Intruder has the cleanest SMB UX in the category — and we respect it. But it gates internal authenticated scanning to its $499/mo Pro tier, has no container or SBOM scanning, and its compliance-evidence mapping is thin. Perimeter ships the full triad and native control mapping starting at $0.
| Capability | Perimeter | Intruder.io |
|---|---|---|
| External attack-surface management | Yes | Yes |
| Internal authenticated scanning | Free tier (Lookout agent) | Gated to $499 Pro |
| Container image scanning | Yes (Trivy) | No |
| SBOM / dependency CVE scanning | Yes (Trivy) | No |
| IaC misconfiguration scanning | Yes (Trivy) | No |
| EPSS + CISA KEV prioritization | Free | Yes |
| Subdomain-takeover detection | Yes | Yes |
| Emerging-threat / rapid-response runs | Yes (free tier) | Yes |
| Native compliance-control mapping | PCI/HIPAA/SOC2/ISO/CMMC | Thin |
| Cross-product evidence graph | Sightline + Bastion + Ward | No (single product) |
| No scanner-appliance fee | Runs on Lookout agent | SaaS |
| Starting price | $0 | $149/mo |
Intruder pricing and feature gating per intruder.io/pricing at time of writing. We update comparisons as vendors change.
If you only need clean external scanning and never want to deploy an agent, Intruder's onboarding is excellent. Perimeter's edge shows up the moment you need internal authenticated scans, container/SBOM coverage, or you have a compliance auditor asking for control-level evidence — that's where the $499 gate and the missing scan types bite.