It’s all about Automated Tools is really a big myth in cyber security!!

How many times has your dinner table turned into debate table where you, your dad and your sibling are arguing between themselves about “whose profession is more challenging?”

I had an opportunity to yet again plea why Cyber Security is most challenging day-after-day

Here are few highlights from debate – to know

Round 1:

My Sibling – Cyber security is all about tools there is nothing much for pen testers to do; once tools are run and scanning is done (Interpret this coming in an annoying tone)

It’s all about Automated Tools is really a big myth in cyber security!!

My Defense: apple was just a tool that fell off on Sir Newton’s head – Gravity was not discovered by apple! Similarly Tool is just “scanning” it can never confirm whether what is reported is actually a security flaw or just failure of best practices.

Telling that something is a problem is neither security hunting nor solving.

Security breach includes understanding business context – scanning – analyzing – then exploiting a flaw which leads to plausible impact to a targeted (or not targeted) entity.

Ex 1: Getting an MRI is using tool – proper cure is doing accurate diagnosis which needs an experienced Neurosurgeon who as an eye to catch exact nerve in trouble.

Round 2:

My dad: but you have so much automation and tools for everything – despite of all that security flaws exists is really debatable!

Honestly I was stunned to get this from my dad – this only proves he is being actually listing to me all these years when I shared my stories on information breach or forensic frauds!

My Defense: True dad. But industry experts often live in a conception of security by building automation. Because with automation you are simply lowering your chances of human errors creating flaws those could be exploited by hacker. Meaning having super expensive firewall but not configuring it properly is of no good and nor does automated code review tools give 100% guarantee of secure code.

My sibling: Does that mean tools cannot find everything that you can?

My Defense: That’s the point, it’s not hacker versus something/someone – its machine versus human brain

Ex: In movie Chak-De (hope you all have seen, or heard of it) the last scene with winning penalty shootout the dialogue is:

English version:

“Her hockey stick is on the left side, she will take a shot on left side, but her foot is on right side so she will take shot at right – no left –no right – no left - Oh God she will shot in center”

In this case if your goalie was a tool, is it really capable of doing such real-time judgements or decisions?

There is only one possible way in which tools can be configured to defend your network or web applications; but a thinking brain (hackers) can change packet formations based on how the firewall or webpage on other-side are responding to him in-order to by-pass and break into it.

Whereas a White Hat Pen-tester does this same, proactively, as a prevention step.

Conclusion:

It is achievable but tough to create algorithms for these tools to block/defend fuzzing-bombs or packets-spoofs crafted by devious hacker!

P.S – all references or examples given above do not have any particular significance – they are mere topics picked for simple interpretation.