Vulnerability Scanning

FAQs around Vulnerability Scanning

19 articles in this collection
Written by Chris Wallis, Daniel Andrew, and Patrick Craston

Internal Vulnerability Scanning

Written by Chris Wallis
Updated over a week ago

Noise reduction - what does it mean?

Intruder is designed to be less noisy than other vulnerability scanners, but what does that mean for you?

Written by Chris Wallis
Updated over a week ago

Emerging Threat Scans

What they are and why they're an important part of keeping your systems safe

Written by Patrick Craston
Updated over a week ago

What scanning engine does Intruder use?

To make sure they're getting the security they deserve, our customers often want to know what's under the hood

Written by Chris Wallis
Updated over a week ago

What's the benefit of perimeter-specific results?

Your perimeter is different to the rest of your infrastructure, we treat it that way

Written by Chris Wallis
Updated over a week ago

How long will my scans take?

This article explains how long our scans usually run for, and the reasons why in some cases they can take a while.

Written by Daniel Andrew
Updated over a week ago

What do we actually test you for?

Vulnerability scanning can be a mystery, so let us break it down for you

Written by Chris Wallis
Updated over a week ago

What’s better, pen testing or regular vulnerability scanning?

Which offers the better security: annual pen tests? Or continuous vulnerability monitoring?

Written by Daniel Andrew
Updated over a week ago

Can Intruder Scan Single-Page Applications?

How does Intruder fare when vulnerability scanning SPAs?

Written by Daniel Andrew
Updated over a week ago

Will Intruder's scans damage my systems?

Are Intruder's scans safe? Will scans cause downtime or disruption?

Written by Daniel Andrew
Updated over a week ago

What IPs do I need to whitelist?

Find the source IPs for whitelisting our scans in intrusion prevention systems, web application firewalls, and cloud providers.

Written by Patrick Craston
Updated over a week ago

My systems are hosted with Microsoft Azure. Do I need permission before I start the scan?

Written by Daniel Andrew
Updated over a week ago

My systems are hosted on Google Cloud. Do I need permission before I start the scan?

Google Cloud does not require permission before adding your systems as targets to the Intruder platform

Written by Patrick Craston
Updated over a week ago

My websites are hosted behind Cloudflare. Will Intruder still work?

This article explains how to set up Intruder to correctly scan web servers which are hosted behind Cloudflare

Written by Daniel Andrew
Updated over a week ago

Why do I need continuous monitoring? I already get penetration tests.

A discussion on continuous vulnerability scanning compared with regular manual penetration testing

Written by Daniel Andrew
Updated over a week ago

My systems are hosted on AWS. Do I need permission before I start the scan?

Amazon Web Services (AWS) does not require permission before adding your systems as targets to the Intruder platform.

Written by Daniel Andrew
Updated over a week ago

Does Intruder do authenticated web-app scanning?

Can we run scans to find weaknesses behind the login of a web application?

Written by Daniel Andrew
Updated over a week ago

Does Intruder scan internal networks?

Wondering whether Intruder can scan systems which are not exposed to the internet?

Written by Daniel Andrew
Updated over a week ago

I need to add my web server as a target. Should I use the hostname or the IP address?

This article describes when to use the hostname of a target, compared to using the IP address.

Written by Daniel Andrew
Updated over a week ago