Blog
Product

Introducing Nuclei: the scanner that packs a punch

Daniel Andrew
Author
Daniel Andrew
Head of Security

Key Points

Like antivirus software, vulnerability scans rely on a database of known weaknesses and are only as good as the latest update.

Even if you choose a solution using the best industry-leading scanners, there could be weaknesses that they might miss. Which is why we've augmented Intruder with another scanner – and we’re really excited to tell you about it. We’ve always believed in being the best, and adding Nuclei is the next step to providing the best vulnerability management platform on the market.

What is Nuclei?

Nuclei is an open-source vulnerability scanning engine which is fast, extensible, and covers a wide range of weaknesses. It’s become increasingly popular with bug bounty hunters, penetration testers and researchers who want to produce repeatable checks for serious weaknesses.

These experts, working with the Nuclei’s own team at ProjectDiscovery, combine their knowledge and insights about cutting-edge weaknesses to produce checks extremely fast – which makes scanning as soon as possible after a vulnerability is discovered.  

What does Nuclei add to Intruder?

Intruder is adding Nuclei as a scanning engine to augment and enhance our attack surface checks for customers, such as login panels that shouldn’t be internet-exposed, and a wider range of checks for known vulnerabilities in services which are typically internet-exposed.

Nuclei augments Intruder’s existing scanning engines by helping you discover more about your attack surface – because you can’t protect what you don’t know about – by providing even more coverage than the powerful scanning engines we already use under the hood, such as Tenable and OpenVAS.

With over 3,000 additional checks in the initial release, Intruder will offer much broader and deeper coverage and discovery capabilities that can’t be matched by using a single vulnerability scanner alone.

Check out our metrics on how Nuclei and Tenable complement each other.

The benefits of using multiple scanning engines  

Generally speaking, vulnerability scanners aim to produce checks for as many vulnerabilities as possible. However, the number of vulnerabilities discovered year on year is now so high (more than 25,000 already this year), that it’s impossible for a single scanning engine to keep up with them all. As a result, even the very best, industry-leading leading scanners will struggle to check for every known vulnerability out there.

In fact, our analysis from early 2023 which compared Tenable’s Nessus (an industry leading scanner we use at Intruder) and OpenVAS (an open-source scanner) showed significant differences in coverage between scanners:

“Tenable checks for 12,015 CVEs which OpenVAS does not check for and OpenVAS checks for 6,749 CVEs which Tenable does not check for.”

And even though your chosen scanner may be making sensible decisions on which vulnerabilities to write checks for (like whether it has been seen exploited in the wild, or whether it’s in software products which are very widely used) some may get missed.  

Unfortunately, this could include software that your organization uses – and it’s a harsh reality that one day you may find out that you’ve been compromised via an attack vector which your scanner(s) simply don’t yet have a check for.

So, the simple answer is to have multiple scanning engines. Provided their capabilities don’t significantly overlap (which is inefficient and duplicates work), having several complementary scanners improves coverage by finding more vulnerabilities, discovering more about what your attack surface looks like.

How will this reduce your attack surface?

Nuclei brings specific detection and discovery capabilities which are an integral part of attack surface reduction (ASR). By adding this capability to detect more systems and panels that are exposed, you’ll get the knowledge you need to help you decide which of those really need to be exposed, and which can be hardened.  

The size of your attack surface, and how well it’s managed, is closely tied to your risk of opportunistic attackers exploiting your systems. The less you expose, and the more hardened the services you expose are, the harder it is for an attacker to exploit a weakness.

Want to know more?

Interested in learning more about Nuclei and Intruder? Talk to us.

Get our free

Ultimate Guide to Vulnerability Scanning

Learn everything you need to get started with vulnerability scanning and how to get the most out of your chosen product with our free PDF guide.

Sign up for your free 14-day trial

7 days free trial