It sounds like a simple black and white question. Which is better for protecting your network systems: automated or manual testing? The answer is, however, more complex shade of grey. A synergy of both is actually the most effective way to identify breaches or gaps in a network so that proactive steps can be taken to combat cyber threats. To choose one approach and not the other would be to neglect the potential benefits of each tactic, leaving the system exposed and more susceptible to an attack.
While understanding the need for network security, many prefer to purchase security software that can be installed and ignored. The belief is that security tools will help keep cyber defenses up to date, identifying where gaps have appeared or where breaches have occurred. However, if anything is omitted from the scope of the automated test, if there are as yet unknown vulnerabilities or if the security posture is untested, it may not be effective.
Typically, automated testing is used to swiftly and systematically detect common vulnerabilities, uncovering defects via pattern-matching and monitoring of system response. If used correctly, with the exercise scoped in advance, it is possible to detect where a system is vulnerable. Where vulnerabilities are known, patches are usually put in place automatically through the tool.
In broad terms, however, automated scanning has been likened to knocking on hundreds of thousands of doors to determine which doors may be hiding a problem. Using the same analogy, manual testing is where the doors that have been identified by the automated test are then opened and someone actually goes inside to see what the exact nature and extent of the problem are. You cannot do one without first doing the other.
Manual security testing is time-consuming and difficult to scale, requiring the careful selection of tools to focus on particular vulnerabilities or suspicious patterns that deserve further investigation. But because it relies on the ingenuity and experience of the manual tester, rather than automation, it can also actually detect as yet unknown vulnerabilities.
During periods where business continuity is challenged, such as the Coronavirus outbreak, manual testing may not always be an option. During these periods automated scanning with vulnerability patching will at least provide a degree of security. Manual testing can, however, be conducted remotely in most circumstances and should still be a priority where possible.
Manual testing is, by its very nature, more expensive but to be resilient against the threat presented by proactive hackers, we must be equally proactive ourselves. If you do not have the skill set required, it is advisable to work with highly trained ethical manual penetration testers who have experience in managing and undertaking in-depth penetration testing exercises. These individuals use both automated tools and manual testing but there is a cost-benefit because you only spend on the tools you need, not the ones you don’t.
In addition, you will receive a detailed report with remediation advice to improve your network defenses. And consider the cost of manual penetration testing in the context of a breach and the damage it can cause, both to profitability and reputation. A regular schedule that uses a synergy of automated and manual testing will ensure your network defenses are robust, up-to-date and resilient.