Vulnerability scanning can be like a black box at the best of times. You put your targets in, run a scan, and your results come out. But what has actually happened in-between? For this reason one of the most common questions we get asked is, "what are you actually testing us for?"
With so many vulnerabilities out there, it's impossible to list them all, but this article should give you an understanding of the different types of weaknesses we can detect, and how we do it.
Common mistakes & configuration weaknesses
A lot of software out there is fairly secure. Just imagine if it wasn't - the internet would be an absolute car crash, with no security or trust anywhere. Despite that though, you'd be surprised how easy it is to take a piece of secure software or hardware (like a web server, or an office router), and through either lack of experience, or lack of time to do things properly, configure it in a way that leaves it open to attack.
Some of the most damaging breaches over the last few years have involved simple mistakes: such as leaving databases full of customer information exposed to the internet, or code repositories that include sensitive credentials.
Intruder has thousands of checks for these kinds of mistakes, and specifically tailors results to cater to systems facing the internet, making sure all your business sensitive systems are hardened as much as they need to be to survive the battlezone that is the modern internet.
Another major cause of breaches, and one that affects almost every company - patch management is a fundamental part of keeping your digital estate secure. The infamous Equifax breach was simply down to not applying patches in good enough time.
Intruder scans are able to detect the versions of thousands of software components, frameworks, and hardware devices. This is done either by what's known as "banner grabbing" where software reports its own version information, or by dynamic checks looking for certain behaviour, known as "fingerprinting".
A third classic cause of cyber security breaches - application bugs have been known about for decades, but still account for a large proportion of breaches. One type of application weakness (known as SQL Injection) was the cause of the famous Talk Talk breach.
The types of application weakness that Intruder checks for include SQL Injection, Cross-Site Scripting, XML Injection, and many others which attackers can use to gain access to your systems and information, or to modify or cause damage.
Attack surface reduction
Less obvious than the other categories, but still important, attack surface reduction is about finding exposures that may not be necessary, and removing them to avoid future problems.
The WannaCry ransomware is famous for the damage it caused, but less known is that it relied upon a Microsoft Windows service being exposed to the internet for its initial rapid spread across the internet. The service had at the time just been discovered as having a major weakness in it, but it should never have been exposed to the internet in the first place as it was designed for file sharing and printers on local networks.
Intruder is designed to detect such unnecessary exposures and help reduce your attack surface, before there's even a weakness discovered.
The internet relies on encryption for almost everything to do with security, without it there would be no online banking.
Encryption isn't flawless though, and frequently weaknesses are discovered in algorithms previously thought secure.
Intruder has checks for all the latest known encryption weaknesses, some of which include: Heartbleed, SSL/TLS weaknesses, and VPN encryption weaknesses.