Asset Health Checks

Asset Health Checks

FortWatch continuously verifies that your assets remain reachable, even between scans. Health checks ensure you are notified promptly if an asset goes offline or becomes unreachable.

How Health Checks Work

Every day at 3:00 AM, FortWatch runs an automated health check on all active assets. The health check performs the same validation steps as the initial asset validation:

1. DNS Resolution (for domain assets) — Confirms the domain still resolves.
2. HTTP Connectivity — Verifies the asset responds to HTTP/HTTPS requests.
3. CDN/WAF Status — Re-checks CDN and WAF detection in case infrastructure changes have occurred.

What Happens When a Health Check Fails

If an asset fails its health check, it is marked as Inactive. Inactive assets:

• Will not be included in scheduled scans until they are reachable again.
• Are visually flagged in the asset list so you can identify them quickly.
• Retain all their historical scan data, findings, and issues.

Automatic Recovery

If an inactive asset becomes reachable again during a subsequent health check, it is automatically restored to Active status and re-enrolled in its scan schedule.

Health Check vs. Scan Schedule

Health checks and vulnerability scans are separate processes:

• Health checks run daily at 3:00 AM and only verify reachability.
• Vulnerability scans run according to each asset's configured schedule (default: daily at 3:30 AM) and perform full Nuclei and Nmap scans.

The 30-minute gap between health checks (3:00 AM) and scheduled scans (3:30 AM) is intentional — it allows FortWatch to mark unreachable assets as inactive before attempting to scan them, preventing wasted scan cycles.