Manual vs. Automatic Cybersecurity Testing: What's the


                                                    Difference?

                                  By Tamir Shriki, Customer Operations Manager, XM Cyber


            In the context of cybersecurity, if you want to protect something, you need the ability to test its defenses.
            It's the only way to maintain visibility into the true state of your security posture.

            The key question, however, is this: How does one get the best and most comprehensive test results?
            Poor testing may offer little more protection than no testing at all.

            For most organizations, it boils down to two choices: Manual tests and automated tests. The former are
            conducted by people, and the latter by machines. Both have their relative strengths, and both can work
            together to create a sum that is greater than its individual parts.

            How Manual and Automated Tests Differ

            Manual security tests often take the form of red team exercises or penetration tests. Let's take a closer
            look at these two concepts:

               ●  Penetration tests are designed to uncover any and all vulnerabilities and configuration issues
                   within a computer system. While a vulnerability test or assessment simply identifies security
                   gaps, penetration tests go a step further and exploit these newfound vulnerabilities to discover





            Cyber Defense eMagazine – September 2020 Edition                                                                                                                                                                                                         107
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.