It’s easy to say continuous vulnerability scanning, but what does that actually translate to under the hood? Does that mean as soon as one scan finishes the next one starts? What about load-intensive website scans, how often do they run?
From day one Intruder was designed to be a continuous security monitoring platform, but we found our customers still wanted control over when their scans were happening. That’s why we allow customers to control their own scan schedule, and run
Emerging Threat Scans as soon as new vulnerabilities are discovered.
This provides our customers with unparalleled control over the load on their environments, as well as the benefits of continuous security monitoring.
On average, over 8,000 new vulnerabilities are discovered in common software and hardware platforms every year. That's over 20 every single day. In addition, developers and IT teams can often deploy new code or make changes on a daily basis. With attackers scanning the internet constantly looking for weaknesses that could allow them in, only a continuous scanning solution can hope to alert you in time.
Most companies don't have time to keep on top of all this, IT managers have a million other things to do, and even well resourced security teams can be kept busy with tracking remediation activity, providing management reports, responding to incidents, providing advice to the business, and all the other work that security teams do. That’s why Intruder focuses on providing all this with no noise, only actionable security issues.
Many companies today still rely on having an “annual penetration test”, but for the reasons above, this has quickly become impractical in recent years. Waiting a year to discover you’ve been exposed is not a good strategy for keeping out of the news headlines.
Penetration testers use vulnerability scanning tools to do their job, or a large part of it at least. So continuous vulnerability scanning is comparable to having continuous penetration testing all year round.
There are differences in the depth of testing, and types of issues that can be found between the two approaches though, so for anyone interested in reading more, we’ve written a longer article on the difference between
vulnerability scanning vs penetration testing.
You might want continuous security scans, but that doesn’t mean you want to constantly deal with a flood of alerts. The opposite in fact, you want it running in the background, but only to be alerted when something is really wrong.
That’s where Intruder really shines. Our focus on prioritizing only the most important issues filters out non-essential information, while promoting any context-specific weaknesses, like databases being left exposed to the internet. We also provide notifications on changes from one scan to the next, so you can see any differences immediately.
Intruder keeps you informed, but not overwhelmed.