The automated penetration test plays an important role in the security professional’s toolkit. As part of a comprehensive security program, these tools can quickly evaluate the security of systems, networks and applications against a wide variety of threats. Security pros should view them as a supplement, rather than a replacement, for traditional manual testing techniques.

What is automated penetration testing?

During a penetration test, security professionals conduct deliberate attacks on systems and applications to determine whether it is possible to gain unauthorized access. The goal of these tests is to assume the “hacker mindset” and probe for security vulnerabilities using the same tools and techniques employed by real attackers. Penetration testing is widely considered the best test of a system’s security, as it most closely approximates real world attacks. Conducting these tests properly requires time-consuming work by highly skilled individuals. Ideally, the engineers performing the tests have a level of skill equal to or exceeding the skill level of the likely attacker.

Read More: Getting Started with Automated Penetration Testing

Published November 3, 2014 on SearchSecurity.com