Topics
The field is empty

How Automated Pentesting Mimics Hacker Techniques

11 Dec 2018
Book your demo now >
Aviv Cohen CMO at Pentera
Back to top

Computer-room heroism or what I like to refer to as “Cyber Patriotism” is told in the compelling story of The Imitation Game.  Based on the book “The Enigma” by Andrew Hodges, the film tells the story of crafting the first computing machine to decipher the Nazi Enigma code. It is also the story of Alan Turing, the English computer scientist who formalized the concepts of algorithm and computation with his Turing machine and mathematical model of computation.

Today, the cybersecurity space is reliving this story. The bad guys seem to have the upper hand. The malicious hackers, organized crime hackers, nation-sponsored hackers, hacktivists, and wannabes are all after the corporate cyber vulnerabilities.

But if you take a wide angle view of the global cyber warfare picture, you will see a grave asymmetry parallel to The Imitation Game. In today’s cybersecurity world, there is asymmetry in favor of the computerized aggressor vs. the security defender drowning in manual labor.  While all cyber analysts will agree that cyber defense automation must be the next step, CISOs are struggling to achieve it.

For example, the most effective and accepted way of validating your entire array of cybersecurity defenses is penetration testing. This service often performed annually, is done manually. On the other end of the cyber frontier, hackers are using computerized power to launch attacks on every virtual “square inch” of the corporate IT attack surface 24/7. It’s a man vs. machine battle. We simply cannot win in the same way the UK team could not decipher the Enigma code within 24 hours, no matter how many people tried.

The solution can come only in the form of a machine, which can imitate a hacker using computer power to validate the corporate defenses, not just once a year, but 24/7. Making sure that your guard is consistently up and pointing to remediation required in small daily doses rather than once a year is key.

The solution to winning in cyber warfare requires a machine that advances it’s testing to keep pace with the new exploits and hacking methods. It is not based on dated “playbooks” of one’s town consulting firm who struggle to keep up their research and penetration testing tools.

The Imitation Game had a happy ending.  All we need to do is automate our cyber defense validation practices to have one too.

Penetration Testing is the New Turing Machine
How Can Automated Penetration Testing Make Your Company Safer? Watch the Webinar.
Subscribe to our newsletter

Find out for yourself.

Begin your journey in security validation and see why leading companies trust us with their cybersecurity validation.

Start with a demo
Related articles

How Attackers Can Achieve a DoS Attack in Microsoft Active Directory

In this blog, we explore how attackers can exploit a limitation in Active Directory (AD) Security Identifiers (SIDs) to lock users out of the domain w...

Continuous Security Validation Against AI-Driven Threats – A Field CISO’s Insights

Despite substantial investments in cybersecurity, breaches keep happening—especially as AI changes the game for attackers and defenders alike. AI-driv...

Why Proactive Cybersecurity Starts with Attack Surface Management (ASM)

The last couple of years will be remembered for many things in cybersecurity, but the MOVEit breach stands out as a painful lesson in what happens whe...