Cybersecurity automation has increased dramatically in the past few years, but penetration testing has remained stubbornly immune. While crowdsourced security evolved as an alternative to pen testing in the past 10 years, it's not based on automation but simply throwing more humans at a problem (and, in the process, creating its own set of weaknesses). Recently though, automated pen-testing tools have advanced to a point where they are usable under certain conditions. This begs the question: Can these tools replace human pen testers?
I've spent a great deal of the past year testing these tools and comparing them in like-for-like tests against human pen testers, but the caveat is that these automation tools are improving at a phenomenal rate, so this analysis may already be out of date before you read it.
How Automated Pen Testers Work These tools "deliver" a pen test by using either an agent or a virtual machine (VM) that simulates the pen tester's laptop and/or attack proxy plugging into your network. The pen testing bot then performs reconnaissance on its environment by doing identical scans as a human would do — running a vulnerability scan with a preferred tool or just a ports-and-services sweep with Nmap or Masscan. Once the automated tools have established where they sit within the environment, they will filter through what they've found. This is where the similarities to vulnerability scanners end.
Vulnerability scanners simply list a series of vulnerabilities and potential vulnerabilities they find — with no context about their exploitability. They simply regurgitate Common Vulnerabilities and Exposures (CVE) references and Common Vuln ..
Support the originator by clicking the read the rest link below.
