Generally described, computing devices utilize a communication network, or a series of communication networks, to exchange data. Companies and organizations operate computer networks that interconnect a number of computing devices to support operations or provide services to third parties. The computing systems may be located in a single geographic location or located in multiple, distinct geographic locations (e.g., interconnected via private or public communication networks). Specifically, data centers or data processing centers, herein generally referred to as a “data center,” may include a number of interconnected computing systems to provide computing resources to users of the data center. The data centers may be private data centers operated on behalf of an organization or public data centers operated on behalf, or for the benefit of, the general public.
To facilitate increased utilization of data center resources, virtualization technologies may allow a single physical computing device to host one or more instances of virtual machines that appear and operate as independent computing devices to users of a data center. The single physical computing device may create, maintain, delete, or otherwise manage virtual machines in a dynamic manner. In some scenarios, various computing devices may be associated with different combinations of operating systems or operating system configurations, virtualized hardware resources and software applications to enable a computing device to provide different desired functionalities, or to provide similar functionalities more efficiently. Further, virtual machines may themselves be partitioned into multiple isolated virtual systems, called “containers.” The virtual machine controls allocation of resources such as processing power and memory, and each container has its own process and network space in which the container may, for example, execute software programs.
In such a system, a service provider may operate networks of systems to provide access to software using varying numbers of virtual machine resources. However, performing a network vulnerability scan or another network scan in such a service provider environment may be difficult, as network scans typically execute sequentially and may require substantial amounts of compute resources, which may degrade performance of the service. Additionally, in cases in which customers of the service provider change how they use the compute resources over time, the compute resources may go offline when not in use, and a different customer virtual machine may operate or service may be provided using the same network address as the service that was being scanned. This may make the results of the network scan unreliable, as the results of certain portions of the scan may be relevant to another organization (e.g., the service provider or a customer) entirely.