Cloud Vulnerability Scanning for AWS, Google Cloud and Azure

Q: Do you offer cloud penetration testing services?

Yes, we do! We have a team of certified security experts who can perform penetration testing of your cloud systems or help you manage your vulnerability scanning and identify more complex security issues on an ongoing basis as part of our Verified service .

Intruder is a modern vulnerability scanner, designed from day one to work seamlessly with the three major cloud providers, AWS, GCP, and Azure. Our cloud integrations make securing your cloud systems a breeze.

Unlike some cloud-only vulnerability scanners though, Intruder is able to seamlessly monitor your traditional edge networks, web applications, and internal environments too, for an all-in-one effortless vulnerability management experience.
‍

Automatic IP and DNS tracking

One of the biggest problems in vulnerability management is tracking what assets you have, what’s in use, and what isn’t. You can’t secure it if you don’t know it’s there!

Cloud platforms can make this problem even worse, as it's now so easy to spin up new VMs and containers in AWS, Google Cloud or Azure, so keeping on top of any new systems that are exposed to the internet and ensuring they are monitored for weaknesses can be a challenge.

This is where Intruder’s CloudBot comes in. Activate it for your connected AWS, Google Cloud or Azure accounts and it will perform an hourly check for new IP addresses or hostnames.

In addition, our Cloud Connectors by default remove any IPs no longer in use, to prevent you scanning someone else’s infrastructure!

Visibility Across Regions, Accounts, and Platforms

In a perfect world, you’d only need one cloud account, and all your systems would be there. Unfortunately, in the real world, it’s common to have services split not just across multiple regions (in AWS), but across other cloud accounts, and often other cloud platforms too.

Intruder’s Cloud Connectors provide a single transparent view into the services and security exposures across all your cloud accounts, as well as any traditional environments.
‍

Developer-first Security

Security can no longer sit solely with cyber security teams. Many organizations don't have the resources to hire security experts, and those that do can't hope to keep track of all their developers' activity 24/7.

Intruder helps developers build secure products by integrating into their existing workflow, and continuously catching vulnerabilities as they're being introduced.

All Intruder's issues are clearly explained, making it usable and accessible for non-security experts, and cloud integrations allow monitoring development environments better than ever before.
‍

Integrations

Intruder comes with a range of integrations to make vulnerability management a breeze, by integrating with your technical environment even beyond the cloud.

• Slack: Keep an eye on your security exposure in real-time with Intruder’s Slack integration.
• Jira: Send security issues to Jira, for easy tracking of your security issues.
• Microsoft Teams: get notified about important events in the Intruder platform, such as when a scan completes or when we check you for the latest emerging threats.
• Zapier: Extend Intruder to 2,000+ other apps and move your info between web services automatically.
• REST API: Full automation of your vulnerability management process is possible with Intruder’s REST API, so you can automate common tasks such as running scans or reporting.

FAQ

Can I use Intruder to scan web applications behind the login?

Yes, you can carry out authenticated web application scans with Intruder. Perform thorough reviews of your modern web applications and websites, including single page applications (SPAs), to identify dangerous bugs which could have a severe business impact if not resolved. To learn more, visit our web application vulnerability scanner page.

What underlying scanner does intruder use?

Underneath the hood, Intruder uses industry-leading scanning engines, each running thousands of thorough security checks. Read more about it in our help article.

Do you offer cloud penetration testing services?

Yes, we do! We have a team of certified security professionals who can perform penetration testing of your cloud systems or help you manage your vulnerability scanning and identify more complex security issues on an ongoing basis as part of our Vanguard solution.

How do I know if I am choosing the right vulnerability scanner?

With so many different products on the market choosing the right vulnerability scanner can be a difficult undertaking! To begin with, if the software that you’re considering offers a free trial, we recommend scanning a known vulnerable system such as testphp.vulnweb.com, to see the spectrum of results that the scanner comes back with and quality of the checks. Of course, there are other important areas to consider when choosing the right scanner for your business, such as the scanner’s reporting capabilities and features, which we dive more deeply into in our guide to vulnerability scanning.