.jpg)
Intruder has announced an integration with DomainTools, leveraging its extensive DNSDB database to significantly enhance its Attack Surface Management (ASM) platform's discovery capabilities. The enhancement aims to close critical visibility gaps by automatically detecting related subdomains and external assets, particularly those stemming from Shadow IT, that are not currently monitored within an organization's security program.
Intruder integrates DomainTools' DNSDB, the world's largest passive DNS database, into its platform.
The enhancement provides substantially broader attack surface discovery for Enterprise customers.
In a pilot of 60 customers, 100% saw an increase in detected related subdomains; 44% found over 10 new subdomains.
The integration automatically discovers unmonitored assets to combat threats from Shadow IT and misconfigurations.
It supplements Intruder's existing discovery methods (certificate transparency, active DNS) with passive DNS data.
The move is part of a "platformization" strategy to consolidate security functions and reduce manual processes.
This integration addresses a fundamental challenge in cybersecurity: unknown and unmonitored external assets. By incorporating DomainTools' passive DNS (pDNS) data, Intruder's ASM platform can now automatically enumerate related subdomains that exist outside an organization's known inventory. This is critical for identifying assets created through Shadow IT—systems developed and deployed without the knowledge or approval of central IT and security teams—which often remain exposed and vulnerable.
“Incorporating DomainTools data into Intruder’s offering is more than just a new advantage for our customers to secure their external perimeters with confidence but an important step in our company’s philosophy,” said Andy Hornegold, vice president of product at Intruder. “Building platforms that handle multiple relevant functions and equip teams to quickly close their vulnerability gaps is far more effective than manual processes or integrations between disparate point solutions."
The effectiveness of the enhanced discovery is demonstrated by pilot program results. In an initial group of 60 Intruder customers, every participant saw an increase in the number of related subdomains detected. Notably, 44% discovered more than 10 additional subdomains, and 23% found more than 50. For the largest organizations analyzed, the integration enumerated hundreds of thousands to over a million related subdomains, revealing the vast scale of the modern enterprise attack surface that often remains invisible to defenders.
Shadow IT systems, while created for operational convenience, pose significant security risks as they are typically not hardened, patched, or monitored. However, to be accessible, these systems require associated subdomains. By leveraging DNSDB to discover these subdomains, Intruder enables security teams to bring previously hidden assets into their exposure management program. Once discovered, these assets can be scanned for vulnerabilities, allowing defenders to identify and remediate weaknesses before they are exploited by attackers.
The integration of DomainTools' intelligence directly into the Intruder platform represents a strategic move to provide consolidated, automated discovery of an organization's full digital footprint, empowering security teams to proactively manage risk from both known and previously unknown external assets.
About DomainTools
DomainTools is the global leader for Internet intelligence and the first place security practitioners go when they need to know. The world’s most advanced security teams use our solutions to identify external risks, investigate threats, and proactively protect their organizations in a constantly evolving threat landscape.
About Intruder
Intruder’s exposure management platform helps lean security teams stop breaches before they start by proactively discovering attack surface weaknesses. By unifying attack surface management, cloud security and continuous vulnerability management in one intuitive platform, Intruder makes it easy to stay secure by cutting through the noise and complexity. Founded in 2015 by Chris Wallis, a former ethical hacker turned corporate blue teamer, Intruder is now protecting over 3,000 companies worldwide.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.