After securing any systems facing the internet with our External Vulnerability Scanner, your internal systems become the next most important priority. Intruder’s Internal Vulnerability Scans further protect your organization against more advanced hacker attacks.

Why Is Internal Vulnerability Scanning Important?

While your external network is the easiest to access for hackers, and available for attack 24/7, your internal systems can also be reached with a little extra effort. For example by an email containing a malicious attachment, or link to a web page that exploits known unpatched software on an employee’s device. Similarly, unpatched software or the lack of hardening of internal systems can help an attacker move around internal systems once they’ve gained an initial foothold.

Having a well patched and hardened internal environment will help you avoid this next level of attack, and can be important for compliance with many security standards, or customer security questionnaires. It also helps further protect perimeter systems, by providing next-level information that can’t be gained from the outside.

Enterprise-grade Scanning Engine

When it comes to internal vulnerability scanning, cheap certainly does not mean cheerful. With new vulnerabilities being discovered every day, it’s important to use the highest quality scanner you can find, as saving money here may cost you more in the long run.

Intruder uses an industry leading scanning engine that’s used by banks and governments all over the world. With over 67,000 local checks available for historic vulnerabilities, and new ones being added on a regular basis. You can be confident that while it’s very simple to use, Intruder provides market leading internal security scans.

Automates Your Internal Penetration Testing

Modern attackers don’t wait to act and usually execute their attacks within weeks of new vulnerabilities being discovered. In fact, around 20 new vulnerabilities are discovered every day, many of which are in technologies which sit on your perimeter systems – exposed to the internet.

While some companies choose to have an annual internal penetration test, Intruder’s internal vulnerability scanner allows you to eliminate threats to your business, by discovering security holes in your systems automatically, as soon as new vulnerabilities are released.

What Does It Check For?

Internal scans check for similar types of issues as our external scans, but can do so from a trusted position on the device, gathering even more data to help secure your systems.

• Common mistakes & configuration weaknesses

Even the most secure software can often be configured in an insecure way. Simple mistakes such as leaving default passwords, not enabling encryption or other security settings.

Intruder has thousands of checks for these kinds of mistakes, making sure all your business sensitive systems are hardened as much as they need to be.

• Missing patches
Patch management is a fundamental part of keeping your digital estate secure, as missing patches can quickly be detected and exploited by attackers.

Intruder’s internal security scans can detect insecure versions of many thousands of software components and frameworks, from web servers to operating systems and network devices.

• Encryption weaknesses
It is common to find that services which are capable of secure encryption, have either not been configured, or mistakenly configured to be less secure.

Intruder has checks for all the latest known encryption weaknesses, some of which include: Heartbleed, SSL/TLS weaknesses, and VPN encryption weaknesses.


As a SaaS product, Intruder’s internal vulnerability scanner works seamlessly with your technical environment. There’s no need for lengthy installations or complex configuration, and comes with a range of integrations to make vulnerability management a breeze:

• Slack: Keep an eye on your security exposure in real-time with Intruder’s Slack integration.
• Jira: Send security issues to Jira, for easy tracking of your security issues.
• Microsoft Teams: Get notified about important events in the Intruder platform, such as when a scan completes or when we check you for the latest emerging threats.
• Zapier: Extend Intruder to 2,000+ other apps and move your info between web services automatically.
• REST API: Full automation of your vulnerability management process is possible with Intruder’s REST API, so you can integrate Intruder with your development and deployment cycles seamlessly.

What our customers say

"I have used multiple vulnerability scanning tools in the past. Most of them were single-purpose and had a lot of extraneous output that took a long time to configure to get what we needed. With Intruder, I got relevant, actionable results the very first time I scanned, and it's a one-stop shop. I don't have to set up a patchwork of different tools to get good coverage on vulnerability scanning." Read full review

Zach, Co-founder and CTO at Yembo.


What is the difference between external and internal vulnerability scanning?

External vulnerability scanning assesses your internet-facing infrastructure for known vulnerabilities that an attacker, who doesn’t have access to your organisation’s private networks, could exploit.  

On the flip side, internal vulnerability scanning is concerned with finding weaknesses on your private network, which is typically hidden behind a firewall and is only accessible by your employees or trusted partners.  

What systems can I scan with your internal scanner?

You can scan anything supporting Windows, Linux or MacOS operating systems. Our internal scanner uses an agent that you need to install onto each device that you wish to scan. You can read more about our internal scanning here.

Can I scan network devices with Intruder?

Our internal vulnerability scanner is agent-based and does not support the scanning of network devices such as routers and switches. Read our article to find out why we think agent-based scanning is the right approach for many modern organizations.

How much does Intruder’s internal vulnerability scanning cost?

The internal vulnerability scanning feature is available to our Pro & Vanguard subscribers. The price of internal vulnerability scanning is determined by the number of hosts/devices that you wish to scan, as each one is considered a separate target. Visit our pricing page to see how much it will cost for you to scan a set number of targets.

Can I add an Internal IP as a target?

No, it is not possible to add an internal IP as a target in the Intruder platform, instead, you need to install an agent onto each device that you wish to scan. It’s worth noting, the agent will only scan the device onto which it has been installed and nothing else.

Start your 14-day free trial

of Intruder's internal vulnerability scanner, to provide continuous protection for your perimeter systems today!

try for free