Skip to main content
All CollectionsPlans, features and licensing
What scanning engine does Intruder use?
What scanning engine does Intruder use?

Find out what Intruder uses under the hood

Updated over 11 months ago

We didn't start Intruder to re-invent the wheel; there were already tons of vulnerability scanners out there with lots in common. In fact, when it comes down to the actual checks they perform, there isn't a huge difference between them, especially at the top end of the spectrum.

That said, we wanted to do things a little differently here, which is why we opted for four different scanners.


Essential plan

Powered by OpenVAS – the world's most popular open-source scanning engine used globally by both the public and private sector. This is the perfect solution for small companies with a limited internet-footprint and heavy reliance on open-source software.

Pro plan

Built upon Tenable Nessus – a commercial-grade scanning engine, used by large organisations and international Government bodies. This solution caters to those that with a vast number of systems exposed to the internet; but it doesn’t stop at just the external perimeter, it covers internal systems and lots of enterprise software too.

Premium plan

Built upon Tenable Nessus and Nuclei, an open-source vulnerability scanning engine popular with bug bounty hunters, penetration testers and researchers researchers looking to produce repeatable checks for serious weaknesses. This plan is geared towards young companies scaling quickly, with a large attack surface or cloud infrastructure where there is a need for continuous monitoring and a desire for supplementary support.

Vanguard plans

Built upon Tenable Nessus and Nuclei. This plan is a hybrid vulnerability management solution with our continuous penetration testing capability, most suited to those that would benefit from a team of security professionals dedicated to proactively identifying weaknesses in their assets.


Authenticated web-app scanning / API scanning bolt-on

Users also have the option to add a leading open-source web-app scanning engine to their armoury. Zap is used to scan API schemas, as well as authenticated layers of a web-app and can be bolted onto any existing subscriptions. To read more about authenticated web-app scanning, please head to our Help Centre.

Did this answer your question?