So you've just signed up for the Intruder service, but what next? This guide is designed to help you get the most out our platform, and avoid any unexpected issues. So let's get going.

In case you're not familiar with what we do already, our service revolves around three key principles:

  • Simple: We want everything to be as simple as possible, we reduce noise and provide explanations of why the problems we identify could lead to a breach.
  • Proactive: When new vulnerabilities are discovered we will run proactive emerging threat scans on your systems, looking for those new weaknesses. Where you are affected we will notify you by email and Slack (Pro/Verified plans only).
  • Perimeter-specific: We've designed our platform to highlight issues that are only important in the context of being exposed to the internet. This includes things like databases, but there are also hundreds of other examples.

Add your targets 🎯

Manually add targets

Assuming you've already managed to log in, the first thing you'll want to do is tell us where your systems are. You can do that on the targets page. You can also keep your targets organised by adding tags.

Add from cloud providers

Connect your AWS, Google Cloud or Microsoft Azure accounts to synchronise your external IP addresses and DNS hostnames with the Intruder portal. We monitor your cloud accounts and notify you whenever a cloud IP address or DNS hostname is released, to ensure you never scan any systems that you no longer own. You can also activate CloudBot to automatically add any new external IP addresses or hostnames in your cloud accounts as Intruder targets.

Assessments 🕵️‍♂️

Assessment timings

Scans can take anything from 15 minutes to a few hours, but if they're running any longer, you might want to check out this help article.

Pause or cancel a scan

You can pause (and resume) or cancel a scan at any time from the dashboard.

Running new scans on demand

If you're on a Pro or Verified plan, you can also start a new assessment whenever you want, by using the scan now feature.

What happens when assessments finish

When any of your assessments finish, you'll receive a notification, and can log in to view the results.

Monthly scheduled assessments

We run monthly scheduled assessments for all Intruder customers looking for the types of weaknesses that hackers could exploit. Your first assessment is usually the day after you begin your subscription, and starts at 1am CET. 

The Intruder portal

Slack and Jira integrations 

Notify your team about security issues in Slack and push discovered vulnerabilities to Jira for remediation.

Snoozing issues 

When scanning your systems using automated vulnerability scanners, these scanning engines will sometimes identify issues that are false positives. Similarly, your business might be fine with accepting the risk on an issue, or not see it as a problem because you have added mitigating controls. You can remove such issues from your reports, by snoozing them. 

Other FAQs 🧐

Check out our help pages on what our scans test you for, what scanning engine we use, how to add additional users and how the licensing works.

How to contact us 👋

We're always available in the chat bubble in the corner, and we love feedback, so if you've got any questions, or ideas on how we could improve, please do get in touch!

Did this answer your question?