Is automated vulnerability testing enough?

Hemant Bansal | October 16, 2021

It wasn’t enough for Equifax. In today’s cybersecurity environment, you’ve got to think like a black hat hacker and protect your infrastructure from the techniques used not just the vulnerabilities themselves. The Apache CVE security advisory was released on March 6th, the exploit for the vulnerability 1 day later, and Equifax was penetrated on March 10th, 3 days later. Yes, retesting to ensure ALL systems were patched and ensuring scanners are working correctly would have helped, but it took until July 29th for Equifax to discover they had been hacked. Their processes and software definitely let them down.

Is automated vulnerability testing enough?

Posted on by admin

Why not have white hat hackers verify systems have been correctly patched and test for flaws manually?  Well, in a word, it can be expensive.  One new company, apptroops, is doing it very economically.  They automate where it makes sense, with bots that crawl for the latest vulnerabilities, exploits, and malware, but manually apply those hacks because that’s how a black hat hacker will do it.

Using manual hacking techniques they can test multiple vulnerabilities and malware together to see if by combining those hacks they can escalate the severity level of a vulnerability.

By using certified hackers from Asia testing is performed much more economically. apptroops has found previously unknown vulnerabilities in Google, Facebook, Microsoft, eBay, and Sony with their methods, and for a limited time, we will test your infrastructure for FREE, pay only if we find critical or high severity vulnerabilities.

Latest Updates

December 17, 2021

Run More Frequent Pen Tests Economically

Some flaws, such as CSRF (Cross-Site Request Forgery) and other business logic vulnerabilities, require a human to be in the loop to exploit and verify the vulnerability. Only Manual testing […]

Learn More

October 17, 2021

OK To Defer Low Severity Vulnerabilities?

Discovery of the chained vulnerability requires manual testing, static/dynamic vulnerability testing is not sufficient. We offer manual testing very economically with our certified ethical hackers, let us know if you’d […]

Learn More

October 17, 2021

Top US Travel Site Secured From IDOR Vulnerability Before Exploitation

Recently apptroops found one weak spot in the Top US Travel website where the attacker could see the personal information of all the users. Have you ever noticed a parameter […]

Learn More

October 17, 2021

Brief Introduction On Devsecops

DevOps vs DevSecOps DevOps is an edge approach that overcomes any barrier been development and operations. It involves better-coordinated effort between all the supporters that deal with programming. In simple […]

Learn More

October 17, 2021

General Data Protection Regulation (GDPR)

What does the GDPR do? The General Data Protection Regulation (GDPR) is the hardest security and security law on the planet. In spite of the fact that it was drafted […]

Learn More

October 16, 2021

Is automated vulnerability testing enough?

Why not have white hat hackers verify systems have been correctly patched and test for flaws manually?  Well, in a word, it can be expensive.  One new company, apptroops, is doing it […]

Learn More

Leave Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Contact Us

    Write us a message

  • Request our free 24-Hour penetration test
    and get vulnerability report.

    • Evaluate skills before any type of engagement with Apptroops.
    • Level-1 Testing with manual approach in addition to static/dynamic.
    • Get a clear picture of root findings with mitigations in the report.
    • 90% of the time we find unknown hidden critical/ high vulnerabilities.
    • 1

      Write us a message

      Successfully delivered over 100+ Projects Globally

      No, thank you. I do not want.
      100% secure your website.
      Powered by