Automation should only be used to assist a professional and not an a replacement for the skills that are needed to protect your data/infrastructure/person.

However I am repeating what has been said before, it is worth repeating.

2 days ago in OWASP Israel conference i came across a new Startup company that provide an online automated penetration service, (gamasec.com), they tailor their service to each customer. Combining services such as this PLUS a real manual penetration test twice a year by a skilled individual is the right approach.

P.S – pdp i agree with you, that’s a dark topic that no-one really wants to talk about, so i’m done here as well :)

Companies, often believe in what other companies do..that’s why often they copy mistakes from one to each other (way solution are implemented, equipments brands, software, OS..almost everything)…so unavoidable they believe in others companies testing software. Of course it’s only about scanning for some vulnerabilities…but companies risk a lot..very much. They think that covering with patches and updates will solve the problem.Nope. No way u can do it like this. Becoming a h4ker..knowing what can be done is the way..But of course..to use this valuable knowledge (’cause u won’t find “Hacking for Idiots” on every corner as being a good material, and it’s perfectly understandable) in a good manner, for protecting yourself and upgrade your security level.

In this case… definitly u need a h3ker to evaluate, or become one… :)

It think that it is really a matter of choice.

But good choice “analysis”, because often that we might admit, it relays (al least in some points) on…”scanners” Of course it relays on scanners, and more often is ..nmap. Why? Cause It’s the nearest tool to see what services are available in a public manner and which of them are not suppose to be.

As you mention…”combinations of tricks” is the key. Yes, it is! No scanner I know can do this (at the moment), but I don’t really find it impossible at all..scenarios can be scripted in templates and modulated as an AI…like in the games (I’m no gamer, ..just to mention).

So, getting back to “combination of tricks”, a h3ker mind can go much further that considering some port opened, or not, ..or a service available or not. It can do tests based on the vulnerabilities of that version..or missconfigurations. And this is a big +.

Of course hiring a h3ker is somehow ..not enough..he need the tools..just his AI is just not enough, and no one has that time to reinvent the wheel…to script new nmap (just an example) to scan a server.

Is a conclusion of my thoughts…I think scanners without AI is to few..and a good AI without the tools ..is big time consumption, effort and it came be easily a failure.