Network vulnerability scanners are so called because they scan your systems across the network. They do this by sending probes, initially looking for open ports and services, and then once the list of available services is discovered - further probing each service for more information, configuration weaknesses or known vulnerabilities.
The range of vulnerabilities that can be discovered with such an approach is vast, but commonly include: services configured with encryption weaknesses, unpatched software with known vulnerabilities, or services which shouldn't be exposed at all. Intruder's network vulnerability scanner can find up to 9,000 vulnerabilities, but is the only vulnerability scanner specifically designed to also reduce your internet-facing attack surface.
When it comes to network vulnerability scans, cheap certainly does not mean cheerful. With almost 20 new vulnerabilities being discovered every day, it’s important to use the highest quality scanner you can find, as saving money here may cost you more in the long run.
Intruder uses an industry leading scanning engine that’s used by banks and governments all over the world. With over 9,000 checks available for historic vulnerabilities, and new ones being added on a regular basis. You can be confident that while it’s very simple to use, Intruder provides market leading network security scans.
Some vulnerabilities can be more important depending on where they’re found. For example, finding a Windows SMB service on your internal network is not a vulnerability at all. Exposing one to the internet however, well that’s what led to the WannaCry ransomware spreading rapidly across the world.
There are many of these potential exposures, where traditional vulnerability scanning tools don’t differentiate between external or internal perspectives. Intruder prioritises visibility of these exposures in a way no other network scanning tool does, by prioritising exposures on your internet-facing systems.
Modern attackers don’t wait to act and usually execute their attacks within weeks of new vulnerabilities being discovered. In fact, around 20 new vulnerabilities are discovered every day, many of which are in technologies which sit on your perimeter systems – exposed to the internet.
While some companies choose to have an annual network penetration test, Intruder’s network vulnerability scanner allows you to eliminate threats to your business, by discovering security holes in your most exposed systems automatically, as soon as new vulnerabilities are released.
For those companies lucky enough to own a network range all to themselves, they know this is both useful, but can be hard to manage. You want to make sure your whole range is being covered, but licensing vast numbers of inactive IPs can be expensive.
That's why Intruder built "Smart Recon", a feature that allows you to monitor your external network ranges for active IPs, and only pay for those in use.
Vulnerability scanning can be like a black box at the best of times. You put your targets in, run a scan, and your results come out. But what has actually happened in-between? With so many vulnerabilities out there, it's impossible to list them all, but the following categories should give you an overview of the different types of weaknesses we can detect, and how we do it.
• Common mistakes & configuration weaknesses
Even the most secure software can often be configured in an insecure way. Simple mistakes such as leaving default passwords, not enabling encryption or other security settings.
Intruder has thousands of checks for these kinds of mistakes, making sure all your business sensitive systems are hardened as much as they need to be to survive the warzone that is the modern internet.
• Missing patches
Patch management is a fundamental part of keeping your digital estate secure, as missing patches can quickly be detected and exploited by attackers.
Intruder’s network security scans use both passive and active checks to detect the versions of thousands of software components, frameworks, and hardware devices, from web servers to operating systems and network devices. Passive checks use fingerprinting techniques to determine the software version in use, while active checks dynamically check for known exploits, where it is safe to do so.
• Application bugs
Web application bugs have been known about for decades, but still account for a large proportion of breaches.
The types of application weakness that Intruder checks for include SQL Injection
, Cross-Site Scripting
, XML Injection
, and many others which attackers can use to gain access to your systems and information, or to modify or cause damage.
• Encryption weaknesses
The internet relies heavily on encryption for providing secure services, without it for example there could be no online banking. Encryption isn't flawless though, and frequently weaknesses are discovered in algorithms previously thought secure. It is also common to find that services which are capable of secure encryption, have either not been configured, or mistakenly configured to be less secure.
Intruder has checks for all the latest known encryption weaknesses, some of which include: Heartbleed
, SSL/TLS weaknesses, and VPN encryption weaknesses.
As a SaaS product, Intruder’s network vulnerability scanner works seamlessly with your technical environment. There’s no need for lengthy installations or complex configuration, and comes with a range of integrations to make vulnerability management a breeze:
• Cloud integrations: Automatically manage your AWS, Azure and Google Cloud targets with ease, from within the Intruder platform.
• Slack: Keep an eye on your security exposure in real-time with Intruder’s Slack integration.
• Jira: Send security issues to Jira, for easy tracking of your security issues.
• REST API: Full automation of your vulnerability management process is possible with Intruder’s REST API, so you can integrate Intruder with your development and deployment cycles seamlessly.