Buying an exposure management solution should be simple - there should be as few hurdles as possible in your way to getting better security. For years, we've made it quick and easy to purchase Intruder directly through our portal so that you can set up and scan your entire attack surface. However, on occasion we've found that users have struggled with budget issues, often having budget tied to other expenses like their AWS cloud infrastructure.

As part of our commitment to making the process as simple as possible, we've now listed Intruder on AWS marketplace. This means you'll be able to pay directly through AWS using pre-existing budget.

We've made a number of possible license combination options available, allowing flexibility in choosing the right package for you. If you notice that your specific option is not available, please feel free to reach out to our support team and let us know.

It's an often said phrase - you can't protect what you don't know about. This is why over the recent years, we've focused on adding discovery methods to our products, enabling you to discover more of your known unknowns, and secure your attack surface.

In 2023 we released Version 1 of our API detection, focused initially on discovering APIs which exist in your AWS environment. By identifying which of your targets have an API, you can then add an API schema to the target to enable us to scan it more effectively and find more vulnerabilities.

With this release, we've now expanded API detection to . This will appear in the exact same way as it has previously, indicating APIs on the targets page, and on the API section within target details.

If you'd like to discuss this feature, or our wider attack surface management feature suite, feel free to book some time with our product team!

One of our core principles at Intruder has always been building a simple to use product, especially compared to many other cybersecurity products which can often feel intimidating. It's why we invested heavily in a top tier product design team, and why we regularly roll out updates to our UI/UX. However, there's only so much you can do without flooding the UI with additional educational content and text.

To try to overcome this barrier, and to seize the opportunities that AI has afforded us, we've now released a new AI assistant onto portal - Greg.

You can ask Greg anything you'd like, but here are some examples of how he can help:

This is a beta feature - and we'd love your feedback! You can give feedback directly through Greg, or you can book some time to chat to our Product team here.

As part of the launch of Cloud Security, we've implemented a new Cloud plan to expand our commercial offering. Sitting between Essential and Pro, this new plan is our entry point to Cloud Security at Intruder, while having a similar feature suite to Pro.

You can see the full breakdown of the differences between the plans on our pricing page here.

We’ve just launched Cloud Security for AWS. Cloud Security is our agentless exposure detection feature for AWS. It allows anyone with an AWS account on our Pro and Premium plans to continuously find and fix misconfigurations, insecure permissions, exposed secrets, and other vulnerabilities in their AWS accounts and organizations before attackers can exploit them. So you can stop incidents before they start.

Cloud Security uses our existing AWS integrations, so there is no need to install any agents. If you already have an AWS integration with Intruder you will need to update permissions to take advantage of the new functionality. You can enable it in under 5 minutes and start receiving insights immediately.

With the increasing number of attacks on cloud environments, and a constant stream of headline incidents, it is more important than ever for organizations to have a comprehensive security solution in place. Cloud Security expands the coverage that Intruder provides to help you protect your critical assets.

As soon as you enable Cloud Security scans we'll kick-off a scan against your account, and you'll receive your results on your issues page, which you can filter to just display cloud account issues.

Previously we only supported finding open ports/services and vulnerabilities on assets that are exposed to the internet in your AWS accounts. The new functionality we've released allows you to find misconfigurations and weaknesses in the AWS account itself. We use the AWS APIs to find weaknesses in things like:

Other companies would refer to this as Cloud Security Posture Management (CSPM) but when combined with our continuous asset discovery and active scanning we're calling it Cloud Security.

Managing a cyber security programme is time consuming, with the amount of manual tasks seemingly continuously increasing. One task we noticed our users were handling was logging into the Intruder portal to monitor any unwanted changes in their attack surface by painstakingly reviewing the attack surface page.

To help improve this experience, we've implemented custom attack surface alerts. This feature will enable you to write rules on what matters for you and your team, with an alert being emailed to you if the rule is ever met. For example, you could set up an alert for 'Unwanted opened ports' and have it apply to all targets, with a list of ports applied. If any of your targets are found to have one of those ports open, you and your team will be notified by email.

If you’d like to discuss this feature with a member of the product team, or give some feedback, you can do so here.

Intruder's cyber hygiene score has been a core feature of the portal for years, allowing you to quickly identify whether your team was remediating vulnerabilities within a reasonable timeframe. However, the way this was configured was tied to set of goals preset by Intruder, meaning that you had to fix your critical issues within 7 days, your highs within 30 days, and so on. These goals are based off industry best standards, and we strongly believe in them (honestly, we think everyone should be fixing critical issues quicker than 7 days but we wanted to be reasonable).

Over time we've had many customers request the ability to customise their cyber hygiene goals, perhaps to be a bit more lenient for a smaller team, or stricter for larger teams. With today's release, you can now head to the team settings page and update your goals easily.

If you’d like to discuss this feature with a member of the product team, or give some feedback, you can do so here.

Earlier this year we implemented a new feature which would alert you when your web application firewall (WAF) was blocking our scanners from effectively scanning your targets. While this was great for alerting you to improve the WAF configuration, the target's WAF status was not maintained or kept visible over time.

With this release, we've expanded on this feature to now update the attack surface view to include the WAF status of your targets. This will show whether there is a WAF present, and where possible the WAF provider.

This enhancement to the attack surface view will allow you to:

We've spent a significant amount of time over the past year building up new discovery features to help you keep on top of your ever changing attack surface. As we added new discovery methods, we heard from customers that they needed a quick way of seeing everything in one place.

With this release, we've updated our Discovery page to have new areas for immediate access to:

This is in combination with dedicated pages for these features, showing the history of login pages and APIs that we have detected for you, and whether they have been acted upon yet.

If you’d like to discuss this feature with a member of the product team, or give some feedback, you can do so here.

At Intruder one of our key principles has always been removing distractions and allowing our customers to focus on the things that matter most - much like the way we filter out informational findings as 'Noise', so you're not flooded with vulnerabilities that don't present a security risk.

However, feedback from customers has often been that our scan email can feel a little 'noisy'. Previously, you only had the option to either receive emails when a vulnerability scan completed or not.

With this update, we've changed our scan emails to be more granular. This means you can choose to only receive emails about scans that detect your specified severity level and above. For example, in the below image I have chosen to only receive alerts when a scan completes and detects a high severity issue or above. This is a user specific setting, so you can change your preference without impacting other members of your team.

If you’d like to discuss this update with a member of the product team, or give some feedback, you can do so here.