Intruder
Attack surface management and vulnerability scanner detecting emerging vulnerabilities within hours of disclosure.
Vendor Information
Intruder Overview
Intruder is a continuous vulnerability scanner and attack surface management platform monitoring internet-facing systems and cloud infrastructure to identify security weaknesses before exploitation. The platform automatically discovers new services exposed to the internet and scans for the latest vulnerabilities within hours of public disclosure, combining multiple scanning engines with proprietary intelligence to perform over 9,000 security checks across network infrastructure, web applications, and cloud environments (Amazon Web Services, Azure, Google Cloud).
Intruder integrates threat intelligence including CISA Known Exploited Vulnerabilities (KEV) list and Exploit Prediction Scoring System (EPSS) to prioritize vulnerabilities based on actual exploitation likelihood rather than generic severity scores. The platform filters false positives and provides detailed remediation guidance in concise, actionable formats without requiring deep security expertise, making enterprise-grade vulnerability scanning accessible to lean security teams.
Founded in 2015 by Chris Wallis and headquartered in London, Intruder serves over 3,000 customers across managed service providers (MSPs), small and medium-sized businesses, and enterprises in finance, healthcare, technology, and government sectors. The company achieved $16.1 million in revenue in 2024 with consistent year-over-year growth, earning recognition as the #215 fastest-growing company in Europe by the Financial Times and Statista in 2024.
Key Capabilities
Standardized capabilities mapped to this product's security niche
Assigns likelihood-of-exploitation scores using threat intelligence, vulnerability characteristics, and active exploit availability, independent of CVSS, which measures severity rather than exploitability.
Incorporates asset metadata (network exposure, business criticality, data classification) into vulnerability prioritization so that a critical CVE on an isolated internal test system ranks lower than a medium CVE on an internet-facing payment server.
Cross-references the vulnerability inventory against live threat feeds tracking CVEs under active exploitation in the wild, surfacing vulnerabilities with confirmed attacker activity.
Continuously discovers external-facing assets (domains, IPs, cloud services, APIs, certificates) including assets deployed outside the official inventory.
Creates tickets, assigns owners, and tracks remediation progress in ITSM platforms (ServiceNow, Jira), closing the loop between finding and fix rather than producing a static report.
Enforces remediation deadlines by severity, reports on SLA compliance, and escalates overdue findings through configured approval chains.
Recommends the minimum patch set that eliminates the highest-risk exposure (accounting for shared libraries and patch co-dependencies), rather than presenting a ranked CVE list.
Scans cloud resource configurations and container image CVEs alongside traditional OS and application vulnerabilities in a unified risk view.
Tracks SSL/TLS certificate expirations, newly registered lookalike domains, and subdomain takeover opportunities (dangling DNS records pointing to deprovisioned cloud services).
Continuously enumerates internet-exposed assets (domains, IPs, subdomains, certificates, cloud storage, APIs) using passive DNS, certificate transparency logs, and active probing, including assets outside the official inventory.
Ranks discovered exposures by combining exploitability signals, asset business context, and active threat intelligence to produce an actionable remediation queue.
Identifies cloud resources, SaaS applications, and exposed services deployed by business units without IT or security team visibility or approval.
Identifies software stacks, versions, and components running on discovered assets through passive banner analysis and active probing, mapping CVE exposure without authenticated scanning.
Integrations
Compatible tools and platforms
Solution Details
Compliance & Certifications
Regulatory frameworks and security certifications
Deployment Options
Where and how this solution can be deployed
Support Channels
Available support and communication options
Pricing Model
How this solution is priced
How to buy
This profile hasn’t been claimed yet. Contact the vendor directly for pricing and purchasing options.
Is this your company?
Claim Your Profile