Concurrency Limiting

There are maximum limits for concurrent export requests. Tenable Vulnerability Management applies these limits on concurrent exports to ensure that all customers experience the same level of service. You can have a maximum of ten or three active concurrent export requests per Vulnerability Management customer instance or container depending on which endpoint you are using. Additionally, there is a maximum limit for concurrent scans. You can have a maximum of 25 active scans per Vulnerability Management customer instance or container.

If you submit an API request after you reach the concurrency limit, Vulnerability Management returns an HTTP response message with a 429 (Too Many Requests) status code. The response also includes a retry-after header element that specifies the number of seconds to wait before retrying.

Contact your Tenable representative if you have further questions regarding concurrent exports or concurrent scans.

Example Response Header

connection:keep-alive 
content-length:580 
content-type:text/html
date:Wed, 24 Oct 2018 17:13:43 GMT 
retry-after:30 
server:tenable.io
strict-transport-security:max-age=63072000; includeSubDomains
x-content-type-options:nosniff
x-gateway-site-id:nginx-router-b-eng-us-east-1.dcld
x-path-handler:tenable-io-plugins-plugin

Concurrent Export Limits

The following table outlines the concurrency limits for specific Vulnerability Management export endpoints.

Concurrent Active Scan and Scan Processing Limits

The following table outlines the concurrency limit for active scans and scan processing in Vulnerability Management. An active scan is defined as any Vulnerability Management or web application scan not in a completed, stopped, empty, imported, aborted, or canceled status. For a full list of scan statuses, see Scan Status. Additionally, this limit includes the processing of agent scan data.