We often get asked if Intruder performs automated pen-tests, and our answer is always the same: "What are you looking for exactly? The reason we ask for clarification is that ‘penetration testing’ is an umbrella term that is used to encompass a range of cybersecurity assessments.

Here at Intruder, we offer automated vulnerability scanning, AI pentesting, and manual penetration testing (for existing customers only). When it comes to "automated pentests", it's worth clarifying your objectives so we can ensure we're recommending the best service for you. For full information, take a look at this page on our website.

Our primary focus here at Intruder is continuous automated vulnerability scanning. The objective of this tool is to identify weaknesses in your system.

Each and every time you run a scan with Intruder, your targets are checked for thousands of known vulnerabilities. Any issues found are then published in a report, along with a carefully curated description and practical remediation advice. The results are extrapolated further in the portal dashboard, where you can see the threat level; hygiene score and exposure over time; as well as a list of all checks run, including those that passed, failed or were filtered as noise.

As this is an automated tool, scans can take as little as 15 minutes to complete or upwards of several hours, and are available on a monthly or annual subscription.

AI pentesting sits between automated scanning and a full manual engagement. Rather than simply identifying weaknesses, Intruder's AI pentesting agents test specific issues found in your automated scans using the same methods employed by human pentesters — without the wait or the cost of a manual engagement.

The agents interact directly with your target, sending requests, analyzing responses, and probing for exposed data to build a clear picture of each issue's real-world exploitability. Once complete, you receive a summary, detailed findings, and a full transcript of the steps taken.

Penetration tests on the other hand are a one-off assessment designed to identify and exploit weaknesses in your system as a way to measure their inherent risk.

Whilst it is possible to automate some of the penetration testing process, there are certain activities that necessitate the discerning eyes (and mind) of a human. By leveraging the expertise of a penetration tester, clients can rest assured that their systems have been stress-tested for weaknesses not discoverable by machines, but still exploitable by hackers.

The bespoke approach to testing means that issues are always reported in the context of the real impact that their exploitation would pose to the business. Along with a severity rating, the reports contain detailed descriptions, evidence, and remediation advice. As part of the process, the client is invited to re-submit their system for testing post-remediation, so that they can receive a final bill of health.

Depending on the scope, these tests can take upwards of four days to complete and pricing runs into the thousands.

Intruder offers a range of security testing options to suit different needs — manual penetration tests via our consultative service (for existing customers), vulnerability scanning via our automated tool, and AI pentesting, which allows you to actively investigate specific vulnerabilities found in your scans on demand.