Why is it important?
If you or a colleague were to unintentionally leave a vulnerable service exposed to the internet, you run the risk of it being found and possibly exploited by hackers.
How does Intruder handle it?
There are a number of things we do to make sure that you always have the information you need to make informed decisions and know when and where to act:
Continuous Network Scanning allows us to know within minutes of the target being added to the portal, whether it is exposed to the internet or not (as well as the specific ports and services that are accessible). Once scanned, it is immediately re-enqueued for rescanning at regular intervals.
We go out of our way to reduce the noise you have to deal with. Small mistakes can often be overlooked or buried in the noise that comes back from generic vulnerability scanners. Our job is to highlight these, so you can see what matters quickly, and then get on with your day.
We prioritise issues based on industry standards, context and experience. Whilst we review publicly disclosed CVSS scores, we also rely on the team's combined penetration testing experience when formulating our severity rating and writing issue descriptions and remediation advice.