We've spent a significant amount of time over the past year building up new discovery features to help you keep on top of your ever changing attack surface. As we added new discovery methods, we heard from customers that they needed a quick way of seeing everything in one place.

With this release, we've updated our Discovery page to have new areas for immediate access to:

This is in combination with dedicated pages for these features, showing the history of login pages and APIs that we have detected for you, and whether they have been acted upon yet.

If you’d like to discuss this feature with a member of the product team, or give some feedback, you can do so here.

At Intruder one of our key principles has always been removing distractions and allowing our customers to focus on the things that matter most - much like the way we filter out informational findings as 'Noise', so you're not flooded with vulnerabilities that don't present a security risk.

However, feedback from customers has often been that our scan email can feel a little 'noisy'. Previously, you only had the option to either receive emails when a vulnerability scan completed or not.

With this update, we've changed our scan emails to be more granular. This means you can choose to only receive emails about scans that detect your specified severity level and above. For example, in the below image I have chosen to only receive alerts when a scan completes and detects a high severity issue or above. This is a user specific setting, so you can change your preference without impacting other members of your team.

If you’d like to discuss this update with a member of the product team, or give some feedback, you can do so here.

Last month, we added additional context on the likelihood of exploitation with CVSS, EPSS, and KEV data. With this release we're making it possible to use this data when filtering and prioritizing the Issues list.

As part of this change, we've also re-designed the issue page layout to ensure key information is more visible for both issues and occurrences.

With these changes, it will be faster and easier to triage your current issues, providing you with deeper context on the real world risk of a vulnerability in order to determine which issues pose the greatest risk to your business.

If you’d like to discuss this feature with a member of the product team, or give some feedback, you can do so here.

Earlier this year we released our subdomain discovery feature, which allows you to identify subdomains of your existing domains so you can choose whether they should be added as targets and scanned, or potentially taken offline. This feature is fantastic for drilling into your existing target base, but it can't find new domains.

We've expanded on this to now include domain discovery, which will run every time you add a new apex domain to the portal. In the diagram below, we use intruder.io as an example of an apex domain. With domain discovery, we would expect to find domains such as intrudercareers.io rather than just subdomains such as careers.intruder.io.

To explore our expanded attack surface discovery feature set, head over to portal.intruder.io/targets/discovery.

Intruder's attack surface management features are only available on the Premium plan. If you'd like to trial this plan, please reach out to the team here.

If you’d like to discuss this feature with a member of the product team, or give some feedback, you can do so here.

Premium customers can now use Okta to manage user access to Intruder.

Tracking access for all your users across your myriad of SaaS solutions can be a headache. Ensuring that new employees have access to all the tools they need can be a protracted process. Offboarding employees from those same solutions doesn't always happen in a timely manner leaving access open to individuals who are no longer in the company.

You can now use Okta to onboard users to Intruder, to manage their access levels in Intruder, and offboard them quickly and efficiently. Users can also access Intruder directly from your Okta workspace.

To get started visit the Integrations page in Intruder, and have a read through our step-by-step guide to get setup.

The Okta integration is currently marked as in beta while we gather user feedback. If you have any feedback please feed it back to our support team using the chat bubble. If you want us to support other authentication providers or have other feature requests click the chat bubble and then "add your voice here".

When prioritising vulnerabilities, it's important to know which ones are most likely to be exploited by an attacker.

So, we're adding additional context on the likelihood of exploitation to our issues, enabling you to prioritize the that present the to your business.

We've added more accurate & valuable vulnerability exploit information to aid your prioritisation efforts, namely:

With these changes, you'll be better equipped when identifying and prioritizing risk across your attack surface. Read about the changes in more detail here.

If you’d like to discuss this further with a member of the product team, or give some feedback, you can do so here.

We’ve just released the most requested integration for a security information and event management (SIEM) solution that we have received; Microsoft Sentinel.

By combining Intruder with Microsoft Sentinel you can more effectively detect, investigate and remediate risk that appears across your attack surface. Combined with our cloud sync and auto-scanning functionality, you’ll never miss a beat. When your attack surface changes - you’ll be informed of any risks immediately.

Enrich your Sentinel activities, alerts and automations, using vulnerability information from Intruder.

If you’d like to discuss this further with a member of the product team, or give some feedback, you can do so here.

Known unknowns are common in the realm of attack surface management. We're all aware that over time, new subdomains will have been made and forgotten about, perhaps for a short project or a temporary partnership. Once forgotten, they become impossible to keep secure and leave an exploitable gap in your attack surface.

With Intruder's new subdomain discovery feature, we'll be on the constant look out for new subdomains on your attack surface, and let you know what we’ve found so you can rapidly secure them.

If you’d like to discuss this further with a member of the product team, or give some feedback, you can do so here.

You can only secure as much of your attack surface as you're aware of - this is why we have recently been releasing features which have focused on discovering more of your unknown assets.

With the release of our new Cloudflare integration, we've added a new method of securing your attack surface and ensuring that you're scanning as much of your external facing assets as possible.

Read more here about how to set up your Cloudflare integration.

If you’d like to discuss this further with a member of the product team, or give some feedback, you can do so here.

In 2023, Intruder implemented the ability to create 'Read-only' users, as a first step of introducing role-based access control. Earlier this year, we followed that up by introducing 'Scan users', creating another additional role that would allow less of your team to be required to have admin access. However, creating new roles with limited feature access does not solve the problem of restricting access to specific sets of targets, an increasingly important priority for larger businesses.

With our latest release, customers on our Premium plan will now be able to restrict user access to the targets that are associated only to a tag or tags. This means users logging in with 'restricted access' will only see information (such as vulnerability details) linked to their associated targets.

You can read more about the details of what 'Restricted access' users can do on our Help Centre here.

We'd love to hear your feedback, or if you require a more specific role, you can always submit a new request here.