Intruder Systems is a cybersecurity company. The company specializes in vulnerability management, offering cloud-based tools that help organizations identify, manage, and reduce security risks in their IT infrastructure. In this spotlight, we will give you a breakdown of how the company came about, its founders, and key milestones in its timeline. We will then look at the company’s products and its main competitors.
Intruder Systems Founding and Background
Intruder Systems was founded in 2015 and it is based in London, United Kingdom. The business was set up by Chris Wallis, a cybersecurity expert with a strong background in penetration testing and ethical hacking. Wallis had previously worked in various security roles, gaining extensive experience in identifying vulnerabilities and understanding the needs of organizations in securing their digital assets.
The plan behind the creation of Intruder Systems was to provide a platform that automates the vulnerability scanning process. The aim was to make it easier for companies of all sizes to protect their systems. Wallis recognized that while large enterprises often had the resources to manage security, smaller businesses struggled to keep up with the growing number of threats. Intruder Systems aimed to democratize access to high-quality security tools by offering a user-friendly, automated solution.
Timeline and Evolution
The Intruder system has now been operating for nearly a decade, and its platform is delivered from the Intruder.io URL. Here is a summary of the key events in the company’s development.
- 2015: Intruder Systems is founded by Chris Wallis The focus of the startup plan was to develop a cloud-based platform that could scan for vulnerabilities across networks, web applications, and cloud environments.
- 2016: After a year of development, Intruder Systems launched its flagship product, a vulnerability scanner designed to be easy to use and accessible to organizations without deep security expertise.
- 2017-2018: The company continued to enhance its platform, adding new features like continuous monitoring, threat intelligence integration, and automated reporting.
- 2019: Intruder Systems formed strategic partnerships with other cybersecurity firms and technology providers, creating a menu of integrations, making it easier for users to incorporate vulnerability management into their existing workflows.
- 2020: The COVID pandemic led to a surge in cyberattacks, especially targeting remote workers. Intruder Systems responded by offering enhanced support and resources to help companies secure their newly remote workforces.
- 2021-Present: Intruder Systems has continued to innovate, introducing features like automated attack surface monitoring and API integrations.
Today, Intruder Systems is recognized as a leading provider of automated vulnerability management solutions.
Company Ownership
Intruder Systems is a privately held company and it is still relatively small. At its creation, The company had just two shareholders: Chris Wallis and David Robertson. The involvement of David Robinson ceased in April 2017. After Robinson’s share ownership, which was a minority stake, ceased, no other shareholder has been registered. So, Chris Wallis is currently the sole owner of Intruder Systems, Ltd.
Wallis has stuck to organic growth and hasn’t sought external funding or investors. The company also hasn’t made any acquisitions.
Key People
Chris Wallis and David Robertson were the only owners and directors of Intruder Systems, Ltd until David Robertson sold his shares in April 2017. At that time, Robertson also resigned from the Board of Directors.
Chris Wallis remains the CEO of the company and was the sole-registered director of the business from April 2017 to September 2021. Since 2021, the company has a second director, who is Dr. Patrick Craston. Dr. Craston does not hold any other directorships and he doesn’t hold any shares in Intruder Systems. His position on the board is that of Chief Technology Officer.
Patrick Craston was promoted from within. He joined the company in September 2017, having moved from his position as Head of Software Development at Context Information Security.
The company currently has about 50 employees.
Locations
Intruder System operates from one location, which is its headquarters in Central London. The business is based in Shoreditch, which is a fashionable district for small IT firms and media businesses. However, most of the company’s staff work remotely.
Typically, Intruder Systems employees work from home and they are located all across the globe. The staff roll of the business is made up of 15 nationalities, located in nine different countries.
Target Market and Customer Base
As has already been noted, the main reason Chris Wallis started Intruder Systems was that he noted how few vulnerability management systems were available to small and mid-sized businesses. To this day, SMEs are the main target market for the company’s services.
The company doesn’t have a target industry – it advertises for business in all sectors. However, an obvious attribute of any interested potential customer is that the company’s system is connected to the Internet.
Intruder Systems Product Suite
Intruder Systems is primarily known for its flagship product, a cloud-based vulnerability management platform designed to help organizations identify, manage, and mitigate security risks. Over time, their product suite has evolved to address the growing complexity of network technologies and the increasing sophistication of cyber threats. Below is an overview of their product offerings, how these evolved, and any challenges the company faced along the way.
- Vulnerability Scanner This is the core product and was the focus of the platform’s initial development. It identifies security weaknesses in network infrastructures, web applications, and cloud environments. The platform allows for automated, scheduled scans and also allows scans to be launched on demand
- Continuous Monitoring As cyber threats became more persistent and evolved, Intruder Systems introduced a continuous monitoring feature. This ensures that once a vulnerability is identified, organizations are immediately alerted if the risk reappears or if new vulnerabilities are detected.
- Attack Surface Monitoring With the expansion of network technologies and cloud services, Intruder Systems added attack surface monitoring. This feature helps organizations understand their exposure to the internet, identifying potential entry points for attackers.
- Threat Intelligence Integration To stay ahead of emerging threats, Intruder integrated threat intelligence into its platform. This feature allows the platform to cross-reference vulnerabilities against known threat actors and attack patterns.
- Compliance Reporting Recognizing the growing importance of regulatory compliance, Intruder Systems introduced automated compliance reporting for SOC 2, ISO 27001, and PCI DSS.
- Integrations with Third-Party Tools The Intruder platform integrates with popular tools such as Slack, Jira, and various cloud service providers like AWS, Azure, and Google Cloud. These integrations the detection of threats in those environments.
Evolution of the Product Suite
Early Stages (2015-2016):
- At its inception, Intruder Systems focused on basic network and application vulnerability scanning. This was in line with the needs of businesses at the time, where the primary concern was securing traditional on-premises networks and simple web applications.
- The initial product was robust enough to identify common vulnerabilities but was also designed to be user-friendly, catering to organizations that did not have deep cybersecurity expertise.
Growth and Expansion (2017-2018):
- As cloud adoption surged, Intruder Systems expanded its capabilities to include scanning for cloud infrastructure vulnerabilities. This was a critical evolution, as more businesses moved their operations to the cloud, exposing them to new types of risks.
- The introduction of continuous monitoring reflected the need for ongoing security vigilance, particularly in dynamic cloud environments where configurations could change frequently.
Mature Phase (2019-Present):
- The addition of attack surface monitoring and threat intelligence integration came as organizations faced increasingly sophisticated threats. With cybercriminals leveraging more advanced tactics, these features helped Intruder customers stay proactive rather than reactive.
- The company also kept pace with the need for regulatory compliance, adding features that automated the reporting process, a necessity as data protection laws became stricter globally.
Challenges and How Intruder Systems Overcame Them
Over the nine years of the operations of Intruder Systems, the methods of hackers and attackers have evolved. Intruder Systems have needed to keep their services up to date, introducing new features all the time to address new threats.
Market Saturation and Differentiation
- Challenge: The cybersecurity market is crowded with many vendors offering similar solutions. Standing out in this space required Intruder to differentiate itself through ease of use, automation, and integrations.
- Solution: Intruder focused on making its platform as user-friendly as possible, appealing to both small businesses without dedicated security teams and larger enterprises looking for efficiency. Their continuous monitoring and threat intelligence features also provided added value that differentiated them from simpler scanning tools.
Rapidly Evolving Threat Landscape
- Challenge: As cyber threats evolved, Intruder had to continually update its platform to address new types of vulnerabilities and attack vectors.
- Solution: Intruder invested in threat intelligence and continuous monitoring, allowing them to respond to new threats as they emerged. They also maintained a flexible development approach, enabling quick updates and feature releases.
Scaling and Performance
- Challenge: As their customer base grew, so did the demands on their platform. Scaling to meet the needs of a global customer base without compromising performance was critical.
- Solution: Intruder leveraged cloud infrastructure to ensure scalability. They also optimized their platform for performance, ensuring that even as they added new features, the system remained responsive and reliable.
Client Education and Adoption
- Challenge: Smaller businesses often lacked the cybersecurity expertise needed to fully utilize advanced vulnerability management tools.
- Solution: Intruder provided extensive support and educational resources, helping clients understand the importance of vulnerability management and how to use their platform effectively. They also emphasized simplicity in their user interface, lowering the barrier to entry.
The company remains focused on making vulnerability management accessible and effective, helping organizations stay ahead of the ever-evolving cybersecurity landscape.
Flagship Product: Vulnerability Scanner
The Intruder Systems Vulnerability Scanner is a core component of the Intruder Platform, designed to help organizations identify security weaknesses across their digital infrastructure, including networks, web applications, and cloud environments. This scanner is known for its automation, comprehensive coverage, and ease of use, making it a popular choice among businesses seeking to improve their cybersecurity posture.
Key Features:
- Scheduled Scans: Allows users to schedule regular scans to ensure continuous monitoring of their systems without manual intervention.
- On-Demand Scans: Users can trigger scans manually when needed, providing flexibility in response to new threats or changes in the infrastructure.
- Network and Web Application Scanning: The scanner covers a wide range of vulnerabilities, from network configuration issues to application-level weaknesses like SQL injection and cross-site scripting (XSS).
- Cloud Infrastructure Scanning: Designed to scan cloud environments (AWS, Azure, Google Cloud) for misconfigurations and vulnerabilities, which are increasingly critical as more organizations move to the cloud.
- Continuous Monitoring with Real-Time Alerts: Provides continuous monitoring of your environment, alerting users immediately when a new vulnerability is detected or when a known issue reappears.
- Integrations with Other Tools: Integrates with popular tools such as Slack, Jira, and various CI/CD pipelines, enabling teams to incorporate vulnerability management into their existing workflows effortlessly.
The vulnerability scanner’s ability to scan networks, web applications, and cloud environments makes it an essential tool for organizations looking to improve their cybersecurity posture.
The continuous monitoring and threat intelligence integration are particularly valuable features, ensuring that businesses can stay ahead of potential threats. Threat intelligence enables the platform to prioritize vulnerabilities based on their exploitability in the real world, helping organizations focus on the most critical issues. Actionable insights provide detailed information and recommendations for addressing identified vulnerabilities.
Pros:
- User-Friendly Interface: The platform is designed with a clean, intuitive interface, making it accessible to users without deep cybersecurity expertise.
- Comprehensive Vulnerability Coverage: The scanner covers a wide array of vulnerabilities across networks, web applications, and cloud infrastructures, providing holistic protection.
- Automation: The ability to automate scans and continuous monitoring ensures that organizations can maintain robust security without requiring significant manual effort.
- Threat Intelligence: Integration with threat intelligence prioritizes critical vulnerabilities, enabling organizations to focus their resources where they are needed most.
- Cloud Infrastructure Support: As more organizations migrate to the cloud, the scanner’s ability to assess cloud environments is a significant advantage.
Cons:
- Cost: The scanner may be on the higher end of the pricing spectrum, particularly for small businesses or startups that may not need the full range of features.
- Customization Limitations: While the platform is user-friendly, advanced users might find the lack of deep customization options somewhat limiting, particularly in tailoring the scans to very specific needs.
- Learning Curve for Non-Technical Users: Although the interface is intuitive, users without a background in cybersecurity may still face a learning curve in understanding the full scope of the platform’s capabilities and how to effectively interpret the results.
The frequency of scans and the availability of automated or on-demand scanning depends on your plan choice. Nonetheless, for most organizations, especially those looking for a straightforward, effective vulnerability management solution, the Intruder Systems Vulnerability Scanner is a strong choice.
Other Notable Modules
1. Attack Surface Monitoring
Attack Surface Monitoring is a feature within the Intruder Platform, but it is also offered as a standalone product. It is designed to help organizations identify and manage their digital attack surfaces, providing insights into potential vulnerabilities that could be exploited by attackers. The service includes an asset discovery feature that automatically discovers and maps all externally accessible assets, including websites, IP addresses, and cloud services.
This service provides proactive security, which helps organizations stay ahead of potential threats. The addition of threat intelligence prioritizes the most critical vulnerabilities based on real-world exploitability. Real-time alerts trigger if there is a change in the attack surface.
The system provides a complete view of all external assets, helping to identify shadow IT or forgotten assets that might be vulnerable. It also tracks changes over time, providing historical analysis that shows how the attack surface evolves.
The product is straightforward, making it easy for organizations to start monitoring their assets without needing extensive setup or configuration. However, you still need to have cybersecurity expertise to understand the data it gives you. The focus of the service is primarily on external assets, so organizations still require additional tools to monitor internal networks comprehensively. Another problem to remember is that, since it is cloud-based, the product’s effectiveness is tied to the reliability of the internet connection.
2. Compliance Reporting
The Compliance Reporting feature of the Intruder Platform helps organizations automatically generate reports to meet various regulatory requirements. This tool is especially useful for businesses in regulated industries such as finance, healthcare, and e-commerce.
Set up automated reporting so that the system generates compliance reports based on vulnerability scans, making it easier to meet requirements for GDPR, ISO 27001, PCI-DSS, and more. Users can customize reports to match specific compliance needs or to present data in a way that aligns with internal or external auditing processes. This ensures that organizations always have up-to-date documentation available for audits.
Automated report generation saves time and reduces the risk of human error in compiling data. Be aware that, while reports can be customized, the options might not be as extensive as some larger enterprises require. The tool is geared towards external regulatory compliance, and might not address all internal governance needs.
Intruder Plans and Pricing
As of the latest available information, Intruder Systems offers three pricing plans tailored to different business needs. These plans generally differ based on the number of assets scanned, the frequency of scans, and the additional features that are included. Below is a general outline of their plans and pricing:
1. Essential Plan
Features:
- External scanning
- Application Scanning
- Unlimited ad hoc scans
- Prioritized results
- Unlimited users
Price (approximate):
- $160 per month (billed annually)
- $195 per month (billed monthly)
2. Pro Plan
Features:
- Everything in Essential
- Internal agent and external network scanning
- Automated cloud and emerging threat scans
- Tools for teams: integrations, single sign-on (SSO) options
Price (approximate):
- $320 per month (billed annually)
- $390 per month (billed monthly)
3. Premium Plan
Features:
- Everything in Pro
- Attack surface visibility
- Unknown asset discovery
- 1000+ attack surface checks
- Advanced access control
- Additional vulnerability scanner
Price:
- Custom pricing based on specific needs
Additional Considerations
The pricing for each plan is variable and depends on the number of networks and applications that are to be scanned.
Intruder Systems also offers two consultancy services. These are
- Bug hunting: This is a penetration testing service
- False positive reduction: This is a managed service that will interpret the results of a scan for you
Free Trial and Demo
Intruder Systems offers a 14-day free trial of its cloud platform SaaS package. Potential buyers who just want to get an idea of how the service works can watch a demo video at the Intruder.io website.
Major competitors
Intruder Systems operates in a highly competitive cybersecurity market, particularly in the vulnerability management and scanning segment. Several companies offer similar services, often with their own unique strengths and features. Here are some of the major competitors to Intruder Systems:
1. Tenable (Nessus)
Tenable is one of the leading players in the vulnerability management market, with Nessus being its flagship product. Nessus is widely used for vulnerability scanning across networks, applications, and cloud environments.
Key Features:
- Comprehensive vulnerability assessment.
- Integration with various security tools and SIEM systems.
- Advanced reporting and analytics capabilities.
- Extensive plugin library for identifying a wide range of vulnerabilities.
Strengths:
- Known for its robust scanning capabilities and large plugin library.
- Strong brand recognition and trust within the industry.
Target Audience: Enterprises and organizations with complex security needs and experienced security teams.
2. Qualys
Qualys is another major player offering a comprehensive cloud-based security and compliance solution. Its vulnerability management platform is part of a broader suite of security tools.
Key Features:
- Cloud-based vulnerability scanning with global reach.
- Continuous monitoring and threat detection.
- Integrated compliance reporting and patch management.
- Extensive API support for integrations.
Strengths:
- Cloud-native approach with a focus on scalability and ease of use.
- Wide range of integrated security tools beyond just vulnerability management.
Target Audience: Enterprises of all sizes, particularly those looking for a scalable, cloud-based solution.
3. Rapid7 (InsightVM)
Rapid7’s InsightVM is a leading vulnerability management solution that provides live vulnerability and endpoint analytics for real-time visibility into risks.
Key Features:
- Real-time vulnerability management with live dashboards.
- Integration with Rapid7’s broader security suite, including incident detection and response.
- Automated remediation workflows.
- Cloud, on-premises, and hybrid environment support.
Strengths:
- Strong focus on user-friendly dashboards and real-time data.
- Integration with other security tools and automation capabilities.
Target Audience: Mid-sized to large enterprises seeking a comprehensive security solution with real-time analytics.
4. Acunetix
Acunetix specializes in web vulnerability scanning, focusing on identifying security flaws in web applications, such as SQL injection, cross-site scripting (XSS), and more.
Key Features:
- Automated web application scanning for a wide range of vulnerabilities.
- Advanced crawling technology to identify issues across dynamic and complex web applications.
- Integration with CI/CD pipelines for DevSecOps.
Strengths:
- Strong focus on web application security, with detailed reporting and remediation advice.
- High accuracy in detecting web-based vulnerabilities.
Target Audience: Organizations with a strong focus on web application security, particularly those with complex or large-scale web environments.
5. CrowdStrike Falcon Spotlight
CrowdStrike is a well-known name in cybersecurity, primarily for its endpoint protection platform. Falcon Spotlight is their vulnerability management module, integrated into their broader endpoint security suite.
Key Features:
- Continuous vulnerability assessment directly integrated with endpoint protection.
- Real-time visibility into vulnerabilities across the organization.
- Integration with other CrowdStrike modules, such as threat intelligence and incident response.
Strengths:
- Combines endpoint protection with vulnerability management for a holistic security approach.
- Real-time data and integration with CrowdStrike’s advanced threat intelligence.
Target Audience: Organizations looking for a combined endpoint security and vulnerability management solution.
6. OpenVAS
OpenVAS (Open Vulnerability Assessment System) is an open-source vulnerability scanner that is part of the Greenbone Vulnerability Management (GVM) system. It provides a free, community-supported option for vulnerability management.
Key Features:
- Comprehensive scanning capabilities with regular updates.
- Open-source, customizable, and free to use.
- Detailed reporting and extensive plugin support.
Strengths:
- Cost-effective solution for organizations with budget constraints.
- Strong community support and flexibility due to its open-source nature.
Target Audience: Small to mid-sized organizations, educational institutions, and nonprofits looking for a cost-effective vulnerability management solution.
Intruder Systems faces competition from a variety of vendors, each with its unique strengths. Companies like Tenable, Qualys, and Rapid7 offer comprehensive vulnerability management solutions with a broader range of features, while specialized tools like Acunetix focus on specific areas like web application security.
OpenVAS provides an open-source alternative, making it a popular choice for budget-conscious organizations. Penetration testing tools are also often free and represent a good option for technicians who have cybersecurity training. However, the majority of systems managers will need the automation of vulnerability scanners, such as the Intruder platform.
Conclusion
Intruder Systems has successfully navigated the challenges of a competitive and rapidly evolving industry by continuously innovating and expanding its product suite in line with the advancements in network technologies. Through strategic enhancements like continuous monitoring, attack surface monitoring, and integrations, Intruder has maintained its relevance and effectiveness, helping businesses of all sizes manage and mitigate cybersecurity risks.