Depending on the scanner in use, each may run into conditions that cause them to run for extended periods, even up to a full day. Here's the breakdown for each scanner:
Nmap
Nmap scans 65,535 ports, which can take quite some time depending on the network conditions and the speed of the server. When Nmap is taking longer than a few hours to scan, it's likely due to some security measure like a firewall blocking or throttling requests. Rest assured, the scan will finish, and your server is not being overloaded.
OWASP Zap
Zap crawls over the pages it discovers on your website. If you have a large site, with a high number of pages, the scan may run significantly longer as the crawler reaches each page, and tests it's vulnerability database against the discovered page. We run OWASP ZAP with respectful settings that balance the scanner speed and the rate of traffic sent to the target. This prevents any issues with load on your web application.
OpenVAS
OpenVAS has a large vulnerability database to test, and the tests will be run based on what services OpenVAS discovers on your server. Running for many hours (even a half day) is entirely normal. The network speed, firewall settings, and services on your server all influence the length of time that OpenVAS runs. OpenVAS is also run with conservative network traffic rate settings to prevent impacts to your server's performance.
Sslyze
Ssylyze is our only scanner that would be highly unusual to take more than a few minutes to run. The scan may be queued if we have a high number of jobs processing. If it's in the running state, for more than 15 minutes, stop the scan and try starting again.
If you're ever having an issue with a scanner, you can always stop the scan mid-run.