GCP Vulnerability Scanning

Protect your systems with GCP vulnerability scanning 

Cloud platforms typically store large amounts of sensitive information, making them vulnerable to being hacked. Intruder’s GCP vulnerability scanning makes it easy to continuously find and fix vulnerabilities in your cloud infrastructure and minimize your attack surface.

Continuous vulnerability scanning and attack surface reduction
Automate the discovery and scanning of new cloud targets and optimize spend
Authenticated and unauthenticated scanning for web apps and APIs
Actionable results for effective prioritization

How does Intruder’s Google Cloud security scanner work?

As a Google Cloud Partner, Intruder seamlessly integrates with GCP by pulling in your external IP addresses and Cloud DNS hostnames for continuous vulnerability scanning.



Gain complete visibility into your Google Cloud infrastructure

 Intruder provides a unified view of all your external services, clearly showing you if they are exposed to the internet or not
 Emerging Threat Scans proactively check your systems for new vulnerabilities
 For premium customers, when your network scan picks up a new service it automatically kicks off a vulnerability scan



Save time and optimize spend with CloudBot

 CloudBot automatically adds any new external IP addresses or hostnames as Intruder targets
 Set filters to ensure only desired GCP targets are imported, making best use of your budget
 CloudBot enhances cross-team visibility, minimizing disruptions to DevOps teams



Streamline your vulnerability management processes

 Integrate with your existing processes and make teamwork easy
 Unlimited scheduled or ad hoc scanning
 Connect Intruder with Slack, Jira, Github and more



Reduce risk with comprehensive web application & API scanning

 Run scans on the authenticated and unauthenticated web apps and APIs hosted in your Google Cloud environment, for security inside and out
 Our Dynamic Application Security Testing (DAST) scanner uncovers known and unknown vulnerabilities in custom or off the shelf software
 Integrate Intruder with your CI/CD pipeline to automatically find weaknesses earlier in the development lifecycle



Gain greater context and prioritize with ease 

 Issues include explanations of why they could lead to a breach, making it easier to focus on the true risks to your Google Cloud environment
 Comprehensive reports to demonstrate security to stakeholders and customers
 Your dashboard provides a snapshot of your security posture in one place, highlighting threats, issues, cyber hygiene, general activity and more

What our customers say

Intruder's Cloudbot is a game changer for any organisation with a complex cloud environment. As a CISO, I have found the automated scanning and notification features invaluable. The cost-saving benefits are also significant, as we have eliminated unnecessary instances and optimised our cloud spend.

Chris Spencer (D.Sc)

Group Chief Information Officer for
Globalreach, Nomadix & interTouch

I really like how Intruder integrated with our internal company comms (ie Slack), this meant we stayed on top of the notifications it produced. Time is critical when it comes to security vulns so it’s helpful to have messages from Intruder next to our daily workflows.

Will Lewis

Senior Engineering Manager,
GoCardless

Not only does Intruder save me time and money, but it helps us close deals. Some customers are now requiring regular network scans in order to do business with SaaS companies. By utilizing Intruder we're able to meet client demand and ensure we're doing the right thing to keep our customer trust.

Justin Unton

Head of Information Security at Litmus

Auto-discovery, a very proactive set of scans against emerging threats and solid notifications. Intruder is a tool I can forget about unless I need to. Rock solid UX.

James Ramirez

CTO

Frequently asked questions

How do I connect my GCP account to Intruder?

You will need to enable some APIs using the GCP console. Once you are setup, you will be able to add your external IP addresses and hostnames from Cloud DNS. For the full steps, click here.

How does Intruder’s CloudBot work?

CloudBot automatically checks for new external IP addresses or hostnames in your GCP infrastructure and adds them as Intruder targets – so you don't have to. You can also enable these new targets to be scanned automatically as soon as they are added.

What underlying scanner does Intruder use?  

Intruder uses industry-leading scanning engines, each running thousands of thorough security checks. Read more about it in our help article.  

Do you offer Google Cloud penetration testing services?  

Yes, we do! As well as cloud vulnerability scanning, we have a team of certified security professionals who can perform continuous penetration testing of your Google Cloud systems, helping you identify critical issues faster. 

How do I know if I am choosing the right vulnerability scanner?  

Firstly, if the vulnerability scanner that you’re considering offers a free trial, we recommend scanning a known vulnerable system (e.g. testphp.vulnweb.com) to see the spectrum of results that the scanner comes back with and quality of the checks. Of course, there are other important areas to consider when choosing the right GCP security scanner, such as the scanner’s reporting capabilities and features. Learn more in our guide to vulnerability scanning.  