When prioritising vulnerabilities, it's important to know which ones are most likely to be exploited by an attacker.

So, we're adding additional context on the likelihood of exploitation to our issues, enabling you to prioritize the that present the to your business.

We've added more accurate & valuable vulnerability exploit information to aid your prioritisation efforts, namely:

With these changes, you'll be better equipped when identifying and prioritizing risk across your attack surface. Read about the changes in more detail here.

If you’d like to discuss this further with a member of the product team, or give some feedback, you can do so here.

We’ve just released the most requested integration for a security information and event management (SIEM) solution that we have received; Microsoft Sentinel.

By combining Intruder with Microsoft Sentinel you can more effectively detect, investigate and remediate risk that appears across your attack surface. Combined with our cloud sync and auto-scanning functionality, you’ll never miss a beat. When your attack surface changes - you’ll be informed of any risks immediately.

Enrich your Sentinel activities, alerts and automations, using vulnerability information from Intruder.

If you’d like to discuss this further with a member of the product team, or give some feedback, you can do so here.

Known unknowns are common in the realm of attack surface management. We're all aware that over time, new subdomains will have been made and forgotten about, perhaps for a short project or a temporary partnership. Once forgotten, they become impossible to keep secure and leave an exploitable gap in your attack surface.

With Intruder's new subdomain discovery feature, we'll be on the constant look out for new subdomains on your attack surface, and let you know what we’ve found so you can rapidly secure them.

If you’d like to discuss this further with a member of the product team, or give some feedback, you can do so here.

You can only secure as much of your attack surface as you're aware of - this is why we have recently been releasing features which have focused on discovering more of your unknown assets.

With the release of our new Cloudflare integration, we've added a new method of securing your attack surface and ensuring that you're scanning as much of your external facing assets as possible.

Read more here about how to set up your Cloudflare integration.

If you’d like to discuss this further with a member of the product team, or give some feedback, you can do so here.

In 2023, Intruder implemented the ability to create 'Read-only' users, as a first step of introducing role-based access control. Earlier this year, we followed that up by introducing 'Scan users', creating another additional role that would allow less of your team to be required to have admin access. However, creating new roles with limited feature access does not solve the problem of restricting access to specific sets of targets, an increasingly important priority for larger businesses.

With our latest release, customers on our Premium plan will now be able to restrict user access to the targets that are associated only to a tag or tags. This means users logging in with 'restricted access' will only see information (such as vulnerability details) linked to their associated targets.

You can read more about the details of what 'Restricted access' users can do on our Help Centre here.

We'd love to hear your feedback, or if you require a more specific role, you can always submit a new request here.

When adding targets to Intruder in the past, you may have seen a message. This can happen when a WAF/IDS (Intrusion Detection System) blocks us from fully scanning those targets. With today’s release, we’ve made it much easier to find targets affected by a WAF, so you can update them.

You'll be able to see if a target has a WAF issue:

When we detect a target with a WAF, we’ll notify you, showing which targets have been blocked. You’ll need to copy the IP range of our scanners in the ‘scan settings’ page and paste them into your WAF/IDS allowlist. For a detailed how-to guide, read our help article.

If you’d like to discuss this further with a member of the product team, or give some feedback, you can do so here.

As part of our focus on attack surface management for premium customers, we've added new search functionality that enables you to search across your external attack surface and find exposed ports & services before attackers can.

This means you can find potential exposures faster and mitigate the risk of exploitation.

To learn about this update in full, read our help article.

If you’d like to discuss this further with a member of the product team, or give some feedback, you can do so here.

In 2023 we implemented role-based access controls in Intruder, initially splitting users between Admin and Read-only users. While this was beneficial in allowing you to have users with minimal permissions on the platform, we understand that this was too limiting for your requirements for managing your targets.

As part of a larger release focused on building capabilities to support your attack surface, we've added a new role to Intruder called the 'Scan user'. This user can run and edit scans, and add & edit authentications or APIs. The user cannot do advanced administrative tasks such as adding or deleting targets, editing integrations, or changing your billing. You can learn more about user roles in Intruder on our Help Centre.

If there is another type of role that will help improve your experience with Intruder, please do let us know by submitting a request.

Our AWS integration just got even better! Now whenever you add a target from AWS (or when we pull one in automatically), we’ll analyze it to see if it’s an API. If it is, we’ll make it quick and easy for you to add a schema to it.

We want to give you the best results possible. Previously, users may have scanned targets from their AWS environment without adding an API schema, finding fewer issues than they would have with a schema added. By enabling you to easily add a schema to your API target, you get better coverage and find more issues.

For detailed information about this update, just reach out to us. Book some time to discuss it with a member of the Product team here. We look forward to hearing your feedback!

With today’s release, we have launched a new discovery feature, designed to help identify when your web apps require an authentication. We now scan targets in Intruder for the presence of a login page, and if we find one, give you the control to choose whether or not you want to add authentication to that target.

We now scan your targets for login pages that would benefit from having an authentication added. Adding an authentication allows us to scan behind the login page, run additional checks, find more issues, and ultimately ensure your web apps are more secure.

You don’t need to do anything, but if we notice a target that would benefit from having an authentication added, we’ll notify you in the portal.

For detailed information about this update, read this article. If you would like to book some time to discuss it with a member of the Product team, you can do so here. We look forward to hearing your feedback!