So you've just signed up for the Intruder service, but what next? This guide is designed to help you get the most out our platform, and avoid any unexpected issues. So let's get going.

In case you're not familiar with what we do already, our service revolves around three key principles:

Assuming you've already managed to log in, the first thing you'll want to do is tell us where your systems are. Simply head to the targets page and add your external systems, either by entering the IP addresses/hostnames, or by uploading a CSV (comma-separated values) file; and add your internal systems by installing an agent onto each machine you wish to scan. You can kick off a scan direct from this screen, if you like?

You can also add API schemas and authentication to web applications that you wish to scan. Once you have added your web application as an external target, you can go to the Target Detail page for this target from the Targets tab.

From here, you can click on the Authentications tab and add your credentials to run authenticated scans against this target. You can also click on the APIs tab and add your API Schema to your target to scan this and also improve your scanning results.

Connect your AWS, Google Cloud or Microsoft Azure accounts to synchronise your external IP addresses and DNS hostnames with the Intruder portal. We monitor your cloud accounts and notify you whenever a cloud IP address or DNS hostname is released, to ensure you never scan any systems that you no longer own. You can also activate CloudBot to automatically add any new external IP addresses or hostnames in your cloud accounts as Intruder targets.

If you want to scan behind the login page, you'll need to add authentication to the target. Instructions on how to do that can be found in the Authentication User Guide.

You can keep your targets organised by adding tags.

Scans can take anything from 15 minutes to a few hours to a day or so for web app scans, but if they're running any longer, you might want to check out this help article.

You can cancel a scan at any time from the dashboard.

You can also start a new scan whenever you want, by using the scan now feature.

When any of your scans finish, you'll receive a notification, and can log in to view the results and download a report.

We run monthly scheduled scans for all Intruder customers looking for the types of weaknesses that hackers could exploit. Your first scan is usually the day after you begin your subscription, and starts at midnight (in your local timezone). You can edit your monthly scheduled scan day and time to whatever suits you best or, if you're on our Pro, Premium or Vanguard plan, create multiple scheduled scans to run against whatever tag(s) or target(s) you like.

Once your first scan has been completed, you can access and search the full list of external checks we perform by clicking on the checks section of your dashboard.

Notify your team about security issues in Slack and push discovered vulnerabilities to Jira for remediation.

When scanning your systems using automated vulnerability scanners, these scanning engines will sometimes identify issues that are false positives. Similarly, your business might be fine with accepting the risk on an issue, or not see it as a problem because you have added mitigating controls. You can remove such issues from your reports, by snoozing them. 

Check out our help pages on what our scans test you for, what scanning engine we use, how to add additional users and how the licensing works.

Our team are available Monday thru Friday, 9:30am - 5:30pm GMT via the chat bubble in the corner 👉 and we love feedback, so if you've got any questions or ideas on how we could improve, please do get in touch!