Vulnerability Scanning

FAQs around Vulnerability Scanning

Chris Wallis avatar Patrick Craston avatar Daniel Andrew avatar
18 articles in this collection
Written by Chris Wallis, Patrick Craston, and Daniel Andrew

Noise reduction - what does it mean?

Intruder is designed to be less noisy than other vulnerability scanners, but what does that mean for you?
Chris Wallis avatar
Written by Chris Wallis
Updated over a week ago

Emerging Threat Scans

What they are and why they're an important part of keeping your systems safe
Patrick Craston avatar
Written by Patrick Craston
Updated over a week ago

What scanning engine does Intruder use?

To make sure they're getting the security they deserve, our customers often want to know what's under the hood
Chris Wallis avatar
Written by Chris Wallis
Updated over a week ago

What's the benefit of perimeter-specific results?

Your perimeter is different to the rest of your infrastructure, we treat it that way
Chris Wallis avatar
Written by Chris Wallis
Updated over a week ago

How long will my scans take?

This article explains how long our scans usually run for, and the reasons why in some cases they can take a while.
Daniel Andrew avatar
Written by Daniel Andrew
Updated over a week ago

What do we actually test you for?

Vulnerability scanning can be a mystery, so let us break it down for you
Chris Wallis avatar
Written by Chris Wallis
Updated over a week ago

What’s better, pen testing or regular vulnerability scanning?

Which offers the better security: annual pen tests? Or continuous vulnerability monitoring?
Daniel Andrew avatar
Written by Daniel Andrew
Updated over a week ago

Can Intruder Scan Single-Page Applications?

How does Intruder fare when vulnerability scanning SPAs?
Daniel Andrew avatar
Written by Daniel Andrew
Updated over a week ago

Will Intruder's scans damage my systems?

Are Intruder's scans safe? Will scans cause downtime or disruption?
Daniel Andrew avatar
Written by Daniel Andrew
Updated over a week ago

What IPs do I need to whitelist?

Find the source IPs for whitelisting our scans in intrusion prevention systems, web application firewalls, and cloud providers.
Patrick Craston avatar
Written by Patrick Craston
Updated over a week ago

My systems are hosted with Microsoft Azure. Do I need permission before I start the scan?

Daniel Andrew avatar
Written by Daniel Andrew
Updated over a week ago

My systems are hosted on Google Cloud. Do I need permission before I start the scan?

Google Cloud does not require permission before adding your systems as targets to the Intruder platform
Patrick Craston avatar
Written by Patrick Craston
Updated over a week ago

My websites are hosted behind Cloudflare. Will Intruder still work?

This article explains how to set up Intruder to correctly scan web servers which are hosted behind Cloudflare
Daniel Andrew avatar
Written by Daniel Andrew
Updated over a week ago

Why do I need continuous monitoring? I already get penetration tests.

A discussion on continuous vulnerability scanning compared with regular manual penetration testing
Daniel Andrew avatar
Written by Daniel Andrew
Updated over a week ago

My systems are hosted on AWS. Do I need permission before I start the scan?

Amazon Web Services (AWS) does not require permission before adding your systems as targets to the Intruder platform.
Daniel Andrew avatar
Written by Daniel Andrew
Updated over a week ago

Does Intruder do authenticated web-app scanning?

Can we run scans to find weaknesses behind the login of a web application?
Daniel Andrew avatar
Written by Daniel Andrew
Updated over a week ago

Does Intruder scan internal networks?

Wondering whether Intruder can scan systems which are not exposed to the internet?
Daniel Andrew avatar
Written by Daniel Andrew
Updated over a week ago

I need to add my web server as a target. Should I use the hostname or the IP address?

This article describes when to use the hostname of a target, compared to using the IP address.
Daniel Andrew avatar
Written by Daniel Andrew
Updated over a week ago