Why attack surface reduction is your first line of defense

Why attack surface reduction is your first line of defense

Proactive attack surface reduction is about reducing unnecessary internet exposure before it becomes a problem.
Daniel Andrew
|
min read
March 3, 2026
|
min read
Beyond Compliance: What Actually Builds Customer Trust

Beyond Compliance: What Actually Builds Customer Trust

Compliance frameworks help you pass an audit; continuous compliance helps you keep customer confidence.
Ashley Hyman
|
min read
February 18, 2026
Compliance
Building a Secure Container Registry Strategy

Building a Secure Container Registry Strategy

Container registries are a critical attack surface. Learn how to secure them and how Intruder automates image discovery and scanning.
Manuel Morejon
|
min read
February 9, 2026
Cloud security
19 Cyber Leaders to Follow on LinkedIn (and Why They Deserve Your Attention)

19 Cyber Leaders to Follow on LinkedIn (and Why They Deserve Your Attention)

Cut through LinkedIn noise with 20 security leaders sharing real-world insights. From malware analysis to AppSec to vulnerability intel—voices that help you do better work.
Eamon Carroll
|
min read
February 5, 2026
Insights
See TODAY’S CVE TRENDS

Our latest research

more research
Secrets in your Bundle(.js) - The Gift Attackers Always Wanted

Secrets in your Bundle(.js) - The Gift Attackers Always Wanted

Our scan of 5M apps uncovered 42k+ tokens in JavaScript bundles, from code repo tokens to project management API keys. Learn why traditional scanners miss them, and how Intruder’s new secrets detection method catches what others can’t.
Benjamin Marr
December 11, 2025
AI Vibe Coding: When Convenience Turns Into a Security Liability

AI Vibe Coding: When Convenience Turns Into a Security Liability

When we used AI to help code a honeypot, it introduced a vulnerability of its own. What transpired was a fascinating, if uncomfortable, lesson in AI complacency - how easily trust in automation can make us miss what’s right in front of us. We share what we learned and what it means for anyone using AI to code.
Sam Pizzey
December 2, 2025
How We’re Using AI to Write Vulnerability Checks (and Where It Falls Short)

How We’re Using AI to Write Vulnerability Checks (and Where It Falls Short)

Intruder’s security team is experimenting with agentic AI to accelerate vulnerability checks. Discover what’s working, what isn’t, and why AI isn’t the silver bullet it’s made out to be.
Benjamin Marr
September 11, 2025

Cyber explainers

more guides
AWS Cloud Security Explained: What’s Left Exposed?

AWS Cloud Security Explained: What’s Left Exposed?

Think AWS has your security covered? Not entirely. This blog breaks down what AWS doesn’t secure, real-world risks you’re responsible for, and key actions you can take.
Daniel Andrew
March 20, 2025
Cloud security
AWS Security Services: What They Do and Don’t Do

AWS Security Services: What They Do and Don’t Do

AWS security services help protect your cloud, but they don’t secure everything. See what’s missing and how Intruder goes further to simplify cloud security.
Daniel Andrew
March 6, 2025
Cloud security
Azure Cloud Security: The Critical Vulnerabilities You’re Responsible For

Azure Cloud Security: The Critical Vulnerabilities You’re Responsible For

Avoid costly cloud mistakes. Learn which Azure vulnerabilities you’re responsible for - and how Intruder helps you fix them fast.
Daniel Andrew
June 17, 2025
Cloud security
The State of Exposure Management in 2025
Insights from 3,000+ companies
get the report
Clear all filters
Announcing Changes to our Essential plan

Announcing Changes to our Essential plan

To ensure our product keeps pace and remains relevant for our customers and their requirements, we’re always asking for feedback to learn...
|
min read
September 28, 2021
|
min read
Product
Interview With Chris Wallis, the Founder & CEO of Intruder

Interview With Chris Wallis, the Founder & CEO of Intruder

Safety Detectives: What motivated you to start Intruder? Chris Wallis: I was working in a finance organization when a new vulnerability...
|
min read
March 23, 2021
|
min read
In the News
9 minutes to breach: the life expectancy of an unsecured MongoDB honeypot

9 minutes to breach: the life expectancy of an unsecured MongoDB honeypot

Our research shows that Mongo databases are subject to continual attacks when exposed to the internet. Attacks are carried out ...
Daniel Andrew
|
min read
July 7, 2020
|
min read
Vulnerabilities and Threats
SMBGhost: Strange SMB Vulnerability Disclosures and Wannacry 2.0?

SMBGhost: Strange SMB Vulnerability Disclosures and Wannacry 2.0?

A new critical vulnerability in affecting Windows systems came to light on Tuesday, affecting SMB services used by the latest versions of...
Daniel Andrew
|
min read
March 12, 2020
|
min read
Vulnerabilities and Threats
User Enumeration in Microsoft Products: An Incident Waiting to Happen?

User Enumeration in Microsoft Products: An Incident Waiting to Happen?

Intruder’s latest research reveals that up to 13,000 organisations are affected by little-known user enumeration flaws in a range of…
Daniel Andrew
|
min read
September 26, 2019
|
min read
Vulnerabilities and Threats
Critical RDP Flaw Leaves up to 2.3 Million Servers Exposed (CVE-2019–0708)

Critical RDP Flaw Leaves up to 2.3 Million Servers Exposed (CVE-2019–0708)

Yesterday (May 14th 2019), Microsoft published a security advisory bulletin for a critical vulnerability in its remote login service…
Daniel Andrew
|
min read
May 15, 2019
|
min read
Vulnerabilities and Threats
How to secure the Kubernetes API behind a VPN

How to secure the Kubernetes API behind a VPN

Earlier this week, the first major vulnerability (CVE-2018–1002105) was discovered in Kubernetes, the container management platform taking…
Lefteris Nikoltsios
|
min read
December 7, 2018
|
min read
Insights
Cyber security: 7 top tips for SMEs

Cyber security: 7 top tips for SMEs

With news headlines focused on security breaches in large organisations, it would be easy for small to medium enterprises (SMEs) to…
Chris Wallis
|
min read
November 27, 2018
|
min read
Insights
Hacking The Entire Internet Just Got Easier

Hacking The Entire Internet Just Got Easier

The recent release of the new hacking tool ‘AutoSploit’ marks the dawn of a new era for unskilled attackers. It provides a fully-automated…
Daniel Andrew
|
min read
March 5, 2018
|
min read
Insights
How serious are the Intel / Meltdown / Spectre flaws?

How serious are the Intel / Meltdown / Spectre flaws?

We’re only a few days into 2018, and already we have a cyber-security panic on our hands. Predictions about the year ahead being full of...
Chris Wallis
|
min read
January 5, 2018
|
min read
Insights
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Sign up for your free 14-day trial

Start today