Skip to main content
CyStack VulnScan is lightweight enough to run on a personal workstation, laptop, or server. The right sizing depends on scan scope, concurrency, target responsiveness, report volume, and whether AI-assisted analysis is enabled.

Supported Platforms

VulnScan is distributed as a binary for:
PlatformNotes
WindowsSuitable for analyst laptops, workstations, and Windows Server deployments.
macOSSuitable for analyst workstations and local CLI usage.
LinuxRecommended for shared Web UI servers, automation runners, and larger recurring scans.
Use a stable server or virtual machine for team deployments where multiple users need the Web UI, recurring scans, shared history, email notifications, and report jobs.

Hardware Sizing

Deployment SizeSuggested MinimumRecommended Use
Evaluation or small scan2 vCPU, 4 GB RAM, 10 GB free diskSingle analyst, a small number of domains/IPs, short-lived tests.
Team workspace4 vCPU, 8 GB RAM, 50 GB SSDShared Web UI, recurring scans, PDF reports, email notifications.
Large external attack surface8+ vCPU, 16-32 GB RAM, 100+ GB SSDLarge domain portfolios, CIDR ranges, frequent scheduled scans, higher report volume.
These are practical starting points, not hard limits. Increase CPU and memory when scans run concurrently, when targets have many subdomains/endpoints, or when PDF reporting and AI-assisted analysis are used heavily.

Browser Requirements

The Web UI supports current versions of:
  • Google Chrome.
  • Microsoft Edge.
  • Mozilla Firefox.
  • Apple Safari.
For best results, use a browser that can access the VulnScan Web UI over the deployment’s configured HTTPS endpoint.

Network Requirements

The VulnScan host needs:
  • DNS resolution for target domains and subdomain discovery.
  • Network reachability to the targets and ports included in the approved scope.
  • Outbound access to CyStack licensing and update services for online deployments.
  • Outbound access to mail providers when email notifications are enabled.
  • Outbound access to AI cloud providers when AI-assisted analysis is configured with a cloud API token.
  • Access to local/private AI endpoints when AI-assisted analysis is configured inside the customer environment.
For staging or protected applications, allow the VulnScan host’s egress IP in the target environment before running authenticated or deep scans.

Storage Planning

Storage usage grows with:
  • Number of assets and scan runs.
  • Findings and evidence retained for each scan.
  • Report exports, especially PDF.
  • Local vulnerability intelligence data and offline artifacts.
  • Logs and background job metadata.
Use SSD storage for shared deployments. Back up the VulnScan data directory according to your recovery policy.

AI Requirements

AI-assisted features are optional and depend on the licensed package and configuration. Supported deployment patterns include:
AI ModeWhen to Use
AI cloud API tokenFast setup when the organization allows a compatible cloud AI provider.
Local/private AI endpointSensitive environments that require data to stay inside the customer’s network.
Dedicated AI worker or agentLarger or restricted deployments that separate scanning from AI analysis workloads.
When AI is enabled, review your data handling policy before sending scan context to any external provider. Use local/private AI mode for highly sensitive environments.