So you've just signed up for the Intruder service, but what next? This guide is designed to help you get the most out our platform, and avoid any unexpected issues. So let's get going.

In case you're not familiar with what we do already, our service revolves around three key principles:

  • Simple: We want everything to be as simple as possible, we reduce noise and provide explanations of why the problems we identify could lead to a breach.

  • Proactive: When new vulnerabilities are discovered we will run proactive emerging threat scans on your systems, looking for those new weaknesses. Where you are affected we will notify you by email and Slack (Pro/Verified plans only).

  • Perimeter-specific: We've designed our platform to highlight issues that are only important in the context of being exposed to the internet. This includes things like databases, but there are also hundreds of other examples.

Add your targets 🎯

Manually add targets

Assuming you've already managed to log in, the first thing you'll want to do is tell us where your systems are. You can do that on the targets page. You can also keep your targets organised by adding tags.

Add from cloud providers

Connect your AWS, Google Cloud or Microsoft Azure accounts to synchronise your external IP addresses and DNS hostnames with the Intruder portal. We monitor your cloud accounts and notify you whenever a cloud IP address or DNS hostname is released, to ensure you never scan any systems that you no longer own. You can also activate CloudBot to automatically add any new external IP addresses or hostnames in your cloud accounts as Intruder targets.

Assessments 🕵️‍♂️

Scan timings

Scans can take anything from 15 minutes to a few hours, but if they're running any longer, you might want to check out this help article.

Cancel a scan

You can cancel a scan at any time from the dashboard.

Running new scans on demand

If you're on a Pro or Verified plan, you can also start a new scan whenever you want, by using the scan now feature.

What happens when scans finish

When any of your scans finish, you'll receive a notification, and can log in to view the results and download a report.

Monthly scheduled scans

We run monthly scheduled scans for all Intruder customers looking for the types of weaknesses that hackers could exploit. Your first scan is usually the day after you begin your subscription, and starts at midnight UTC timezone. If you're on a Pro or Verified plan, you can edit your scheduled scan day and time to whatever suits you best or create multiple scheduled scans on specific targets.

See all checks performed

Once your first scan has been completed, you can access and search the full list of checks we perform by clicking on any of the buttons in the checks section on your dashboard.

The Intruder portal 👾

Slack and Jira integrations 

Notify your team about security issues in Slack and push discovered vulnerabilities to Jira for remediation.

Snoozing issues 

When scanning your systems using automated vulnerability scanners, these scanning engines will sometimes identify issues that are false positives. Similarly, your business might be fine with accepting the risk on an issue, or not see it as a problem because you have added mitigating controls. You can remove such issues from your reports, by snoozing them. 

Other FAQs 🧐

Check out our help pages on what our scans test you for, what scanning engine we use, how to add additional users and how the licensing works.

How to contact us 👋

We're always available in the chat bubble in the corner, and we love feedback, so if you've got any questions, or ideas on how we could improve, please do get in touch!

Did this answer your question?