The course of the scan phase depends on the selected service package:
- Ad-hoc Compromise Assessment
- Continuous Compromise Assessment
The first scan, both for Ad-hoc Compromise Assessments and Continuous Compromise Assessments, is always a baseline scan to get an overview of the current security and risk situation. If Continuous Compromise Assessment has been selected as the service package, follow-up scans are performed at selected intervals, which build on the baseline scan and only look at changes. Continuous Compromise Assessment in particular makes the analysis more efficient with each subsequent follow-up, and potential attacks can be detected much more quickly.