Intruder posts 81% enterprise ARR surge on AI, cloud push

Intruder reported an 81% rise in annual recurring revenue from its enterprise plan customers, as the security vendor pointed to faster expansion revenue and new product launches during 2025.

The London-based company said it saw "remarkable expansion" in midmarket and enterprise customer segments. It linked the shift to changes in its product offering, including updates to attack surface monitoring, attack surface discovery and cloud security.

Intruder said annual recurring revenue from enterprise plan customers grew 81%. The company attributed that to a 51% increase in new business and an approximately 250% increase in expansion revenue. Intruder described expansion revenue as customers widening their use of the product across their digital estates and new business units.

"Our 2025 momentum and growth reflects a market shift towards an intuitive and unified exposure management experience," said Chris Wallis, Founder and CEO, Intruder.

Wallis added: "Midmarket and small enterprise customers across industries are learning why software companies have loved Intruder for over a decade. Our intuitive user experience, noise reduction, always on monitoring and emerging threat scanning unified into one platform is a perfect answer for enterprises with rapidly scaling infrastructures but not the time and resources to stay on top of the resulting increased complexity and security risk," said Wallis.

Enterprise focus

Intruder positioned the enterprise security market as one where organisations still rely on multiple specialist tools. It said those tools often work well in isolation, but create limits when companies try to assess security posture across the whole organisation.

The company also highlighted operational pressures inside security teams. It said noise reduction and workflow simplification matter more as threats intensify and security resources remain flat.

Intruder said its platform gives organisations an enterprise-wide view and reduces complexity. The company said that approach helps teams focus on risks most likely to be exploited.

Customer wins

Intruder said customer growth came from consolidation. It said organisations replaced multiple point solutions with one platform. It linked that to new customer wins across sectors including insurance, pharmaceuticals, and grocery and food distribution.

The company listed several examples. They included a Canadian food distribution company with 30,000 employees and multi-billion revenue. The list also included a Japanese pharmaceutical company with $3.5Bn in revenue and 6,000 employees. Intruder also cited an American life insurance company and a global automobile manufacturer. It said the manufacturer rolled out Intruder across business units to centralise security visibility.

Intruder did not name the customers.

Product changes

Intruder said it released "major improvements" to attack surface monitoring during the year. It also expanded its cloud security services and introduced what it called an AI assistant. The company said it also provided free open-source tooling.

Intruder introduced Cloud Security Posture Management and an associated Cloud Plan. It said this resulted in the addition of over 300 new customers. The company said it saw appetite among customers to move away from platform-native cloud security solutions.

For cloud security posture management, Intruder said it launched Intruder Cloud Security for Amazon Web Services, Google Cloud Platform and Microsoft Azure. It said the product runs daily checks for misconfigurations across cloud environments.

AI assistant

Intruder also launched GregAI, which it described as an AI-powered security analyst. The company said GregAI has comprehensive visibility into users' security infrastructure.

Intruder said the visibility lets the tool deliver tailored insights and recommendations. It said those recommendations draw on current infrastructure, latest security scan results, external threat intelligence, and applicable compliance frameworks.

Alongside GregAI, Intruder announced an update to attack surface discovery. The company said it integrated with DomainTools and uses its DNSDB database. Intruder said the integration upgrades its Attack Surface Management offering and identifies customers' full attack surface.

Intruder also said it enhanced its integration with Jira. It said the work improves remediation workflows.

Open-source tooling

Intruder launched a free open-source tool called Autoswagger. The company said it scans OpenAPI-documented APIs for broken authorisation vulnerabilities. Intruder said Autoswagger automatically detects authorisation weaknesses in APIs and discovers sensitive endpoints that do not require authentication.

The company also pointed to external recognition. It said it won a CyberSecurity Breakthrough Award as "External Attack Surface Management Platform of the Year" in the 9th annual CyberSecurity Breakthrough Awards programme.

Intruder also said it was recognised as a Cloud Security Innovator in the 2025 Cloud Security Report by James Berthoty of Latio. Intruder said it was recognised as an ideal platform in the Continuous Threat Exposure Management category for hybrid cloud environments and midmarket organisations.

Intruder said it was founded in 2015 by Wallis and now protects over 3,000 companies worldwide.