Do you whitelist scanner IP addresses when you conduct web application scan?

We have a few internet facing websites that serve serve our customers for various purpose. We are using Tenable Nessus io to conduct web application scans on these websites. These sites are behind a CDN service and CDN vendor has WAF to protect the sites.

Every times when we conduct web application scan, we will inform CDN vendor to whitelist the scanner source IP ranges. The rationale from my boss is that “we want to scan our web app for …

addresses application cdn customers cybersecurity internet ip addresses nessus protect scan scanner scans service tenable vendor waf web web application websites whitelist