Intruder Vulnerability Scanner

The Intruder vulnerability scanner is a cloud-based software tool that finds and prioritizes cybersecurity weaknesses, helping organizations avoid the most serious security risks. Intruder was founded in 2015 by Chris Wallis. The company set initial goals upon improving the prioritization of identified issues, better prioritizing and tracking them, and then issuing timely alerts. The goal of the Intruder vulnerability scanner is to minimize or eliminate the risk associated with potential cybersecurity data breaches. 

Hackers are constantly probing for security vulnerabilities which can be used to initiate and support an attack. Hackers have access to a broad set of tools and use vulnerability scanners to automate their efforts as they search for openings. The Intruder vulnerability scanner saves you time and reduces your risk by proactively scanning for new vulnerabilities and threats. The use of an external vulnerability scanner in the hands of a skilled ethical hacker is an important part of protecting your enterprise networks and assets.

There are a multitude of attack vectors available for cyberattackers to use. External networks are easily accessible, however your internal systems can also be reached and then breached. Email is a very common attack vector. One email containing a malicious attachment, or link to a web page that exploits known unpatched software on an employee’s device, can reach far inside the enterprise after only one click by an unsuspecting worker. Unpatched software can also create many opportunities for a cyberattacker and facilitate their ability to move laterally once inside.

For these reasons, it is important to have an updated, patched and “hardened” environment to reduce the opportunities that may be found as a cyberattacker seeks to move laterally. These sorts of preventive steps are also important for compliance with many security standards, risk analyses, and more.

The Intruder vulnerability scanner is well known for its ability to prioritize issues so that security teams focus on the issues most likely to bring risk. Intruder was also initially part of the GCHQ Cyber Accelerator and has now matured to having over a thousand customers, both in government and enterprise business, worldwide. 

Intruder is rich with basic functionality. It enables you to scan all of your servers, clouds, website, and industry devices to find, identify, and prioritize missing updates and missing patches, misconfiguration (a common source of breaches especially in the cloud today), encryption issues, and much more. 

In context, dozens of new vulnerabilities are discovered every day, and many of them are likely within the typical large enterprises’ environment. The Intruder external vulnerability scanner allows you to find and identify web-layer security problems like SQL injection and CSS cross site  scripting, RCE remote code execution flaws, and other security misconfigurations and issues.

Intruder’s continuous vulnerability monitoring system ensures that you are secured against even the very latest threats and have time to act before it’s too late. Cyberattackers typically move quickly to adopt exploits to leverage the latest vulnerabilities. Continuous vulnerability scanning helps enterprises that may not have a full threat research program.

Intruder’s external pen test tool curates and organizes the results of scanning to help your team best prioritize identified security issues. Intruder makes sure to highlight and prioritize those issues which need priority, so your teams can make rapid and well optimized decisions about how to invest time in remediating the most urgent issues. The results of scanning results are analyzed for relative risk, and false positive results are eliminated. 

Many times the output of early vulnerability scanner tools are difficult to interpret and more difficult to make rapidly actionable. Intruder’s issue descriptions clearly describe the security impact of issues, and the types of real-world attacks that leverage them. 

Because the Intruder vulnerability scanner is a SaaS product, it is easy to set up and configure. Supported integrations include Microsoft Teams, Zapier, a full REST API, cloud integrations to include with AWS, Azure and Google cloud, Slack, and Jira.

Intruder has a full set of enterprise grade features. Intruder uses an industry-leading scanning engine which is widely deployed. It includes 65,000+ local checks available for known vulnerabilities, and new ones are being added on a regular basis. 

Internal scans check for similar types of issues as our external scans, but can do so from a trusted position on the device, gathering even more data to help secure your systems. They can identify common mistakes & configuration weaknesses such as using default passwords or perhaps note enabling encryption.

Internal scans can uncover a multitude of issues. Software configuration issues continue to be prevalent, especially as organizations embracing the digital transformation seek to deploy new cloud applications at a pace that overstretches the experience of their teams. Simple mistakes such as leaving default passwords, not enabling encryption or other security settings are found quite often.

Patch management is another fundamental part of keeping your digital assets and infrastructure safe and secure. Missing patches can quickly be detected and exploited by attackers. Intruder’s internal security scans can find vulnerabilities in software, operating systems, and network devices.

‍Encryption weakness and misconfiguration is another area of opportunity for better protection and improvement. It is common to find that many applications and services which are capable of secure encryption have not been configured! Or perhaps configured incorrectly to reduce protection! Intruder has checks for all the latest known encryption weaknesses, some of which include: SSL/TLS weaknesses, VPN encryption weaknesses and much more.

IP address management and DNS are other areas of opportunity for Intruder. You must be able to track assets.  Cloud platforms can make this problem even more challenging, as users effortlessly spin up new VMs and containers in the cloud. It is difficult to identify and monitor new systems which are exposed to the internet. Intruder’s cloud bot can be activated for AWS, Google Cloud or Azure accounts. Cloud bot will then perform regular checks for new IP addresses and hostnames. Intruder Cloud Connectors will remove IPs which are no longer in use—this prevents the scanning of another party’s infrastructure. 

Visibility is key to the best cyber defense. It is common for most enterprises and governments  to have services across multiple regions (in AWS), across other cloud accounts, and other cloud platforms! Intruder’s Cloud Connectors provide a single pane of glass into the services and security exposures across all your cloud environments. All Intruder’s identified issues are clearly identified and explained for your team. This high degree of visibility is one of the many reasons for the Intruder vulnerability scanner’s success.

Want to learn more? Check out our FREE Bugcrowd University to sharpen your hacking skills.

Organizations the world over need your help! Join our researcher community to connect with hundreds of organization programs focused on finding their security vulnerabilities. Our vast directory includes programs for all skill levels, across many industries and from around the world.