Security that pays for itself: How Surveil used Intruder to improve their security posture

Our research found that businesses are only including, on average, 21% of internet-facing assets within the scope of their ongoing vulnerability management programs. The remaining 79% falls into a ‘visibility gap’, which presents risk: if you can’t see what you have - or what’s exposed and shouldn’t be - how can you protect it?

We spoke to Laurence Dale, CISO & Product Director (M365) at Surveil, to find out how Intruder helped close this gap, for both itself and its customers.

At a glance

Surveil used Intruder to solve this problem, gaining unparalleled attack surface insight by mapping a complete view of its cloud accounts, and discovering, scanning and reporting on vulnerabilities and exposed assets within those accounts.

Not only did this present an opportunity to improve security posture, but it also directly contributed to cloud computing cost savings by informing decisions to take unknown or forgotten cloud services offline.

Surveil’s use of Intruder, at a glance:

• Reduced the window of opportunity for attackers to find and exploit gaps in their attack surface, gaining “100% visibility” over their internet-facing assets.
• Passed the cloud optimization and usage benefits enabled by Intruder on to their own clients and partners, improving business outcomes for their customers.
• Achieved compliance through audit-ready reporting and Intruder’s automated Drata integration.

About Surveil

Surveil, an ITEXACT company, is a singularly focused global SaaS provider of high-performance cloud analytics and insights engine, fueled by AI, scalability, and speed, and secured to full ISO 27001 and SOC 2 standards. Since 2009, Surveil has enabled millions of users to harness the power of the cloud and supported some of the most complex cloud environments on the planet.

As such, they’ve cultivated an elite mix of passionate experts, best-in-class Azure and Microsoft365 solutions, and a tried-and-true collaborative managed approach – exactly what is needed to help businesses run the most efficient digital platforms. Surveil is headquartered in the UK with offices in the US, Canada, Mexico, South Africa, Japan, India, and Lithuania.  

Gaining complete attack surface visibility with Intruder

Surveil needed to gain visibility of its external attack surface, having previously grappled with questions including: what services are live? Which ports are open? What assets are exposed to the internet? How certain are we that we know about all of our assets, particularly those in the cloud? 

With Intruder, Surveil has achieved an intuitive, automated, and searchable view of its attack surface, including all open ports and services, and a way to discover and document all assets within its cloud environments. 

“With Intruder, I know that we’ve got 100% visibility over our attack surface.

It works really well for us, as we do something very similar for our clients in that we show them what’s on their Microsoft Azure and 365 environments. You can’t secure what you can’t see, right? That visibility benefit is a huge value proposition for us.”

Reducing risk and improving security posture

Intruder goes beyond the discovery of assets. With Intruder, in a single platform Surveil is able to seamlessly and continuously scan discovered assets for vulnerabilities or unnecessary exposures, and receive remediation recommendations to reduce the risk of a breach. This seamless and continuous process reduces Surveil’s exposure time relative to traditional point-in-time vulnerability scanning. Crucially, a reduction in exposure time means a reduction in the window of opportunity for attackers to be the first to find and exploit gaps in Surveil’s attack surface.

Additionally, Intruder’s integration with Azure enabled Surveil to effortlessly sync Intruder with its Azure environment, meaning Surveil could add all of its existing cloud assets to Intruder and then benefit from the continuous discovery of associated Azure assets.

“I know for a fact we’ve reduced our risk since using Intruder - because of the visibility it gives us over our attack surface…If I fire something up, and it ends up having a particular exposure, Intruder will tell us about it.”

Powering cloud asset optimization

Surveil provides real-world, financial value for its customers and partners by optimizing their cloud usage, and enabling them to control their cloud costs. Surveil leverages Intruder in pursuit of this mission by extending Intruder’s implementation across its client base so that Surveil can show its customers the services they have exposed to the internet. In many cases, these services have been forgotten and are no longer required for business operations. By providing this visibility through its use of Intruder, Surveil can support its customers in making informed decisions to take services offline and reduce the waste of cloud resources and costs. 

Getting set up, ease of use, and integrations

The asset discovery, risk reduction, and cloud cost optimization outcomes that Surveil has been able to achieve with Intruder are enhanced by the efficiency with which those outcomes are made possible.

“Intruder are great to work with. The tool was simple to set up, really easy for the team to use, and importantly for us, it’s really easy to integrate with our Microsoft Azure environment.”

Intruder’s integrations play a big role in increasing efficiency for Surveil. For example, Surveil made use of Intruder’s integration with compliance automation platform Drata so that it can automatically send vulnerability scanning reports to its Drata environment, without even a click of a button.

Gain visibility of your attack surface and cloud environments

If you’re an organization looking to...

• Discover assets across your attack surface
• Increase visibility over what’s exposed
• Protect yourself from vulnerabilities on assets across your attack surface
• Reduce your risk of being breached

...it’s time to get a free demo of Intruder. Improve your visibility and protect your organization from attackers.

Learn more about attack surface management with Intruder or book some time to chat with us.