Targets explained

And other questions you might have

Patrick Craston avatar
Written by Patrick Craston
Updated yesterday

What is a target?

A target is an instance, web-app, server, etc. that you'd like to run a vulnerability scan against, Intruder divides targets into four categories:

  • External infrastructure

  • Internal infrastructure

  • External web application

  • Cloud targets

Each of these types of target can be added with these steps via the Intruder portal where you'll see a pop up like this:

All of the above are treated as independent endpoints and each require a license for scanning. Next we'll take a closer look at each type of target category and what these mean to Intruder.


1. What is an external infrastructure target?

An external infrastructure targets are any target that has a public facing IP address, domain, or subdomain. Adding an external infra target will allow you to scan this a host of infrastructure based vulnerability checks, more info on the types of checks we run can be found here.

2. What is an internal infrastructure target?

An internal infrastructure target is any device that you deploy our local agent on for scanning, at present our local agent supports Windows, Linux, and MacOS devices. This is ideal for scanning targets that don't have public IPs or hostnames for our scanner to connect to or for targets within your internal network.

More info on internal target scanning with Intruder can be found here, please note internal scanning is only available for Pro, Premium and Vanguard users.

3. What is a web application target?

If you have application licenses available this will allow you to assign an application licenses, add authentication or API schema if needed, and kick off scans that will crawl through your web app and/or API running tailored checks in addition to our large number of external infrastructure checks, more info on our web app scanning can be found here.

4. What about my Cloud targets?

Targets pulled through from your cloud integrations will be automatically added as external infrastructure targets, if any of these are web app targets and you'd like to add assign an application license you can easily do so by adding authentication. More info about our cloud integrations can be found here!


How does licensing work?

Great question โ€“ we have just the article to help answer it.


Can I edit a target once added?

No, unfortunately not. If you wish to change a target (i.e. correct a typo, or update the domain), you need to add it as a new target via the targets page.


Where can I find pricing?

The cost of scanning targets for vulnerabilities can be found in two places:

Our website

Use the slider to select the number of targets you wish to scan and the preferred billing cycle (these figures are exclusive of VAT).

Use the slider to select the number of targets you wish to scan and hit 'choose plan':

On the next page you can select the billing cycle and review the cost. (VAT will be applied where applicable):

Did this answer your question?