We often get asked if our proactive, simple vulnerability scanning solution can also monitor and protect devices in internal networks. It makes perfect sense, as attackers can often bypass perimeter defences by simply sending an email to your employees, or in rarer cases, by exploiting unknown (zero-day) vulnerabilities in your perimeter.
So once you've made sure your external systems as secure as possible, the next sensible step is to ensure your internal systems are also secured against a breach, as part of a defence in depth strategy. That's why we're excited to add internal vulnerability scanning to our platform.
A vulnerability scanner is only as good as the number of weaknesses it checks for, and we believe there is no point in re-inventing the wheel, so just as with our external service, we use an enterprise-grade scanning engine with 10,000s of checks going back decades for internal scans.
Intruder's internal scanning is 'agent-based' (see here why we believe this approach is superior to the traditional network-based approach) and requires you to install an agent (a piece of software that scans your device for weaknesses and reports them back to our portal) on each machine you want to protect.
Our internal scanning is currently in Beta, but is available to all customers and free trials. The following information should help you get set up.
Installing the agents
You can find guides on how to install the agents on each operating system here:
Once you've installed the agents, it can take a little while before they start reporting - but once they do they will be included in any future vulnerability scans and you'll see the results in the Intruder portal.