We know that keeping the targets you want to monitor for security weaknesses up to date can be a bit of a pain...

New instances are constantly being spun up in Microsoft Azure, others are being closed down, keeping track of it all can easily become a full time job! 

That's why we've created an Azure integration - add your public IP addresses and hostnames from DNS zones as Intruder targets directly from our portal! 🎉

Connect Azure to your Intruder account

Create an application for Intruder in Azure

Login to the Azure management portal

Go to 'All services' and select 'App registrations' from the 'Identity' section (or use the search).

Click on the 'New registration' button.

Enter a name (we recommend 'Intruder' or something similar) then click 'Create'.

Get the Application ID, Application secret key, Directory ID and Subscription ID from Azure

We require four access keys to connect your Azure account to Intruder. The 'Application (client) ID' and the 'Application secret key' of the Azure applicate you just created, the 'Directory (tenant) ID' from Azure Active Directory and the 'Subscription ID' of your Azure subscription. You need to get them from various sections of the Azure portal, so it's probably best to open a text document that you can copy them into. It should all be straight-forward if you follow the steps below, so hang in there! 🙄

Click on the 'Intruder' application that we just created and take a note of the 'Application (client) ID' (or copy it into the text document!) under the 'Overview' tab. You'll need this for the 'Application ID' field in the Intruder portal.
You can also get the 'Directory (tenant) ID' from this screen so let's note that one down too. You'll need this for the 'Directory ID' field in the Intruder portal.

Now click on 'Certificates & secrets' in the left navigation panel, then click on 'New client secret':

Create a client secret by entering a description (e.g. 'Intruder') and setting an expiry date (i.e. how long you want the secret to be valid for). Please note that Intruder will no longer be able to access your Azure account when the secret expires.

Now click 'Add' and note down the 'Value' of your key (or copy it into your text document). You'll need this for the 'Application secret key' field in the Intruder portal.
Important:
Please note that you won't be able to see that 'Application secret key' again after you've left this screen, so make sure you copy and paste it now! 🤓

Almost there... 😅

Go back to the 'All services' menu and select 'Subscriptions' from the 'General' section.

Click on your subscription and note (copy and paste into text doc) the 'Subscription ID' of your subscription. You'll need this for the 'Subscription ID' field in the Intruder portal.

Then select 'Access control (IAM)' from the left menu and click 'Add'.

From the first dropdown, select the 'Reader' role (we require read-only access in order to fetch your public IP addresses). In the 'Select' text box search for the application we created earlier (e.g. 'Intruder' or whatever you chose to name it). Select that application, and click 'Save'.

Enter the Application ID, Application secret key, Directory ID and Subscription ID into the Intruder portal

Log into the Intruder portal, head to the cloud settings page and click on the Azure logo.

Enter the Application ID, Application secret key, Directory ID and Subscription ID and click the button to add your Azure account.

Now give yourself a pat on the back because you're done! 💪

Activate CloudBot (optional)

Once you've clicked to add your Azure account, you'll see a popup asking whether to activate CloudBot.

CloudBot keeps a constant watch on your Azure account and will automatically add any new external IP addresses or hostnames as Intruder targets. For more information see the CloudBot help page.

Adding Targets

Once you've added an Azure account, you'll be able to see the public IP addresses and hostnames from DNS zones in the Add Cloud Targets popup on our targets page.

To add them for continuous monitoring, simply select the IP addresses and hostnames you want as targets and click add.

Note: Azure integration is only available for customers on our Pro and Verified plans.

Did this answer your question?