BreachLock CEO Article Forbes Article

BreachLock’s Founder & CEO, Seemant Sehgal, is a member of the Forbes Technology Council and published a council post in Forbes, “Can Automated Pentesting Fix Cybersecurity’s Human Capital Issue?”

Like Sehgal mentioned in the article, the ability to fully replace human capital with automated pentesting is a relatively controversial topic, given that the cybersecurity workforce gap has grown significantly in recent years, leaving hundreds of thousands of unfilled cybersecurity positions in the job market. The question is, can 100% automated penetration testing ever equate to the skill and creativity that human penetration testers bring to the table? Can AI and automation emulate a true hacker’s perspective?

While AI and automation have come a long way over the last decade in contributing to the fight against cyber adversaries, Sehgal takes a unique stance on the topic. He emphasizes that the key to overcoming the human capital shortage in the cybersecurity industry is to enable human cybersecurity professionals with AI and automation to scale their skills and creativity without facing the cons that 100% manual pentesting brings.

Some of the cons of 100% manual pentesting that Sehgal mentions in Forbes are:

• Slow turnaround time
• Lack of standardization due to its entirely human-dependent nature
• Higher Cost
• Limited scalability

Sehgal goes on to mention some of the pros of manual components of penetration testing in the article, which include:

• The ability to test all levels of a network’s data security
• The ability to pivot simulated attack methodology to emulate a real cyberattack
• A detailed, in-depth approach and review of each vulnerability; and
• The capability to eliminate false positives by putting a technical expert pentester behind the screen

Although manual penetration testing has its cons, there are still benefits to it, which is why Sehgal doesn’t agree with completely removing human pentesters from the equation when it comes to pentesting. He highlights that Penetration Testing as a Service (PTaaS) that combines both human and technological elements in its methodology is the way to go, considering the growing threat landscape.

Automated penetration testing tends to be low-cost and fast, but results tend to be overpopulated with false positives to sift through, it does not simulate a real cyber attack and lacks the ability to test for complex vulnerabilities. When manual penetration testing and automated penetration testing are combined into one exercise, the cons of each methodology no longer exist, and organizations benefit from each of their strengths.

You can read the full article in Forbes here.

Accelerate Pentesting with BreachLock’s PTaaS

BreachLock prioritizes our customers’ needs and provides innovative pentesting services to help clients find and fix their next cyber breaches before they happen. Our approach, which combines human expertise and AI, speeds up the pentesting and remediation processes by 50% and reduces overall costs by 50%. We’re helping over 700 organizations meet compliance and certification requirements, such as ISO 27001 and SOC 2, pass vendor assessments, and improve their cyber resilience with our detailed, actionable, and easy-to-prioritize results and support. If you want to achieve your security goals fast with a hybrid approach to pentesting, contact us today.