Key Points
New capabilities enable organisations of all sizes to automatically scan APIs and secure more of their attack surface
March 30, 2023 – Intruder, the vulnerability scanning and attack surface management platform, has announced the launch of its cutting-edge API scanning abilities. The update to its cloud-based vulnerability management service allows organisations of all sizes to secure their APIs by automatically detecting vulnerabilities, gaps, security weaknesses, and misconfigurations that hackers can exploit.
As more organisations build APIs to facilitate automation, attack surfaces are expanding, making it crucial for organisations to include them under their security operations. Intruder’s latest capability automatically scans every API, providing organisations with detailed insights that they can use to proactively reduce exposure – whether it’s a vulnerability in the web server they’re using or an SQL injection in the parameters of one of the pages they’ve built themselves.
“I’m excited that we can now offer such an easy to use and accurate API scanning capability at a time when it is desperately needed,” said Chris Wallis, CEO of Intruder. “In light of recent high profile API breaches such as Optus and T-Mobile, this feature will give companies full understanding and control over their API security and allow them to implement a more complete exposure management strategy.”
Intruder’s API scanning feature has a focus on ease of use. Instead of scanning infrastructure and APIs separately and attempting to correctly manage several configuration options, Intruder’s inbuilt API scanning capabilities mean customers simply need to add a target and upload the API schema. They will then receive comprehensive data about the asset, providing clear and actionable insights for any vulnerabilities detected.
“API security is notoriously difficult to conceptualise, and the number of APIs exposed to the internet is increasing year-on-year – driven in-part by the demand for greater automation. This is expanding the attack surface that opportunistic hackers can attempt to exploit and then gain access,” said Andy Hornegold, Product Lead at Intruder. “Intruder simplifies the process of API security from initial setup to continuous monitoring – our customers love the fact that they can ‘set and forget.’ Simultaneously, Intruder’s API scanning is tailored to the APIs of each company, addressing their individual needs. In short, it enables effective API security through informed scanning, saving companies both time and resources.”
Intruder's new API scanning capabilities are available immediately for all customers, including for free on an introductory 14-day free trial.
About Intruder
Intruder was founded in 2015 to solve the information overload crisis in vulnerability management. It’s mission from day one has been to help divide the needles from the haystack, focusing on what matters, while ignoring the rest. Effective cyber security is about getting the basics right. Intruder helps do that, saving time on the easy stuff, so users can focus on the rest. It has been awarded multiple accolades, was selected for GCHQ's Cyber Accelerator, and is now proud to have over 2,500 happy customers all over the world.
Media Contacts
Hannah Arnold/Maj Meah
Red Lorry Yellow Lorry for Intruder
