Intruder translates the output from enterprise-grade vulnerability scanning tools to provide perimeter-specific results. But why is that a good thing?
Largely this is to do with two things: noise, and understanding.
Noise is a problem across the whole cyber security industry at the moment. Automated tools are great at spitting out data for analysts to look at, but not many are great at reducing the noise.
At Intruder we go out of our way to reduce the noise you have to deal with, and one of the ways we do that is to prioritise issues based on context. We are a perimeter vulnerability scanner, so we prioritise issues that are important on the perimeter.
Good examples of why this is useful are the WannaCry ransomware that exploited internet-facing SMB service to spread (a service designed for local networks), or the myriad of companies who leave databases exposed to the internet. Neither of these services should ever be exposed to the internet, but these small mistakes can often be overlooked or buried in the noise that comes back from generic vulnerability scanners. Our job is to highlight these, so you can see what matters quickly, and then get on with your day.
Understanding is the second benefit. Intruder's security experts spend hours every week looking at different software, services and configurations to see what is robust enough to be exposed to the internet, and what isn't meant to be there. No security analyst, developer or IT manager can hope to become an expert in all technologies in use across their organisation. Intruder gives you the best information to understand your exposures, and limit them.