Previously, when you ran a vulnerability scan that included more targets than you had infrastructure licenses for, Intruder would automatically allocate any surplus application licenses to those extra targets.
This ensured maximum coverage but sometimes caused unexpected license usage. Similarly, when an Emerging Threat Scan (ETS) ran, Intruder would assign both infrastructure and application licenses automatically.
With this update, you now have full control over this behaviour.
You can decide whether surplus application licenses are automatically assigned to infrastructure targets during a scan. This gives you greater transparency, predictable license allocation, and better cost control.
What’s changed?
You can now manage automatic license assignment directly in your settings:
Settings → Scanning → "Automatically assign surplus application licenses"
When enabled:
- As before the update, surplus application licenses will be assigned during a vulnerability scan if no infrastructure licences are available.
- Application licenses will now only be applied to a target once authentication or an API schema has been added.
When disabled:
- Intruder will not automatically assign application licenses to unlicensed targets, even during scans.
Why this helps
- More control – Decide exactly when and how your licenses are used.
- Better cost management – Prevent automatic allocation of app licenses to lower-priority targets.
- Simplified administration – Easily toggle the setting on or off as your setup evolves.