When should automated penetration testing be supplemented with manual pen testing?

Automated pen testing has become a very in-demand offering, but a full-service security firm must round it out with manual testing. In fact, most RFPs I've seen these days require some sort of manual effort; it's rare to find a client that can be wholly satisfied with a purely automated procedure without supplementing it with manual penetration testing.

Download this free guide

Could Securing Your Channel Business Be Easier? We Can Help.

Download our latest guide to the top strategies solution providers can leverage for starting up and securing a cloud practice, successful approaches to selling and marketing cloud, and why it is urgent for partners to transition now.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Automated scanners are built from a variety of code -- both open source and custom -- and are often focused on a specific vulnerability, so you'll need to employ several tools to cover a wide range of threats. Every automated procedure needs manual verification for false alarms, manual scanning for client-specific vulnerabilities, and you'll need to update your tools to detect new threats as they develop.

Due diligence requires you to employ every resource you can to protect your customer, and this means automatic and manual testing.