59 lines
1.1 KiB
Plaintext
59 lines
1.1 KiB
Plaintext
---
|
|
title: "Scan Modes"
|
|
description: "Choose the right scan depth for your use case"
|
|
---
|
|
|
|
Strix offers three scan modes to balance speed and thoroughness.
|
|
|
|
## Quick
|
|
|
|
```bash
|
|
strix --target ./app --scan-mode quick
|
|
```
|
|
|
|
Fast checks for obvious vulnerabilities. Best for:
|
|
- CI/CD pipelines
|
|
- Pull request validation
|
|
- Rapid smoke tests
|
|
|
|
**Duration**: Minutes
|
|
|
|
## Standard
|
|
|
|
```bash
|
|
strix --target ./app --scan-mode standard
|
|
```
|
|
|
|
Balanced testing for routine security reviews. Best for:
|
|
- Regular security assessments
|
|
- Pre-release validation
|
|
- Development milestones
|
|
|
|
**Duration**: 30 minutes to 1 hour
|
|
|
|
## Deep
|
|
|
|
```bash
|
|
strix --target ./app --scan-mode deep
|
|
```
|
|
|
|
Thorough penetration testing. Best for:
|
|
- Comprehensive security audits
|
|
- Pre-production reviews
|
|
- Critical application assessments
|
|
|
|
**Duration**: 1-4 hours depending on target complexity
|
|
|
|
<Note>
|
|
Deep mode is the default. It explores edge cases, chained vulnerabilities, and complex attack paths.
|
|
</Note>
|
|
|
|
## Choosing a Mode
|
|
|
|
| Scenario | Recommended Mode |
|
|
|----------|------------------|
|
|
| Every PR | Quick |
|
|
| Weekly scans | Standard |
|
|
| Before major release | Deep |
|
|
| Bug bounty hunting | Deep |
|