The Intruder Service
Overview
The Intruder Service (Essential, Pro or Premium) will consist of Intruder Systems Ltd ("Intruder") performing monthly security assessments of the customer's internet-facing infrastructure and applications, as well as internal systems.
Monthly Assessment (ALL PLANS)
The monthly assessment will cover all internet-facing systems in-scope and any internal systems that have an agent installed and a license to cover the scanning, as agreed between Intruder and the customer. The assessments will aim to identify weaknesses which may be used to breach the customer's network, or otherwise compromise the confidentiality, integrity, or availability of their systems or information. The assessment will be primarily delivered using the automated Intruder platform. However, where deemed necessary by Intruder, manual techniques may be deployed to offer the highest quality service possible.
Perspective (ALL PLANS)
For external systems, weaknesses will be identified from the perspective of an internet-based attacker, with publicly available access to the customer's systems.
For internal systems, weaknesses will be identified from the perspective of an attacker that has been able to bypass perimeter defences.
Reporting (ALL PLANS)
Intruder will report the security issues discovered through each monthly assessment, as well as any ad-hoc tests; and will provide advice for remediation.
Emerging Threat Notifications (PRO AND PREMIUM PLANS ONLY)
Emerging Threat Scans (ETS) will be triggered automatically when Intruder identifies a new vulnerability that could critically impact a customer's external systems. These scans will run against all active, licensed targets and cannot be initiated manually. Customers will receive notifications upon completion.
False Positive Reduction & Ad-hoc Testing (PREMIUM PLAN BOLT-ONS ONLY)
Intruder consultants will attempt to reduce false positives by investigating and confirming issues found during the monthly assessment. Where issues could potentially be more damaging than they appear in the assessment, these will be investigated. Outside the scheduled monthly assessments, the service will also include ad-hoc testing of any issues deemed by Intruder to merit special treatment, for example where vulnerabilities such as Heartbleed or Shellshock are disclosed, and exploitation is known to be happening in the wild. Notifications will also be issued for vulnerabilities that are identified as posing a direct threat to the customers' systems.
