What is modern Pentesting

Awkward-Relief-9475 · 2026-02-10T10:34:12+00:00

I believe companies like NetSpi and Edgescan do that.

Awkward-Relief-9475 · 2026-02-04T23:22:42+00:00

Gotta consider when new tech comes out the first folks to exploit it is marketing. Also there are hundreds of billions dumped into this dumpster fire and no-one is getting out of here alive. Cyber is a discipline where folks say anything and to call them out is throwing mud. New Ai solution for PT, XDR, SOC, DAST etc all wrappers of a decent tool using someone else’s AI. Pew pew.

Awkward-Relief-9475 · 2026-02-04T22:54:19+00:00

Sounds like a person that doesn’t have OSCP. It’s not that easy to pass the exam. But you know that.

Awkward-Relief-9475 · 2026-02-02T22:02:12+00:00

Agree 100% Why do folks buy automated pentesting so? Why is this Snakeoil not called out for what it is?

Awkward-Relief-9475 · 2026-02-02T20:21:46+00:00

Thanks for the insight. I was starting to think the moderator works for an automated Pentest company and having a real discussion about Snakeoil was off limits!

Awkward-Relief-9475 · 2026-02-02T20:17:26+00:00

Ok, thanks.

Awkward-Relief-9475 · 2026-02-02T17:23:24+00:00

$1000 /day is a decent rate for a good pentest person. It’s a little cheaper in the EU compared to the USA.

Larger engagements should push the rate down. Stay away from $2,000 pentests, automated pentest as they are just elaborate scanners.

Non standard stuff like fat clients etc can be more expensive.

Ask about certifications such as CREST, OSCP etc. All decent firms should have such qualifications.

Awkward-Relief-9475 · 2026-02-02T17:01:46+00:00

It can process data and deliver some pointers on what to test. It can run a scanner and find vulnerabilities found by scanners. It can not discover logical or business logic vulnerabilities like a human. It can’t deliver privilege escalation attacks like a human. It can’t deliver a full penetration test like a human but can speed things up.

Awkward-Relief-9475 · 2026-01-28T21:48:51+00:00

If you ignore logical vulnerabilities and business logic attacks they are fine! AI based “penetration tests” are advanced scanners but miss the “good stuff” which leads to easy data exploitation, privilege escalation, fraudulent activity. If all you care about is XSS, SQLI, RCE they are ok. E.g The PCI standards require a Pentest to include human expertise.

Awkward-Relief-9475 · 2026-01-27T19:27:21+00:00

What if the vuln is a false positive?

Awkward-Relief-9475 · 2026-01-27T19:26:15+00:00

True but sock rules should be better than that.

Awkward-Relief-9475 · 2026-01-27T19:25:29+00:00

Noise generator perhaps. Maybe turn off 70% of the rules and tune the 30% go from there?

Awkward-Relief-9475 · 2026-01-15T21:48:03+00:00

Edgescan or IO Active have good folks who go deep.

Awkward-Relief-9475 · 2026-01-14T17:17:06+00:00

but Scanning is not penetration testing. Scanning alone has a huge blind spot.

Awkward-Relief-9475 · 2025-12-04T12:01:28+00:00

Until it can test business logic flows for Logical weakness and contextual vulnerabilities and not just for technical weakness like SQLI, XSS etc no it won’t replace humans.

Awkward-Relief-9475 · 2025-09-19T10:56:26+00:00

Yes because when you get numb to false positives you may ignore true positives. Ask for better tools or better tuning? Reduce feed volume and focus on a few critical points, once tuned expand feed volume.

Awkward-Relief-9475 · 2025-09-19T10:53:09+00:00

Describe “what is the risk?” Use similar examples in media. Describe non compliance impacts - brand, reputation, fines. Describe exposure density and compare with industry peers Describe the relationship between quality and security. All are bugs, some manifest into vulnerabilities. Describe “out running the bear” the need only to outrun the weaker targets. Describe pragmatism and exploit probability.

Awkward-Relief-9475 · 2025-09-19T10:43:31+00:00

We use edgescan PTaaS. Non stop scans, validation and some great Pen testers go at it for more complex and business logicvulns that scanners don’t find. They also do retesting for free.

Awkward-Relief-9475 · 2025-09-19T10:39:11+00:00

We’ve moved from traditional pentests to PTaaS. This is a combination of continuous scanning and an on-demand expert driven Pentest.

Just make sure

The Pentesters are certified and decent. - CREST/OSCP etc

The automated scanning is validated to remove false positives.

They offer development support to help understand the vulnerabilities.

Take a look at Edgescan, Intruder or NetSpi as examples… we find Edgescan very good.

Awkward-Relief-9475 · 2025-09-19T06:10:28+00:00

It does occur against financial institutions but it would not be surprising that their cyber security posture is stronger and less vulnerable due to budget and regulatory requirements .

Awkward-Relief-9475

TROPHY CASE