Intruder is a cloud-based vulnerability scanner that finds cyber security weaknesses in your most exposed systems, to avoid costly data breaches.
Ideally you should do both. That being said, the majority of data breaches are caused by hackers exploiting vulnerabilities that are visible from the Internet, so you want to make sure that your external systems are protected from the outset. External scanners are also able to detect multiple web-layer issues, so if you’re new to vulnerability scanning, they are often the best tools to start with.
We recommend conducting vulnerability scans at least monthly; however, your optimum scanning frequency will largely depend on the type of organization you’re tasked with securing, or the type of systems that you wish to scan. To get a better understanding of how frequently you should run your vulnerability scans, read our helpful guide.
The two services complement each other, so ideally you should do both. An experienced penetration tester can find issues that are not detectable by machines, for example, by chaining several minor weaknesses together to discover a hidden critical vulnerability. On the other hand, vulnerability scanners can help you automate your security checks and provide continuous protection in the periods between manual in-depth tests.
It’s important to point out though that penetration testers typically perform vulnerability scanning as part of their assessments, so if you’re just getting started and want to gain an overview of the state of your security, you will benefit from running a vulnerability scan first.
Yes, we do! At Intruder we have a team of certified expert security professionals who are skilled in many types of penetration testing services, including external network testing. Visit our penetration testing page to find out more.
Yes, it’s possible to use Intruder for internal network scanning. Our internal scanner is agent-based, so you’ll need to install a piece of software on each host you’re planning to scan, either Windows, Linux or MacOS. To learn more about it, please read our help article.
Yes, you can carry out authenticated web application scans using Intruder. This includes modern web apps and single page applications (SPAs), to learn more, visit our web application vulnerability scanner page.