The original post: /r/cybersecurity by /u/Awkward-Relief-9475 on 2024-10-07 20:34:02.

Is claiming automated pentesting replaces humans dangerous?

It certainly doesn’t understand context and business logic in web apps and APIs.

It can find technical vulnerabilities and exploit but do you want an automatic system to do that against a production system unsupervised ?

Are folks opting for automated pentesting buying into a false sense of security?