Automated vulnerability scanning beats manual testing?

Research by NCC Group has indicated that automated vulnerability scanners are turning up mostly false positive results, but may still be preferred by organisations due to being cheaper than manual testing processes – a view that Ilia Kolochenko, CEO of High-Tech Bridge and chief architect of ImmuniWeb web security platform, shares but warns against:

” Today many cybersecurity companies backed by money-hungry VCs promote the concept of fully-autonomous machine learning suitable for any type of problem solving. However, machine learning has clear limits and is suitable for solving only some particular types of problems.
Automated vulnerability scanning is cheap, quick and scalable, but is still very far from being reliable, accurate and exhaustive. While human testing is long and expensive. It is great to see that NCC highlights this in their research, as customers need to clearly understand all of the pros and cons of the existing solutions.

In my opinion, the future belongs to a hybrid of machine and human, combining the strengths of each and eliminating weaknesses – a sort of “cyborgisation” of the industry. This is why we created an award-winning platform in ImmuniWeb that is actually a hybrid of human brain and machine.”

[su_box title=”About Ilia Kolochenko” style=”noise” box_color=”#336588″][short_info id=”60198″ desc=”true” all=”false”][/su_box]

Information Security Buzz