Hi @Sam_Anthonisz and thanks a lot for reporting this problem.
I see the core of the time happens in the UcfgGenerator
Time (s) % Analyzer
1089.486 70 SonarAnalyzer.Security, Version=8.5.0.4829, Culture=neutral, PublicKeyToken=null
1089.486 70 SonarAnalyzer.Security.CSharp.UcfgGenerator
The UCFG files are an abstraction of the source code (the Control Flow Graph) which we use to detect injection vulnerabilities. Normally, the generation of the UCFG files shouldn’t take that much to generate. We’ve seen it can take 10% to 30% of the total analysis time, but not 70%!
I’d be really interested to find out what’s special about your project, I will send you a private message to discuss further away from public eyes.