Why attack surface reduction is your first line of defense

Why attack surface reduction is your first line of defense

Proactive attack surface reduction is about reducing unnecessary internet exposure before it becomes a problem.
Daniel Andrew
|
min read
March 3, 2026
|
min read
Beyond Compliance: What Actually Builds Customer Trust

Beyond Compliance: What Actually Builds Customer Trust

Compliance frameworks help you pass an audit; continuous compliance helps you keep customer confidence.
Ashley Hyman
|
min read
February 18, 2026
Compliance
Building a Secure Container Registry Strategy

Building a Secure Container Registry Strategy

Container registries are a critical attack surface. Learn how to secure them and how Intruder automates image discovery and scanning.
Manuel Morejon
|
min read
February 9, 2026
Cloud security
19 Cyber Leaders to Follow on LinkedIn (and Why They Deserve Your Attention)

19 Cyber Leaders to Follow on LinkedIn (and Why They Deserve Your Attention)

Cut through LinkedIn noise with 20 security leaders sharing real-world insights. From malware analysis to AppSec to vulnerability intel—voices that help you do better work.
Eamon Carroll
|
min read
February 5, 2026
Insights
See TODAY’S CVE TRENDS

Our latest research

more research
Secrets in your Bundle(.js) - The Gift Attackers Always Wanted

Secrets in your Bundle(.js) - The Gift Attackers Always Wanted

Our scan of 5M apps uncovered 42k+ tokens in JavaScript bundles, from code repo tokens to project management API keys. Learn why traditional scanners miss them, and how Intruder’s new secrets detection method catches what others can’t.
Benjamin Marr
December 11, 2025
AI Vibe Coding: When Convenience Turns Into a Security Liability

AI Vibe Coding: When Convenience Turns Into a Security Liability

When we used AI to help code a honeypot, it introduced a vulnerability of its own. What transpired was a fascinating, if uncomfortable, lesson in AI complacency - how easily trust in automation can make us miss what’s right in front of us. We share what we learned and what it means for anyone using AI to code.
Sam Pizzey
December 2, 2025
How We’re Using AI to Write Vulnerability Checks (and Where It Falls Short)

How We’re Using AI to Write Vulnerability Checks (and Where It Falls Short)

Intruder’s security team is experimenting with agentic AI to accelerate vulnerability checks. Discover what’s working, what isn’t, and why AI isn’t the silver bullet it’s made out to be.
Benjamin Marr
September 11, 2025

Cyber explainers

more guides
AWS Cloud Security Explained: What’s Left Exposed?

AWS Cloud Security Explained: What’s Left Exposed?

Think AWS has your security covered? Not entirely. This blog breaks down what AWS doesn’t secure, real-world risks you’re responsible for, and key actions you can take.
Daniel Andrew
March 20, 2025
Cloud security
AWS Security Services: What They Do and Don’t Do

AWS Security Services: What They Do and Don’t Do

AWS security services help protect your cloud, but they don’t secure everything. See what’s missing and how Intruder goes further to simplify cloud security.
Daniel Andrew
March 6, 2025
Cloud security
Azure Cloud Security: The Critical Vulnerabilities You’re Responsible For

Azure Cloud Security: The Critical Vulnerabilities You’re Responsible For

Avoid costly cloud mistakes. Learn which Azure vulnerabilities you’re responsible for - and how Intruder helps you fix them fast.
Daniel Andrew
June 17, 2025
Cloud security
The State of Exposure Management in 2025
Insights from 3,000+ companies
get the report
Clear all filters
Streamlining the chaos of vulnerability management

Streamlining the chaos of vulnerability management

When Product Lead, Andy Hornegold, was asked to speak at DTX Europe, he used the Optus breach in Australia to show how vulnerability scanning could ...
James Harrison
|
min read
October 20, 2022
|
min read
Vulnerability management
Does the OWASP Top 10 still matter?

Does the OWASP Top 10 still matter?

What is the OWASP Top 10, and – just as important – what is it not? Find out how you can make the report work for your business
James Harrison
|
min read
October 5, 2022
|
min read
Application security
5 Network Security Threats And How To Protect Yourself

5 Network Security Threats And How To Protect Yourself

Cybersecurity today matters so much because of everyone’s dependence on technology, from collaboration, communication and collecting data...
Chris Wallis
|
min read
September 1, 2022
|
min read
Vulnerabilities and Threats
Agent-Based vs Network-Based Internal Vulnerability Scanning

Agent-Based vs Network-Based Internal Vulnerability Scanning

Generally, when it comes to identifying and fixing vulnerabilities on your internal network, there are two competing (but not mutually…
Chris Wallis
|
min read
June 13, 2022
|
min read
Vulnerability scanning
Mind the gap – how to ensure your vulnerability detection methods are up to scratch

Mind the gap – how to ensure your vulnerability detection methods are up to scratch

With global cyber crime costs expected to reach $10.5 trillion annually by 2025, it comes as little surprise that the risk of attack ...
Andy Hornegold
|
min read
June 8, 2022
|
min read
Vulnerability scanning
What Are Fake Clickjacking Bug Bounty Reports?

What Are Fake Clickjacking Bug Bounty Reports?

Beware, there’s a new trend in play, concerning a new type of fake clickjacking bug bounty reports. Read on to understand what to ...
Daniel Thatcher
|
min read
April 14, 2022
|
min read
Insights
Spring4Shell [CVE-2022-22965]: All you need to know

Spring4Shell [CVE-2022-22965]: All you need to know

Spring4Shell is a critical vulnerability (CVSSv3 9.8) targetting Java’s most popular framework, Spring, and was disclosed on 31 March ...
Benjamin Marr
|
min read
April 5, 2022
|
min read
Vulnerabilities and Threats
Announcing Authenticated Scanning: Enhance Your Web Application Security With More In-depth Checks

Announcing Authenticated Scanning: Enhance Your Web Application Security With More In-depth Checks

Today we are thrilled to announce the release of authenticated web application scanning! This new capability allows our customers to ...
Olya Osiagina
|
min read
March 17, 2022
|
min read
Product
How to Keep on Top of Emerging Cyber Threats

How to Keep on Top of Emerging Cyber Threats

Every single day around 60 new vulnerabilities are discovered in software used throughout the world. Not all are serious but just one can...
Chris Wallis
|
min read
January 9, 2022
|
min read
Vulnerabilities and Threats
Log4j vulnerability: what is it and how to detect it?

Log4j vulnerability: what is it and how to detect it?

Apache Log4j is a logging package for Java which has been widely adopted and integrated into many applications. Developers need a way of ...
Andy Hornegold
|
min read
December 15, 2021
|
min read
Vulnerabilities and Threats
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Sign up for your free 14-day trial

Start today