Vulnerability scanning tools (Nessus, OpenVAS) in Cybersecurity - Time & Space Complexity

When using vulnerability scanning tools like Nessus or OpenVAS, it's important to understand how the time they take grows as the number of devices or vulnerabilities increases.

We want to know how the scanning time changes when the input size changes.

Analyze the time complexity of this simplified scanning process.

for each device in network:
    for each vulnerability in database:
        check if device is vulnerable
        record result
    end
end
    

This code checks every device against every known vulnerability to find security issues.

Look at the loops that repeat work.

• Primary operation: Checking each device against each vulnerability.
• How many times: For every device, it checks all vulnerabilities.

As the number of devices and vulnerabilities grows, the total checks grow quickly.

Input Size (devices x vulnerabilities)	Approx. Operations
10 devices x 10 vulnerabilities	100 checks
100 devices x 100 vulnerabilities	10,000 checks
1000 devices x 1000 vulnerabilities	1,000,000 checks

Pattern observation: Doubling devices and vulnerabilities causes the total checks to grow much faster, multiplying together.

Time Complexity: O(n × m)

This means the scanning time grows proportionally to the number of devices times the number of vulnerabilities.

[X] Wrong: "The scan time only depends on the number of devices or only on vulnerabilities."

[OK] Correct: The scan checks every device against every vulnerability, so both counts multiply to affect total time.

Understanding how scanning time grows helps you explain tool performance and plan scans efficiently in real work situations.

What if the tool only scanned a random sample of vulnerabilities per device? How would the time complexity change?