What is an Intruder target?
Broadly speaking, we define targets as one of the following:
An external IP address
A domain
A sub-domain
An internal device that supports Windows, Linux, or macOS
Devices must either be internet-facing with a public IP address (for external targets) or capable of running the Intruder agent (for internal targets).
What option should I choose on the 'add target' modal?
How you choose to add your target will affect what we scan and the license we use.
Option | What can I add here? | What does it cover? | What license does it require? |
External infrastructure |
| The checks for external infrastructure targets vary depending on your plan. For the details, head over to this article. | Infrastructure license |
Internal target | Internal devices running either:
| Vulnerabilities present locally on the machine that might not necessarily be found through an external scan. eg, vulnerable software versions, misconfigured security preferences, and incomplete updates. | Infrastructure license |
External web applications |
| In addition to the external infrastructure checks as per above, we'll check unauthenticated and authenticated pages for common vulnerability categories, as well as weaknesses in custom software (including zero days), including:
| Application license |
Cloud asset sync |
| The checks for cloud assets with no authentication added are the same as for 'External Infrastructure' targets (explained above) | Depends on the assets we pull through and what/how you want to scan them.
|
How does licensing work?
Great question – we have just the article to help answer it.
What are Intruder’s capabilities for scanning external and internal devices, and which devices are supported?
Intruder offers robust security scanning capabilities for both external (internet-facing) and internal devices. Below is a detailed breakdown of how these scans work and the types of devices supported.
External Scanning
Intruder can scan internet-facing devices by targeting their public IP addresses. This includes routers, switches, storage systems, and virtual machines that are exposed to the internet.
Devices not exposed to the internet (e.g., some switches) cannot be scanned using this method.
Internal Scanning
Internal device scans require the installation of an agent compatible with devices running Linux, macOS, or Windows.
Devices that cannot host the Intruder agent, like many switches or specialised appliances, are not supported.
Summary of Key Limitations
External scans require internet-facing devices with public IP addresses.
Internal scans are compatible only with OS-supported devices capable of running the Intruder agent (Linux, macOS, and Windows).
Devices like switches, routers, and storage appliances that neither face the public internet nor support the Intruder agent have no external attack surface.
Can I edit a target once added?
No, unfortunately not. If you wish to change a target (i.e. correct a typo or update the domain), you need to add it as a new target via the targets page.
Where can I find pricing?
The cost of scanning targets for vulnerabilities can be found in two places:
*These figures are exclusive of VAT.
To determine the cost of your desired license count, follow these steps:
Open the Intruder portal and click on the “Sign up” option in the bottom left
Enter the required number of infrastructure and/or application licenses
Use the slider to select the number of targets you wish to scan and hit 'Choose plan' below your desired plan. You can find more details on each plan here:
On the next page, you can select the billing cycle and review the cost. (VAT will be applied where applicable):
