends requests in a controlled manner to your application

• The intent of a Pentest is not to stress test the application but to uncover vulnerabilities in the application

• A Pentest or a Vulnerability Scan is different from DDoS testing. We do not perform any DDoS testing which often leads to you having a downtime

| We do recommend running the scan & Pentest in staging environment. Why's that? Find out in the help article below 👇

Should I run a vulnerability scan on Production or Staging environment?