Skip to main content
All CollectionsPlans, features and licensing
Which service is right for me?
Which service is right for me?

Not sure if you need an automated tool, managed service or manual assessment? Then this article should help.

Updated over 2 months ago

Essential plan

Those most suited to our Essential plan would be early-stage start-ups or SMEs with a limited internet footprint and those that rely mostly on open-source software and devices.


Scanning engine

This plan is powered by OpenVAS - the world's most popular open-source scanning engine used globally by both the public and private sector.

Number of checks
>18,000 external checks

Type of checks

  • Common infrastructure weaknesses

  • Unintentionally exposed systems

  • Information leakage

  • Misconfigurations & common mistakes

  • Remote vulnerable software and missing patches

Features

  • Unlimited users

  • One editable scheduled scan per month

  • Unlimited number of ad-hoc scans

  • Smart Recon (which tells you exactly how many of your systems are active and require a license to scan them – after all, there’s no point in scanning targets that aren’t exposed to the internet).


Pro plan

This plan is suitable to those that host their own servers; run enterprise solutions (Exchange, VPN endpoints etc); or have a need to cover internal systems that aren’t exposed to the internet.


Scanning engine
This plan is powered by Tenable Nessus – a commercial-grade scanning engine, used by large organisations and international Government bodies.

Number of checks

>141,000 external checks

>14,000 internal checks

Type of checks

  • Common infrastructure weaknesses

  • Unintentionally exposed systems

  • Information leakage

  • Misconfigurations & common mistakes

  • Remote vulnerable software and missing patches

  • Local misconfigurations & common mistakes

  • Vulnerable software packages & missing patches

Features


Premium plan

This plan is geared towards young companies scaling quickly, with a large attack surface or cloud infrastructure where there is a need for continuous monitoring and a desire for supplementary support.

Scanning engine

This plan is powered by Tenable Nessus – a commercial-grade scanning engine, used by large organisations and international Government bodies –  and Nuclei, an open-source vulnerability scanning engine popular with bug bounty hunters, penetration testers and researchers researchers looking to produce repeatable checks for serious weaknesses.

Number of checks

>141,000 external Tenable checks

>28,000 external Nuclei checks (~21,500 are custom checks written by Intruder)

>14,000 internal Tenable checks

Type of checks

  • Common infrastructure weaknesses

  • Unintentionally exposed systems

  • Information leakage

  • Misconfigurations & common mistakes (including the identification of admin panels and default logins)

  • Remote vulnerable software and missing patches

  • Out-of-band vulnerabilities

  • Local misconfigurations & common mistakes

  • Vulnerable software packages & missing patches

Features

  • Two scanners: Tenable and Nuclei

  • Unlimited users

  • Advanced scan setting (Throttle Scan Speed and Web ports only)

  • Unlimited scheduled and on-demand scanning

  • Smart recon (so you'll always know what's needs a license and what doesn't)

  • Continuous network scanning’ and Network View so you can keep track of what's exposed to the internet.

  • Asset discovery: Subdomain discovery, cloud account detection

  • Various integrations including:

  • Rapid Response – which takes proactive scanning one step further. The latter means that before checks are even released, Intruder has scanned users’ networks and issued advisories with details and recommendations.

Bolt-ons (purchased separately)


Vanguard plan

This plan is a hybrid vulnerability management solution with our continuous penetration testing capability, most suited to those that would benefit from a team of security professionals dedicated to proactively identifying weaknesses in their assets.

Scanning engine / manual penetration testers

This plan is powered by Tenable Nessus – a commercial-grade scanning engine, used by large organisations and international Government bodies and Nuclei, an open-source vulnerability scanning engine popular with bug bounty hunters, penetration testers and researchers looking to produce repeatable checks for serious weaknesses.

Number of checks

>141,000 external Tenable checks

>28,000 external Nuclei checks (~21,500 are custom checks written by Intruder)

>14,000 internal Tenable checks

Type of checks

  • Common infrastructure weaknesses

  • Unintentionally exposed systems

  • Information leakage

  • Misconfigurations & common mistakes (including the identification of admin panels and default logins)

  • Remote vulnerable software and missing patches

  • Out-of-band vulnerabilities

  • Local misconfigurations & common mistakes

  • Vulnerable software packages & missing patches

Complementary manual efforts

  • The chaining of vulnerabilities (where appropriate)

  • Investigation of false positives and their removal from scan results

  • Impact review: if the scanner flags something that looks interesting, the team will manually investigate further to see if it can be exploited

  • Contextualisation of issues as they relate to your business

  • Vanguard advisories (when applicable): emails that inform you of any additional weaknesses that the team have uncovered during their investigations

Features

Bolt-on (purchased separately):


Web-application scanning (via Application License)

This feature expands the scanning capabilities and would be especially valuable to:

  • Anyone with a complex/custom web-app and an API schema that want to ensure all of their endpoints are found and scanned for vulnerabilities.

  • Anyone managing a web-app with a login page – the functionality available to authenticated users is often much more sensitive and would pose a greater risk if exploited by a malicious authenticated user.

  • Developers/managers seeking reassurance that any updates they’re releasing are free of vulnerabilities.

  • Anyone needing to satisfy a client or compliance requirement for authenticated web-app scanning.

Scanning engine

Web-application scanning is powered by Owasp ZAP.

Number of checks

~100 zap web-application checks
+ relevant external checks

Type of checks

  • OS command injection

  • Cross-site scripting (XSS); persistent/stored, reflected and DOM-based XSS

  • SQL injection; against multiple types of databases

  • NoSQL injection; specifically against MongoDB

  • LDAP injection

  • XPath injection

  • Server-side includes

  • Server-side code injection

  • Java serialisation weaknesses

  • Buffer and integer overflows

Features

  • Enhanced web-application checks

  • Login form detection

  • API detection

  • WAF interference detection

**For more information, have a read of Web-app scanning with Intruder.


Manual penetration testing (via bespoke arrangement)

Our manual pen-test service can include the automated checks mentioned above, but its value is owed to the professional conducting the test. Not only are they able to expose weaknesses that could go otherwise undetected by a machine, they are responsible for exploiting them as a way to gauge the threat they pose.

Some of the differences that a pen-test can provide:

  • Identification of publicly accessible files that may contain sensitive company information (only decipherable by the human eye)

  • Identification of multiple lower risk vulnerabilities that, in the context of the organisation, could be dangerous if combined

  • Exploitation of credentials (dictionary attacks; breached credential stuffing; authenticated scanning and brute-force)

The service also includes a re-test so that customers have the opportunity to execute any recommended remediation before they are issued a final bill of health.


Given that this assessment is bespoke, penetration tests are scoped on a case by case basis. If you would like further information or to enquire about pricing, then please reach out via the chatbot.


So what should I choose?

If you're still unsure as to what service you need then perhaps it's worth booking a call with a member of the team?

Did this answer your question?