AI pentesting: the depth of a pentest, on-demand

AI pentesting: the depth of a pentest, on-demand

AI pentesting validates scanner findings in minutes, confirming real risks, ruling out false positives, and uncovering true impact. Now available in Intruder.
Eamon Carroll
|
min read
April 30, 2026
|
min read
Introducing container image scanning: no agents, no blind spots

Introducing container image scanning: no agents, no blind spots

Agentless container image scanning. Automatically discover and continuously scan your container images across AWS, Azure, and Google Cloud. No agents, no blind spots.
Eamon Carroll
|
min read
April 9, 2026
The cloud isn't secure by default: what containers changed about risk

The cloud isn't secure by default: what containers changed about risk

Containers made it easier to ship fast — and easier to ship risk. Intruder's VP of Product breaks down where container risk comes from across the full security lifecycle, and what
Charlie Yianni
|
min read
March 24, 2026
Overconfident and under resourced: navigating the midmarket security gap

Overconfident and under resourced: navigating the midmarket security gap

Too complex for SMB tools, too lean for enterprise stacks — midmarket security teams are stuck in the middle. The Security Middle Child report reveals how bad the gap really is.
Olya Osiagina
|
min read
March 23, 2026
2026 ASM Index: the most common attack surface exposures

2026 ASM Index: the most common attack surface exposures

We analyzed 3,000 attack surfaces to find out how widespread exposure is, what organizations are exposing, and how long it takes to remove it.
Charlie Yianni
|
min read
May 12, 2026
45 midmarket cybersecurity stats on growth, tools, and risk

45 midmarket cybersecurity stats on growth, tools, and risk

45 midmarket cybersecurity stats from a survey of 500 senior security leaders across the US and UK on budgets, tools, team strain, and the gaps in between.
Eamon Carroll
|
min read
May 7, 2026
The state of the cybersecurity stack in 2026

The state of the cybersecurity stack in 2026

What does the midmarket cybersecurity stack actually look like in 2026? We surveyed 500 security leaders to find out, here's what they're running.
Eamon Carroll
|
min read
May 5, 2026
See TODAY’S CVE TRENDS

Our latest research

more research
From enterprise chatbots to gooner caves: exposed AI infrastructure is rampant

From enterprise chatbots to gooner caves: exposed AI infrastructure is rampant

We scanned 1 million AI services and found widespread misconfigurations, exposed credentials, and unauthenticated APIs. AI infrastructure security is falling dangerously behind.
Benjamin Marr
March 27, 2026
Secrets in your Bundle(.js) - The Gift Attackers Always Wanted

Secrets in your Bundle(.js) - The Gift Attackers Always Wanted

Our scan of 5M apps uncovered 42k+ tokens in JavaScript bundles, from code repo tokens to project management API keys. Learn why traditional scanners miss them, and how Intruder’s new secrets detection method catches what others can’t.
Benjamin Marr
December 11, 2025
AI Vibe Coding: When Convenience Turns Into a Security Liability

AI Vibe Coding: When Convenience Turns Into a Security Liability

When we used AI to help code a honeypot, it introduced a vulnerability of its own. What transpired was a fascinating, if uncomfortable, lesson in AI complacency - how easily trust in automation can make us miss what’s right in front of us. We share what we learned and what it means for anyone using AI to code.
Sam Pizzey
December 2, 2025

Our reports

more reports
2026 ASM Index: the most common attack surface exposures

2026 ASM Index: the most common attack surface exposures

We analyzed 3,000 attack surfaces to find out how widespread exposure is, what organizations are exposing, and how long it takes to remove it.
Charlie Yianni
May 12, 2026
Overconfident and under resourced: navigating the midmarket security gap

Overconfident and under resourced: navigating the midmarket security gap

Too complex for SMB tools, too lean for enterprise stacks — midmarket security teams are stuck in the middle. The Security Middle Child report reveals how bad the gap really is.
Olya Osiagina
March 23, 2026
The Security Middle Child
How midmarket security teams are managing growth, complexity, and risk
get the report

Cyber explainers

more guides
9 best DevSecOps tools for 2026

9 best DevSecOps tools for 2026

DevSecOps tools help identify security vulnerabilities early in your development process. Explore our list of the best tools for 2025.
Christian Gonzalez
November 29, 2023
AWS Cloud Security Explained: What’s Left Exposed?

AWS Cloud Security Explained: What’s Left Exposed?

Think AWS has your security covered? Not entirely. This blog breaks down what AWS doesn’t secure, real-world risks you’re responsible for, and key actions you can take.
Daniel Andrew
March 20, 2025
AWS Security Services: What They Do and Don’t Do

AWS Security Services: What They Do and Don’t Do

AWS security services help protect your cloud, but they don’t secure everything. See what’s missing and how Intruder goes further to simplify cloud security.
Daniel Andrew
March 6, 2025

Product news

more releases
AI pentesting: the depth of a pentest, on-demand

AI pentesting: the depth of a pentest, on-demand

AI pentesting validates scanner findings in minutes, confirming real risks, ruling out false positives, and uncovering true impact. Now available in Intruder.
Eamon Carroll
April 30, 2026
The Vulnerabulletin Issue #6

The Vulnerabulletin Issue #6

Issue 6 of our monthly newsletter, packed with research, industry news and Intruder updates.
Dann Moore
April 16, 2026
The Vulnerabulletin Issue #5

The Vulnerabulletin Issue #5

Issue 5 of our monthly newsletter, packed with research, industry news and Intruder updates.
Dann Moore
March 18, 2026
Clear all filters
Registry vs. runtime: where to scan your container images

Registry vs. runtime: where to scan your container images

Container image scanning should happen at the registry level, not at runtime inside clusters. Centralized registry scanning gives teams full visibility, reduces operational overhea
Manuel Morejon
|
min read
March 19, 2026
|
min read
Cloud security
Vulnerability management
The Vulnerabulletin Issue #5

The Vulnerabulletin Issue #5

Issue 5 of our monthly newsletter, packed with research, industry news and Intruder updates.
Dann Moore
|
min read
March 18, 2026
|
min read
In the News
Insights
Product
Why attack surface reduction is your first line of defense

Why attack surface reduction is your first line of defense

Proactive attack surface reduction is about reducing unnecessary internet exposure before it becomes a problem.
Daniel Andrew
|
min read
March 3, 2026
|
min read
Attack surface management
Guides
EPSS vs. CVSS: what’s the best approach to vulnerability prioritization?

EPSS vs. CVSS: what’s the best approach to vulnerability prioritization?

Learn all about the Exploit Prediction Scoring System (EPSS), how it compares to CVSS and why it's a game changer for your vulnerability prioritization process.
Chris Wallis
|
min read
February 19, 2026
|
min read
Attack surface management
Vulnerability management
Guides
The Vulnerabulletin Issue #4

The Vulnerabulletin Issue #4

Issue 4 of our monthly newsletter, packed with research, industry news and Intruder updates.
Dann Moore
|
min read
February 18, 2026
|
min read
In the News
Insights
Product
Beyond Compliance: What Actually Builds Customer Trust

Beyond Compliance: What Actually Builds Customer Trust

Compliance frameworks help you pass an audit; continuous compliance helps you keep customer confidence.
Ashley Hyman
|
min read
February 18, 2026
|
min read
Compliance
Guides
Building a Secure Container Registry Strategy

Building a Secure Container Registry Strategy

Container registries are a critical attack surface. Learn how to secure them and how Intruder automates image discovery and scanning.
Manuel Morejon
|
min read
February 9, 2026
|
min read
Cloud security
Guides
19 Cyber Leaders to Follow on LinkedIn (and Why They Deserve Your Attention)

19 Cyber Leaders to Follow on LinkedIn (and Why They Deserve Your Attention)

Cut through LinkedIn noise with 20 security leaders sharing real-world insights. From malware analysis to AppSec to vulnerability intel—voices that help you do better work.
Eamon Carroll
|
min read
February 5, 2026
|
min read
Insights
Ghost CVEs: The Vulnerabilities You Don't Know About (Yet)

Ghost CVEs: The Vulnerabilities You Don't Know About (Yet)

Ghost CVEs are vulnerabilities disclosed in GitHub and advisories before hitting NVD. Tracking them lets us patch threats days faster than teams waiting for official databases.
Daniel Andrew
|
min read
February 3, 2026
|
min read
Vulnerabilities and Threats
Ivanti EPMM: Another Day, Another Pre-Auth RCE (CVE-2026-1281 & CVE-2026-1340)

Ivanti EPMM: Another Day, Another Pre-Auth RCE (CVE-2026-1281 & CVE-2026-1340)

Critical RCE vulnerabilities (CVE-2026-1281 & CVE-2026-1340) have been discovered in Ivanti EPMM
Daniel Andrew
|
min read
January 30, 2026
|
min read
Vulnerabilities and Threats
Insights
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Sign up for your free 14-day trial

Start today