If you're worried about our scanning bringing a system offline, or causing heavy traffic to a production system, rest assured that Intruder's scanning engine is configured to be safe to use, even when scanning production systems

Intruder's scanning engines are designed to be safe. This means that our checks confirm vulnerabilities in ways which cause no downtime, and do not cause unintentional damage.

Some web vulnerabilities do require a thorough set of tests to confirm, and so you may see high traffic on websites you're scanning. However, modern and well-resourced web servers shouldn't have any trouble dealing with this volume.

Certain types of denial of service (DoS) vulnerabilities, including distributed attacks (DDoS) are not part of Intruder's vulnerability scanning offering. Checking for denial of service (DoS) vulnerabilities often involves sending overwhelming amounts of traffic to systems, and so Intruder does not perform these types of checks.

If you ever need to cancel a scan, just use the control panel on the scans page:

If you know of any significant resource constraints on certain systems you'd like to scan; or reasons why your system may not respond well to a peak in traffic, Intruder offers a throttled scan setting which can be used to scan systems at a slower speed. This should not normally be required, but may be helpful when scanning certain problematic hosts:

If you have any further questions around how Intruder's scans might affect your systems, please contact us in the in-app chat box.

Did this answer your question?